March 28, 2018 • Joseph (Joe) Kucic
In today’s ever-evolving cybersecurity landscape, organizations cannot afford to rely on stale security strategies and wait for threats to hit them. The Verizon Risk Report (VRR) is a method for organizations to quantify risk using real-time data and intelligence from Recorded Future. Combining extensive data on cybercriminal activity from Verizon’s Data Breach Investigations Report (DBIR) with specialized data sources from technology providers, this new security assessment creates a comprehensive security risk scoring framework that can identify current security gaps and weaknesses.
By using a multi-tiered approach, companies can assess and mitigate weaknesses from multiple viewpoints, including:
Threat intelligence from the VRR is sourced daily from multiple data security sources, and this service includes an overall security posture score coupled with specific view score. The overall security posture (hygiene) has a complementary threat-level score that addresses environmental situations outside of the hygiene. Based on the level of information that exists within the VRR, at any given time, there is a confidence level assigned for the security posture and threat level scores.
This three-tiered approach helps to prioritize and direct resources to the greatest areas of need while providing executives and board-level members a measurable view of their overall risk while assisting leaders with risk management, budget priorities, investment measurements, and benchmarking business units.
According to Alex Schlager, executive director, security services, for global products and solutions at Verizon, “With VRR, Verizon is changing not only how security solutions are used, but more importantly, how customers can develop their security strategies.”
We are pleased to collaborate with Recorded Future on this important initiative. Blending Recorded Future threat intelligence data and Verizon’s security expertise into a unified process is groundbreaking and will empower teams to make data-driven security decisions and better understand current and future threats to their organizations.