CEI

FAQ

FAQ

What is cyber exposure?

In today’s digital age, our interactions with technology frequently generate a digital footprint, which includes logs and data traces. This data, whether intentionally or unintentionally leaked by individuals, exploited by hostile actors, or exposed due to system flaws, contributes to what is known as “cyber exposure.” This term refers to any digital assets or information associated with individuals or companies that, if misused, would be harmful to them.

Cyber exposure poses significant risks, particularly when exploited by threat actors. These malicious entities can leverage exposed data in various ways, making individuals and companies more vulnerable to attacks. For example, leaked credentials can lead to unauthorized access to multiple accounts, sophisticated phishing campaigns, and even identity theft. In a company setting, such breaches can result in internal network infiltration, ransomware attacks, and unauthorized transactions. Furthermore, attackers often use personal data in social engineering tactics to deceive victims.

The range of exploitation due to cyber exposure underscores the necessity for effective cybersecurity measures. As cyber exposure increases, so does the potential for cyber threats. Understanding and managing cyber exposure is vital in safeguarding against these risks.

What are exposure categories?

Exposure categories are crucial in identifying and classifying the types of cyber exposure associated with a company or industry. They act as indicators, encompassing a variety of specific exposure types. For example, these categories include cleartext passwords, which indicate unencrypted password exposures, or findings from data breaches, which detail instances where company data has been compromised. By categorizing cyber exposure into these distinct groups, we can more systematically understand and address the nature and severity of the exposure. Understanding these categories is key for investors to assess cyber risks.

How many and what exposure categories are available?

In our analysis, we categorize cyber exposure into several distinct categories, each highlighting different aspects of cyber risk. Here’s a brief overview of each:

  1. Cleartext Passwords: Direct security risk with immediate access potential.
  2. Encrypted Passwords: Reduced risk, but still concerning due to the potential for cracking.
  3. Data Breach: Broad category including unauthorized data publication, with varied implications.
  4. Black Markets: Active trading or sales of corporate data, indicating immediate threats.
  5. Discussions: Insights into potential threats and corporate reputation.
  6. Internal Malware: Suggests compromise of internal systems or users.
  7. External Malware: Potential compromise in third-party entities or partners using the company’s services.
  8. Source Code: Risks related to system vulnerabilities or intellectual property exposure.
  9. Email Content: Potential for reputational damage or exposure of confidential information.
  10. Targeting Lists: Indicates potential future threats.
  11. IT Infrastructure Information: Exposed configurations can aid targeted attacks.
  12. Other: Miscellaneous exposures not covered in the above categories.
What is the exposure difference?

This metric provides a clear, quantifiable way to compare a company’s exposure level against its typical industry exposure. It’s a valuable tool for understanding whether a company is more or less exposed to cyber risks compared to what’s typical in its industry, offering insights into relative cyber risk.

To determine a company’s exposure difference, we first calculate the ratio of its total exposure records to its employee count, and then compare this to the same ratio for a typical industry entity. This comparison is done using a logarithmic scale, specifically by calculating the natural logarithm (ln) of the ratio of the company’s value to the industry’s value.

For example, an exposure difference of 0 means the company’s exposure level is the same as the typical exposure level in its industry. If the value is -1 or 1, it signifies that the company’s exposure level is roughly three times less or more, respectively, as e^1 is approximately 2.71828.

To further illustrate, if the value is 2, the company’s exposure level is about e^2, or approximately 7.4 times more than the typical exposure level in its industry. Similarly, a value of 3 indicates the company’s exposure level is around e^3, or roughly 20 times more than the typical exposure level in its industry. These higher values demonstrate a progressively larger deviation from the industry norm, allowing for a nuanced understanding of a company’s relative cyber risk compared to its peers.

What is the exposure similarity?

Exposure similarity is a metric that uses cosine similarity to compare the cyber exposure profiles of different entities. It spans from 0 to 100%, where 0% indicating no similarity at all and 100% indicating that the profiles are identical in terms of exposure category proportions.

This metric helps in understanding how closely related two exposure profiles are. For instance, two companies in the same industry might have similar exposure profiles, indicating common cybersecurity challenges or threats. Conversely, a low similarity suggests very different cyber risk landscapes.

This comparison is crucial for assessing risk profiles and identifying patterns or trends in cyber exposure, either across different entities or within a specific industry sector. It aids in providing a nuanced understanding of how cyber risks are distributed and managed across the company landscape.

How has exposure been evaluated for companies?

We use a tailored search approach that employs unique keywords associated to each company to identify a company’s cyber exposure. This search is conducted within a large database that classifies documents systematically using advanced machine learning techniques and a set of logical rules.

Our database is extensive, encompassing data from a variety of sources, including the dark and deep web, data breach records, malware records, and social media discussions. This diverse range of sources ensures a thorough capture of potential cyber exposure points.

Furthermore, our database is not just wide-ranging but also deep, containing historical data that goes back over a decade. This long-term data accumulation provides a detailed perspective on the evolving cyber exposure landscape companies face. Such in-depth analysis is crucial for understanding both current risks and historical trends, offering valuable insights for investors making informed decisions.