With the headlines these days filled with news of data breaches – Target, Neiman Marcus, Michaels, to name a few – cyber security is now top of mind among Americans. We know that today every business faces cyber risk, but just how are U.S. business performing against this risk?
The new BitSight Insights report answers this question by examining the cyber health of the companies in the S&P 500 Index. Specifically, BitSight examined two classes of externally observable security data – configuration and security events – to understand the security performance of these companies.
Configuration information represents a measure of how diligent a company is in mitigating risk. Proper configuration and timely patches and updates are good practices to prevent security breaches. On the other hand, security events observed by BitSight represent evidence of successful cyber attacks.
The result of BitSight’s analysis is quite startling. In spite of the fact that the S&P 500 Index rose nearly 30% in 2013, the companies that make up the index are underperforming on cyber security. During 2013, 82% of the companies included in our analysis suffered from a security compromise.
Get the full report to learn more how our nations largest companies performed in 2013 across various cyber security risk vectors and what actions they can take now to improve the nation’s cyber health.