Q: What are the main steps in calculating the score?
1. Weighting Issues
Each issue is scored based on how severe it is and how valuable the affected system is.
2. Rating Key Security Domains
The score considers 8 main domains:
Software Patching (30%)
Application Security
Web Encryption
Network Filtering
Breach Events
System Reputation
Email Security
DNS Security
Each domain gets a score from 0β10 and a letter grade.
3. Weighted Average and Adjustments
A weighted geometric average is used to calculate the overall score, giving more importance to weak areas.
Poor ratings in core areas like patching or encryption may trigger additional downward adjustments.
4. Final Score and Letter Grade
The final score reflects overall cybersecurity posture and is strongly correlated with real-world incident risk.