山东时时彩直播 www.6yeq9.com.cn 全球风险管理专业人士协会(GARP)致力于为风险管理条线上的各级人员，包括各大金融机构的风险从业者和监管机构人员提供风险教育和最新行业资讯。GARP China微信公众号将持续转载“GARP Risk Intelligence”系列文章，介绍科技、企业文化与治理、能源等领域对操作风险、信用风险、市场风险和资产负债管理的影响。让我们一起全面认识风险，防范风险，化解风险。
在企业网络风险评分(Cyber Risk Score)的基础上，信用分析公司FICO制作了一个国家综合指标，即ABC(Assessment of Business Cybersecurity)并在美国商会网站上发表。美商会同时支持两项法案，旨在“提高美国政府以协调有效的方式解决网络问题的能力”。其中一项提案将使美国国务院能在一个办公室内整合网络和数字经济问题，该办公室主任将为大使级官员，这将允许其与世界各地的合作伙伴进行高层外交接触。
The scores measure the probability of a breach over the next 12 months, and the range of 619 to 764 is said to represent “a significant difference in relative risk across the evaluated sectors.” With every 84-point increment, the likelihood of a material breach doubles, so “the range of sector assessment values represents an almost 200% differential in risk across the represented sectors,” the research says.
Finance and banking, widely regarded as one of the most effective sectors in terms of cyber defense and resources committed to it, scored 642, between media-telecom-technology's 619 and materials and manufacturing's 672. In other words, financial services is one of the higher-risk sectors.
“It is a risk score, not a performance score,” explains Julie May, a vice president in FICO's cyber solutions group.
FICO vice president for cybersecurity solutions Doug Clare said, “The FICO Cyber Risk Score is not a report card — just like the FICO Score, it's an empirical, objective forecast of performance. Individual businesses can use the FICO Cyber Risk Score to compare their own cyber risk against these benchmarks.”
Figure 1：Among the Assessment of Business Cybersecurity sector scores contributing the overall 687: Construction 764, Energy & Utilities 707, Health Care 679, Agriculture & Food 671, Finance & Banking 642, Media, Telecom & Technology 619.
It is important to realize that the maturity level of the underlying processes in the modelling ecosystem will heavily influence the effectiveness and efficiency of the MRM activities.
In general, bigger size and organizational complexity correlate with greater cyber risk, but in financial services and health care (overall score 679), “the correlation of size and risk is less pronounced than in other sectors,” the report says. Finance and health care have in common that they are regulated industries, “custodians of especially valuable personally identifiable information” and subject to specific data-protection compliance regimes, notably HIPAA and PCI.
The relative consistency within these industries “appears to be attributable to more consistent external risk (more consistent targeting of these companies by threat actors) and better security controls being applied by security teams regardless of the scale of organizational assets.”
“This is the first time the cybersecurity strength of the nation's businesses has been measured in this detail,” FICO's Clare said. “Our analytics measure and monitor billions of cyber risk indicators, and we use machine learning to produce a forward-looking metric for measuring cyber risk. The ABC is a benchmark based on this empirical calculation.”
Over time, the ABC will be an indicator of how security is improving or deteriorating at the national and sector levels.
Meanwhile, businesses can obtain free FICO Cyber Risk Scores as a security-effectiveness assessment and “understand how business partners view their cybersecurity hygiene,” Clare said. “In addition to self-assessment, businesses can use the full version of the FICO Cyber Risk Score offering to monitor the security risk of third-party and fourth-party partners and vendors. It's a 360-degree view of your cybersecurity risk exposure.”
“With the ABC, businesses now have a comparative benchmark for understanding their collective cybersecurity risk,” said Christopher Roberti, senior vice president for cyber intelligence and security policy, U.S. Chamber of Commerce. “Businesses are on the front line of cybersecurity threats. Their risk impacts our economy's health and our national security. That's why we are pleased to partner with FICO to ensure businesses know their level of security. Organizations can obtain their Cyber Risk Score and use the ABC to measure their risk, know the risk of their sector, and take steps to improve their risk posture.”
The U.S. Chamber has an ongoing Cybersecurity Campaign – FICO is presenting sponsor as well as a supporter of the chamber's Principles for Fair and Accurate Security Ratings. The Chamber is supporting two bills “that would improve the government's ability to address cyber concerns in a coordinated and effective way,” president and CEO Thomas Donohue said on October 15.
“The Cybersecurity and Infrastructure Security Agency Act would restructure the Department of Homeland Security's cyber directorate to facilitate engagement with the business community before, during, and after cyber incidents,” Donohue said. “We expect the bill to be ready for the president's signature this fall.
“The Cyber Diplomacy Act would consolidate cyber and digital economy issues in one office within the State Department and confer the rank of ambassador to the office's director, which would allow high-level diplomatic engagement with foreign partners around the world,” the Chamber CEO continued. “It has passed the House and is awaiting action in the Senate.”
2019年FRM备考群 835405115 FRM资讯&资料随时分享，与众多FRM持证人交流考试经验。