RH-ISAC recently partnered with Associate Member SecurityScorecard to produce a report that details the most common vulnerabilities, critical severity issues, and malware strains observed among RH-ISAC member companies.
SecurityScorecard is the global leader in cybersecurity ratings, which are used for self-monitoring, third-party risk management, board reporting, and cyber insurance underwriting. SecurityScorecard provides companies with an A-F letter grade for ten common risk factors such as network security, patching cadence, and endpoint security. An outside assessment of an organization’s security posture helps them to understand what vulnerabilities to prioritize and how to take preventative action.
For this report, SecurityScorecard evaluated 159 RH-ISAC member organizations to produce an average letter grade score for the community, as well as scores for the ten security factors used in their assessments. The report concluded that while, on average, RH-ISAC members scored well in some areas such as social engineering and hacker chatter, other areas such as application security and DNS health left room for improvement.
The report also identifies the most common vulnerabilities from the NIST National Vulnerability Database that are impacting the RH-ISAC community, provides the severity of these vulnerabilities, and the recommended mitigations, so that members can ensure their systems have been updated.
Access to this report, and other trend reports such as the Annual CISO Benchmark Report, are a benefit of RH-ISAC membership. They allow members to benchmark themselves against their peers and identify focus areas for potential improvement. To learn more about becoming an RH-ISAC member, visit the RH-ISAC website.
Another benefit of membership is access to exclusive discounts and services from Associate Members such as SecurityScorecard. RH-ISAC members can get free access to SecurityScorecard’s Enterprise Cybersecurity Ratings platform as well as up to five third parties. Contact SecurityScorecard for more information.