Governance & Risk Management , Next-Generation Technologies & Secure Development
Rating the Security Performance of the Fortune 1000
BitSight's Jay Jacobs on What Can Be Learned from Common VulnerabilitiesBitSight Technologies has just concluded a new study that rates the cybersecurity performance of Fortune 1000 enterprises. What are the key takeaways? Data Scientist Jay Jacobs shares his analysis.
One significant point: Despite the rash of high-profile breaches and the reality that organizations are dedicating significant resources to cybersecurity, BitSight really is not seeing a decrease in the number of reported incidents.
"We are actually seeing more of the Fortune 1000 companies decline in performance," says Jacobs, senior data scientist at the cybersecurity ratings firm. "We're seeing just over 100 of [these companies} having a moderate or higher decrease in their [cybersecurity] rating, where only about 50 had an increase."
In an interview about this new study, Jacobs discusses:
- The high rate of breaches reported by large enterprises;
- Common security vulnerabilities;
- Key takeaways for organizations of all sizes and sectors.
Jacobs is the senior data scientist at BitSight. Previously, he was the lead data analyst on the Verizon Data Breach Investigation Report. Jacobs is the co-author of "Data Driven Security," a book covering data analysis and visualizations for information security, and hosts the Data-Driven Security podcast. He is also a co-founder of the Society of Information Risk Analysts and currently serves on its board of directors.