Definition

Cyber Risk Score

A quantitative rating that measures the external cybersecurity posture of an organisation based on observable data.

AusfΓΌhrliche ErklΓ€rung

A cyber risk score aggregates external, observable security signals into a single numeric value β€” typically on a scale of 0-100. Inputs include unpatched CVEs, SSL/TLS configuration, email security (SPF/DKIM/DMARC), dark web exposure, open ports and credential leaks. Unlike self-assessment questionnaires, cyber risk scores are objective, continuously updated and require no cooperation from the assessed organisation. 360TPRM generates daily cyber risk scores for all suppliers in your portfolio.

Business-Relevanz

Cyber risk scores enable objective, comparable and scalable supplier risk assessment. They are the data foundation for NIS2 Art. 21(d) continuous monitoring and DORA Art. 28 third-party due diligence β€” replacing subjective questionnaire-based assessments.

HΓ€ufige Fragen

What is a good cyber risk score?
On 360TPRM's scale, a score above 70 is considered low risk. Scores between 50-70 require attention, and below 50 indicate high risk requiring immediate action.
How often is the cyber risk score updated?
360TPRM updates cyber risk scores daily for all suppliers β€” automatically, without any involvement from the supplier.