Security & Fraud

Cyber Security Risk Ratings Debut For US Banks And Enterprises

Roughly two dozen companies in the United States have established a set of ground rules and guiding principles that center on cyber security ratings. Among that roster of companies are several large U.S. banks.

Reuters reports that the announcement of the principles came via the U.S. Chamber of Commerce. Those cyber ratings are used in essence as a FICO score, which allow for companies to assess risks of partner firms. The scores give an inkling about how well a company can “weather” a cyber attack. The scores also help underwriting decisions for various underwriting practices. The cyber security risk rating is emerging through the efforts of smaller companies, among them startups such as SecurityScorecard and RiskRecon, said Reuters. But one criticism lies in the fact that, according to the firms being rated, there really is no transparency on what exactly is going into those ratings, data-wise. By way of example, BitSight Technologies has a scale of cyber risk ratings in place that range from 250 to 900, with higher scores pointing toward better risk profiles.

In an interview with Reuters, JPMorgan Global Chief Information Security Officer Rohan Amin stated that “the challenge is that their (startups’) methodologies are proprietary, and there hasn’t been transparency on how they go about creating the ratings.”

Within the group are marquee payments and banking and retailing names such as JPMorgan Chase and Starbucks, in addition to health care names such as Aetna Inc.


Latest Insights: 

The Payments 2022 Study: Building A High-Performance Payments Team For Fraud Detection, a PYMNTS collaboration with Stripe, examines how digital platforms of all sectors and sizes plan to develop their anti-fraud teams as part of their their broader growth and development strategies. Drawing from an extensive survey from approximately 250 payments heads at digital platforms in the U.S. and abroad, our study analyzes how poor anti-fraud capabilities can harm platforms’ long-term growth strategies, and how they can build high-performing teams to tackle these challenges.

Click to comment


To Top