Cyratring: Sweden, the United Kingdom and France run the cybersecurity show
January 2018 by Marc Jacob
On the occasion of the 10th edition of the FIC in Lille, CYRATING, the first cybersecurity rating agency in Europe unveils the results of its study carried out with the 600 most important European companies by stock market capitalisation. The detailed results will be made available from the 23 January 2018 on the CYRATING website.
Cybersecurity is now a major strategic challenge for company governance and their board of directors. Managing the cybersecurity risks remains a huge challenge for the leaders who have few metrics and comparable at their disposal.
CYRATING has thus realised a study involving the 600 most important European stock market capitalisations so as to evaluate their cybersecurity performance, that is to say their effective implementation of the cybersecurity best practices accepted by the industry. The performance of a company is expressed in terms of a rating fluctuating between 0 and 100.
This benchmark has highlighted disparities amongst countries and by activity sectors:
• Sweden, the United Kingdom and France are respectively the countries with the companies who scored highest in cybersecurity;
• Companies within the natural resources, food and beverage, financial services, chemicals and healthcare sectors are the best performing in cybersecurity.
• The highest rating achieved by a company is 88; the average rating is 70.4 and the median rating 71.6.
• 2% of companies achieve operational excellency when it comes to protecting their electronic mail boxes;
• 18% of companies protect their domain name efficiently;
• 10% of companies analysed host malwares, communicate with botnets networks or have suffered to data breaches. These ratings are easily comprehensible by all (executive committee, CIO and CISO). The company or public body leaders can thus compare their organisation’s performance with that of the highest ranking, and identify the best practices to be implemented so as to improve the efficiency of their cybersecurity.
Concerning the electronic mail and the domain names, CYRATING advocates a return to the fundamentals of cybersecurity, such as for example the establishment of SPF (Sender Policy Framework) which is a system of validation of electronic mail designed to limit e-mail usurpation, or the DNSSEC (Domain Name System Security Extensions) to protect brands. These «cyber hygiene measures» can be, most of the time, deployed with minimal effort.
• CYRATING has analysed the 600 largest European capitalisations established in 17 countries (Austria, Belgium, Czech Republic, Denmark, Finland, France, Germany, Ireland, Italy, Luxemburg, Netherlands, Norway, Portugal, Spain, Sweden, Switzerland and United Kingdom) and identifiable within 19 activity sectors.
• These companies have been assessed and compared according to the same notation criteria representative of the cybersecurity of an organisation.
• A rating ranging from 0 to 100 was attributed to each company analysed.