SecurityScorecard announced that v3.0 scoring will be available in April 2024. Version 3.0 of the Scoring Algorithm is an updated methodology with a scoring relationship based on the probability of a cybersecurity breach.
The company made this scoring feature available to users as a preview in September 2023, allowing users to prepare before this change. Thus, in this period until April 2024, users will be able to evaluate the differences between the current scoring and the scoring v3.0 version.
The new scoring method includes many important changes.
|Probability of violation event based on current rating
|Possibility of breach incident in version 3.0
When switching to scoring v3.0, scores may change significantly depending on security findings on Scorecard. Therefore, it is important to evaluate security findings according to their priority by using the preview feature before April 2024. For this, the following steps are followed.
Why did SecurityScorecard change its scoring method?
First of all, changing the scoring method provides a significant improvement in predicting cyber security breach. Additionally, the new scoring method is more understandable to users. In the changing and developing dynamics of cyber security, using methods that reflect current situations is very important in managing cyber security risks.
How often does the scoring method change?
It changes every three or four years.
How will Scoring v3.0 affect historical score data?
The historical score page will include scoring v3.0 data after the scoring v3.0 version transition. It will not affect the score data for the current situation.
What is the scanning frequency in Scoring v3.0?
The scanning frequency is the same as the current version. Scanning frequency varies depending on the type of security finding. Generally, weekly scans are performed.
Which of the two scores on the platform (Current and v3.0 Version) should be taken into consideration?
Elimination of security findings increases the total score for both methods. However, the impact of security findings on the total scoring varies depending on their severity.
Will resolving security findings on the scorecard improve both scores (Current and v3.0 Release)?
If the security findings on the scorecard are resolved, both scores appear to increase. However, the increase in scores may not be the same depending on the impact of the safety findings.
If you would like to manage the cyber security risks of your institution and the third parties that provide products and services to your institution, we kindly ask you to fill out our form to get information about the TRiM service we can offer.