Learn more about the Cyber Risk Index algorithm update on January 29, 2024.
Version 2.0 of the Cyber Risk Index algorithm provides a comprehensive overview of
your organization's risk landscape by significantly expanding the foundation and extent
of risk calculation. While earlier versions of the algorithm relied on the risk scores
of sampled assets, the updated version calculates the index using the risk scores
and levels of all events. By incorporating the risk scores and levels of every risk
event within your organization, the updated algorithm has broader scope and a more
direct influence on risk events.
When you remediate a risk event, the Cyber Risk Index decreases by an amount equivalent
to the event's impact score. The Cyber Risk Index can be improved significantly even
if you only remediate some high-impact instances of a risk event. This relationship
between the Cyber Risk Index and risk events creates a positive feedback loop for
your organization's risk mitigation efforts. Remediation actions consistently lower
the Cyber Risk Index, boosting the effectiveness and efficiency of your security operations,
which, in turn, helps your organization proactively address threats and maintain a
robust security posture.