In the cyber risk management process, after identifying assets, vulnerabilities and existing risks, assessing and assigning appropriate risk scores to threat events, vulnerabilities, and the assets themselves it is crucial. Risk scoring helps prioritize security efforts and ensures that the most critical risks are addressed first, allowing organizations to mitigate potential threats most effectively.
Assigning appropriate scores to each device on the OT/IoT network is one of the foundational assets of risk scoring. But building a reliable asset inventory can be a challenging task, not to mention maintaining the database with vulnerabilities and environmental variables. For security gaps to be filled effectively, final asset risk scores should be calculated dynamically and based on multiple visible risk factors…and should also be customized for the specific environment.
To make it more complicated, individual asset risk scores may provide little value without context. For proper risk management, it’s important to understand the risk dynamics and factor progress (such as changes in risk score over time and predicting potential future risk scores). Additionally, it's essential to see how the individual risk score contributes to the higher-level risk score of the site or zone the asset belongs to, and ultimately, the risk score of the entire company.
Nozomi Networks’ asset risk scoring and monitoring capabilities are extremely customizable, in order to help organizations accurately assess their cyber risk and enhance their security posture. Let’s take a look at everything that goes into risk scoring in our platform.
New Asset Risk Score Factors
Every asset visible in Nozomi Vantage platform with Asset Intelligence License has an individual Asset Risk score from 1 to 100. The higher number, the risker the asset.
This score is calculated based on the following risk factors:
- Vulnerability Risk
- Open vulnerabilities
- Critical vulnerabilities
- Exploitable vulnerabilities
- Alert Risk
- Open alerts
- High-risk alerts
- Suboptimal management
- Communication Risk
- Network activity
- Internet exposure
- Unsafe protocols
- Unsafe countries
- Device Risk
- Type
- Technology category
- Connection type
- Lifecycle
- Asset Criticality
- A value based on the potential impact to safety, the process, or other metrics
- Compensating Control
- A value reflecting the level of security measures in place
Customizable Asset Risk Score Calculations
Within Vantage, asset owners can customize risk scores to reflect specific environments, helping predict future risks and contributing to a company-wide risk score.
Asset rules can be set based on the following conditions:
- Asset type
- Zones
- Vendor
- Mac address
- Product name
- OS or firmware
- Technology category
- Label
- Sensor
- Site
Asset Risk Score Context and Dynamics
The Asset Risk dashboard provides real-time monitoring of risk scores at various levels—zone, site, company, and even industry benchmarks—enabling organizations to track risk dynamics and changes over time.
Within the dashboard, asset owners are able to monitor:
- Current risk scores for:
- Zones
- Site
- Entire company
- Industry
- Similar customers
- Risk dynamics/change over time for:
- Zones
- Site
- Entire company
- Industry
- Similar customers
- Risk score benchmarks for:
- Default risk score calculation (Nozomi risk)
- Industry
- Similar customers
Enhanced Cybersecurity Posture with Asset Risk Assessments
Having visibility and clear understanding of context and trends is key in today’s cybersecurity world, where always-evolving, complex and intelligent attacks are increasingly targeting critical infrastructure is critical for network operators.
The advanced transparency, flexibility, and automation of Nozomi Networks’ Asset Risk scoring, combined with Vantage monitoring capabilities, gives you the power to prioritize security efforts, address the most critical risks first, and take the correct actions to mitigate potential threats effectively.