See Who’s Doing The Best And Who Needs to Improve Their Cybersecurity
The internet is a fundamental part of all organizations. Having an internet infrastructure safe from successful cyber events is impossible because technology and hackers evolve daily. At Cybeta®, we believe that measuring the risk of operating on the internet is possible. We use the internet-facing technology infrastructure to create “Threat Beta®,” a measure of the relative risk for a company operating on the internet. Threat Beta starts from 0 (or no risk), averages 1.0, and can range over 2.0. Threat Beta has been statistically validated against successful cyber events using 5+ years of data for ~ 21,000 public and private firms. We have shown that firms with higher Threat Betas experience statistically significantly higher breach rates. How does that impact you? A cybersecurity breach could compromise your data, so let us see who is doing a good job.
Which Companies Have The Highest Threat Betas?
Alphabet, The Walt Disney Company, and Procter & Gamble have the highest Threat Betas. The potential for a data breach over the next six months is over 10%.
How Do Companies Become Targets of Cybersecurity Breaches?
Many of the 100 largest market cap companies are technology, packaged goods, and pharmaceutical. Technology companies such as Alphabet (Google), Facebook, Oracle, and Adobe all show higher Threat Betas because they are so large. They also leverage technology as a core business function. Packaged Goods companies are different because they have large international operations. Proctor and Gamble, Pepsico, and Nike fall into the high Threat Beta category. Their operations’ geographic diversity, reliance on 3rd party suppliers, and customer-facing products provide opportunities for data breaches. Of course, there is healthcare. Pharmaceutical companies like Johnson & Johnson, Pfizer, and Merck are targets for their rich consumer data. Other types of companies on our list share similarities. They have large operational infrastructures that span the globe. Those companies use the internet to operate and compete globally. For all these companies staying up to date on the internet, technology is critical to managing risk.”
Who has the lowest Threat Betas?
Danaher Corporation, Philip Morris, and Texas Instruments have the lowest Threat Betas. Their breach potential is less than 0.50% over the next six months.
How Do Companies Avoid Being Targets of Cybersecurity Breaches?
Avoiding breaches is more difficult. Our list of lower Threat Beta companies shares many of the underlying characteristics of high Threat Beta companies. The difference is they manage their risks by using better technologies and having proactive policies on internet-facing technologies. The benefit of those policies results in lower breach risk because hackers see fewer viable targets. The targets they can find have fewer known vulnerabilities, and those vulnerabilities are harder to exploit. The net effect is hackers look elsewhere.
Which companies are making the biggest cybersecurity improvements?
In our analysis, Alphabet made the most progress toward lowering its cybersecurity risks. After a series of breaches, Alphabet apparently decided to invest in better cybersecurity prevention; unfortunately, they are still the riskiest company on our list.
Who’s losing ground?
NVIDIA lost the most ground, but also from a very strong base. As NVIDIA’s business shifts in a different direction, the cybersecurity risks increased. Even though their risks increased, they are still less risky than the average company and much lower than the average for this list.
With over 21,000 companies in the database, Cybeta can provide a Threat Beta for your business. Reach out to us at firstname.lastname@example.org to get your free cybersecurity risk rating.
Disclaimer: Please note that this data was from 2017. It does not reflect their most recent Cybersecurity Threat risk.
About Cybeta: Cybeta created cybersecurity predictive breach ratings that mirror stock beta’s functionality to inform asset managers and large supply chains of their cybersecurity risks. This patent-pending, AI-driven algorithm produces a dataset covering any public, private, or municipality in the world. The dataset includes two main data outputs: Threat Beta and Threat Alpha.
Threat Beta, modeled after a stock’s beta, is a measure of cybersecurity risk given externally facing technology. Very high Threat Betas are associated with an over 6x higher likelihood of a breach over six months than a very low Threat Beta. Threat Beta derives from several underlying components that measure the threat surface, weighted vulnerabilities, and attack likelihood, which is also available in this dataset.
Threat Alpha® is a combination of Threat Beta (a measure of breach risk), specific company characteristics, geographic breakdown, and industry factors. Threat Alpha’s output includes financial losses by cyber attack type. Threat Beta is useful for measuring the potential size of insurance claims due to a breach, the financial impact of breaches on a company’s stock earnings/stock price, investment portfolio risk, and ROI for companies with cybersecurity budgets.