Tag Archives: cybersecurity professionals

How CVSS Works: A Guide to Vulnerability Scoring

The Common Vulnerability Scoring System (CVSS) is a widely used framework for evaluating and communicating the severity of software vulnerabilities. First introduced in 1999, CVSS has become the standard scoring method for organisations to prioritise security efforts and manage vulnerabilities systematically. By assigning numerical scores to vulnerabilities based on their characteristics, CVSS enables teams to assess risks and allocate resources effectively.

Continue reading

Mapping Cyber Risk Approaches: Bridging Quantification and Scoring

The diverse landscape of cyber risk methodologies, ranging from technical scoring systems like CVSS to financial quantification frameworks like FAIR—offers organisations multiple tools to manage threats. However, these tools often operate in isolation, creating challenges when aligning technical, operational, and financial risk perspectives. Mapping between these approaches bridges the gaps, enabling organisations to unify risk management strategies and enhance decision-making.

Continue reading