Security in Depth’s Cyber Assurance Risk Rating (CARR) solution provides a world class, reliable, quantitative measurement of your current cyber security performance, without subjectivity.
Each score is developed based on how many standard deviations an organisation is- better or worse - than the average number of risk findings for an organisation of the same size.This enables fair comparisons of an organiaation’s cybersecurity hygiene, helping to improve accuracy, transparency, and fairness to the security rating process.
Risk mitigation is an essential part of good governance, so CARR provides cyber transparency and cyber risk management for our clients, CARR essentially:
For example, organizations with an 400 score are 12.2 times more likely to experience a significant cyber incident than those with an 800 score*.
*Likelihood of a cyber incident is based on Security in Depth State of Cyber Security 2021 and Verizon 2021 data breach investigations.
The Cyber Assurance Risk Rating (CARR) is the de facto Australian standard for assessing business risk, when reviewing business relationships with third party suppliers. CARR provides a global, regional and local view of an organisation’s risk profile and the likelihood of a data breach via third party suppliers.