You are here
SBIR Phase I:Enterprise Cyber Security Scoring
Phone: (978) 821-4273
Phone: (978) 821-4273
This Small Business Innovation Research (SBIR) Phase I project addresses the challenges of risk management between businesses engaged in cyber-related business relationships. When businesses establish network or other cyber-related connections, they are sometimes poorly informed about the potential risk that they assume. Businesses typically rely on costly and time consuming cyber security audits to inform them about the potential cyber and ensuing business risk of the relationship. The solutions that exist today are inefficient and have yet to properly address the industry's need for a reliable and inexpensive means of assessing the cyber security risk incurred through a particular business relationship. CyberAnalytix's objective is to produce a cyber security score. Businesses would use the cyber security score to inform cyber related business decisions such as outsourcing, vendor IT relationships, and compliance. The Phase I research objective is to develop a scoring methodology that is credible, predictive, scalable and principally automatable. CyberAnalytix anticipates developing the scoring methodology as well as testing the methodology on a small set of business entities to evaluate whether the methodology and resulting score meet the prescribed objective characteristics.
Historically credit scoring has been a cost- and time-saving technology that has provided tremendous value to lenders and borrowers alike by helping to reduce cost, predict future loan performance, and to improve credit accessibility and affordability. Unlike credit scoring, no industry standard scoring service exists to rate business with respect to their cyber security risk. There is an opportunity to address a costly and inefficient industry pain point and have a broad economic impact. The need for cost effective, high-quality, and reliable business cyber security scoring will continue to increase as more services are network enabled, outsourced, or accessed through the network "cloud." If this effort were to succeed, businesses would reap the same time and cost savings that lenders do from credit scoring services from credit bureaus. The scoring methodology will enable businesses to make better, more informed, data-driven decisions about business risk in the cyber security and broader business context.
* Information listed above is at the time of submission. *