Views:

Learn more about updates and improvements to the Cyber Risk Index algorithm to be implemented on May 5, 2025.

Version 3.0 of the Cyber Risk Index algorithm expands your organization's ability to clearly visualize cyber risk and efficiently prioritize mitigation and remediation efforts using refined risk score calculations, more precise risk identification, and a broader risk scope. The updated Cyber Risk Index algorithm incorporates the following enhancements:
New risk factor
  • The new Predictive analytics risk factor, part of the Exposure category, includes current and future risk events involving potential attack paths and predicted targeted attacks, allowing you to take more proactive security measures.
Refined Cyber Risk Index calculation
  • The Cyber Risk Index is now rounded to the nearest tenth of a point to ensure all risk events are reflected in the index calculation, even when you have high amounts of assets.
Adjustments and additions to risk events
  • New risk events added to the Security configuration category alert you to assets that have stopped sending telemetry data to Trend Vision One so you can quickly investigate and address the risk the assets pose.
  • Brute-force-related risk events such as suspicious Windows logon attempts have been moved from the Activity and behaviors risk factor to the Account compromise risk factor to give the events greater weight in the index calculation. To decrease false positives, the brute force activity must reach a threshold indicative of an attack before triggering a risk event.
  • Risk events affecting your entire organization rather than just individual assets are now included in the index calculation to give you a more comprehensive picture of organizational risk.
Weight, criticality, and impact calculation changes
  • Risk events detected through predictive machine learning or behavior monitoring capabilities contribute more to the Cyber Risk Index to reflect the capabilities' significance to your organization's security posture.
  • Mitigation actions performed for high-impact and non-high-impact CVEs are more balanced to give you a clearer picture of your risk mitigation efforts. Trend Micro continues to recommend that you prioritize mitigation actions for the most high-impact CVEs detected on your assets.
  • Risky, public-facing external assets are considered more highly critical and are assigned the "Internet exposure: public-facing" tag. Higher criticality assets contribute more to your Cyber Risk Index.
Expanded risk detection and scoring capabilities
  • Unmanaged endpoints undergo posture checks to detect any enabled third-party security solutions, giving you a more accurate picture of your organization's overall risk.
  • CVE risk level calculation, previously based primarily on information from the Common Vulnerability Scoring System (CVSS), now also incorporates information from the Exploit Prediction Scoring System (EPSS) to seamlessly support proactive security.
The updated Cyber Risk Index algorithm is intended to increase the effectiveness and efficiency of your security operations and allow you to address risk before it can have an impact, helping your organization maintain a strong security posture.