Cyber Exposure Index
The Cyber Exposure Index is the result of a research project. It is still in its early stages, and we hope to develop it further in future. Data breaches are increasing exponentially, and as companies are ever more interconnected and dependency networks become more complex, the impacts of such breaches become greater. For example, a data breach in one organisation may expose 10,000 other organisations and even more individuals. To be able to respond and develop solutions to mitigate data breaches, we first need to understand their magnitude and impacts, which is why we support academics, students and independent security researchers in their missions to better understand cyber exposure.
The Cyber Exposure Index is based on data collected from publicly available sources in the dark web and deep web and from data breaches. From this data, signs of sensitive disclosures, exposed credentials and hacker-group activity against companies are identified. Companies are ranked based on the number of findings and identified risks divided by their employee counts.
The information presented on this site illustrates the magnitude of cyber exposure. It does not address any single company’s weaknesses or vulnerabilities, only the exposed data available from public sources within the observed period. If you notice inaccuracies in the parameters used to measure cyber exposure, please inform us, and we will update our database accordingly.