In cybersecurity, there are the haves and have-nots. For the latter, improving their security posture to defend against threats is rarely straightforward. While attackers become more high-tech, the gap between ‘the cyber 1%’ and those companies below the ‘cybersecurity poverty line’ grows wider. That poses a threat to all companies.
What is the cyber poverty line? Why does it matter to your business, and what can you do to protect yourself?
What Is the Cyber Poverty Line (CPL)?
The cyber poverty line (CPL) is a threshold that divides all organizations into two distinct categories: those that are able to implement essential measures well and those that are unable.
Wendy Nather, head of advisory CISOs at Cisco, first coined the concept in 2011. Since then, Nather’s theory has been widely adopted as the benchmark for acceptable cybersecurity posture. Chris Krebs added the concept of a ‘cyber 1%’ in a talk at a Gartner conference in 2020.
The cyber 1% are the most capable and actively able to defend against threats, regardless of their industry. These companies possess the resources, culture and structure to maintain an elite security posture well-matched with attackers.
For other companies, getting above the cybersecurity poverty line should be the minimum standard. If they don’t, they remain exposed to a breach and the damaging impact of such an attack on their data security, budget and company reputation.
The Difference Between the Cyber 1% and the Rest
To understand what separates those on either side of the line, let’s consider six key factors:
Support the originator by clicking the read the rest link below.
