We looked at the most common tactics, issues commonly exploited, and the controls organizations need to implement to mitigate these tactics to design our scope.
We designed our scope by analyzing which cybersecurity tactics worked best, which issues were most commonly exploited, and which controls were most needed to secure at-risk organizations.
The result is an in-depth, detailed review of four core security domains, comprising 17 unique control areas.
Each control area is scored individually. Control area scores are combined to obtain a cyber risk score for each domain, which is then averaged into an overall risk score for the organization based upon a common grade scale.