How does risk scoring help, and how do you get the most value out of yours? ArmorCode Senior Solutions Engineer Alex East joins Mark to answer just that. And here's what we learn:
1. Risk scoring quantifies your Dev & security teams' ability to design secure software and address any weaknesses found – via a point-in-time value. This can be measured against historical data and used to make predictive analyses of future risk.
2. Risk scores rarely compare apples-to-apples. Scores reflective of assets with different degrees of business criticality, sensitivity, publicity, complexity, or obligation to compliance requirements will each mean something different to a risk officer. Comparisons across industry lines or even between similar businesses are inherently flawed, so it's often best to contextualize risk categorically.