Rapid7 Releases New Industry Cyber-Exposure Report (ICER): Deutsche Börse Prime Standard

Rapid7 Releases New Industry Cyber-Exposure Report (ICER): Deutsche Börse Prime Standard

Today, Rapid7 released the fourth in our Industry Cyber-Exposure Report (ICER) series. For those of you who have been following our research over the past few years, you may immediately suspect us of unloading another 100+ page tome of internet-based findings around the internet—but not so fast! We've slimmed down our research and reporting style, and this series focuses on five areas we believe that CISOs at mega-corporations actually have a shot at accomplishing, and will have a practical and fairly immediate effect on a given company's internet security posture. Those are:


Implementing DMARC (Domain-based Message Authentication, Reporting & Conformance) to shore up email security, both internally and externally.
Enforcing HTTPS (secure HTTP) and HSTS (HTTP Strict Transport Security) in order to protect their brand reputation and their customers' personal information.
Hitting a happily low count of unique versions for major internet-facing software applications like web servers and email servers.
Shutting off dangerous and inappropriate services that really have no business being exposed on the internet in the first place.
Kicking off a vulnerability disclosure program (VDP) that helps you learn about the security issues in your products and infrastructure before you run into real problems with malicious attackers.

The paper itself focuses on how well a specific cohort of companies are doing in these areas—this time, it's the Deutsche Börse Prime Standard, which are widely considered to be the most successful of large companies headquartered in Germany. We cut the data by industry, so we can stack up how financials are doing compared to the technology sector, where manufacturing and pharma look pretty much the same, and plenty of other insights into how the compa ..

Support the originator by clicking the read the rest link below.