New index allows companies to measure their cybersecurity capabilities
Cyberattacks are increasingly a feature of everyday life, yet many companies remain unaware of their teams' true readiness to defend against them.
Cyber defense specialist RangeForce is launching a new Defense Readiness Index (DRI), a pioneering scoring system which gauges an organization's readiness to effectively respond to the cyberattacks it is likely to face.
Integrated into RangeForce’s Threat Centric platform, it lets businesses pinpoint specific weaknesses in their team's cyber capabilities, and enables them to quickly assess any skills gaps and implement strategic recommendations to plug those gaps. It also informs senior management with objective metrics, providing visibility into the strength of their cybersecurity teams.
In addition DRI maps directly to both the MITRE ATT&CK and D3FEND frameworks, so organizations can accurately measure team sophistication when responding to real-world threats. It also draws on collaborative work with the US Department of Defense and NATO.
"NATO runs the largest international cybersecurity exercises in the world, and defends against nation-state level attacks," says Taavi Must, co-founder and CEO of RangeForce. "But we found -- when it came to defense -- even their teams needed to practice using real tools, in real-time, under stressful conditions. So we developed customized training to provide visibility into skills gaps, and to identify areas for improvement. Then we focused on scaling our platform, extending the same benefits to everyone with the launch of RangeForce. And with the launch of our enhanced Threat Centric platform, we're taking the next major leap forward."
DRI ranks organizations on a scale of one to five, each with its own set of controls and practices to provide visibility into where cyber-defense teams stand in terms of competency against cyberattacks. It also provides insight into a team's mix of demonstrated skills, their capabilities to detect and disrupt threats, their ability to collaborate on investigations, where skill gaps exist, the associated costs, and more.
It also provides a roadmap so that companies can focus on the skills needed to move up to the next level, or to remain at the same level as the threat landscape evolves. Additionally, it enhances assessment and reporting mechanisms -- allowing organizations to see the progress their teams are making -- and provides data to inform senior management about the strength of their security teams.
You can read more on the RangeForce blog.