Sign In

Communications of the ACM

ACM TechNews

Helping Companies Prioritize Their Cybersecurity Investments

View as: Print Mobile App Share:
A "key" to cybersecurity.

By securely aggregating sensitive data from cyber-attacks, the SCRAM platform developed at the Massachusetts Institute of Technology's Computer Science and Artificial Intelligence Laboratory can quantify an organizations level of risk, and suggest how to

Credit: Chelsea Turner

A new platform developed by researchers at the Massachusetts Institute of Technology can quantify security risks for companies without requiring them to disclose sensitive data about their systems.

The platform, dubbed SCRAM (Secure Cyber Risk Aggregation and Measurement)  enables companies to understand how their security compares tothat of their peers, and gauge whether they should change their security spending based on their specific priorities.

The researchers analyzed internal data from seven large companies with an average of 50,000 employees and annual revenues of $24 billion. They securely aggregated 50 different security incidents that had occurred at these firms and determined steps that could have been taken to prevent them.

In addition, the researchers found that three security vulnerabilities—failure to prevent malware attacks, communication over unauthorized ports, and failures in log management for security incidents—resulted in the biggest losses to the companies, of more than $1 million each.

From MIT News
View Full Article


Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA


No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account