FICO Cyber Risk Score to Measure Supply Chain Risk for T-Mobile

FICO announced today that T-Mobile, one of the leading US mobile carriers, will use the FICO® Cyber Risk Score as a key quantitative risk metric in its vendor management program. The score, which indicates the likelihood that an organisation will be breached, will help T-Mobile assess the effectiveness of vendors’ data protection procedures. Improving its third-party risk management will enable T-Mobile to take targeted actions to reduce its supply chain risk.

The move reflects the evolving discipline of vendor risk management in a digitally connected world where nearly every business relationship involves the exchange of data of varying degrees of sensitivity. New regulations require more accountability for organisations in understanding and managing the risk of data loss both internally and through interactions with third parties. GDPR has recently added new granularity to these requirements, and new regulations such as the CCPA will add to the growing expectations for sound management of data loss exposure through supply chain partners. An accurate and continuous assessment of cyber breach risk can help companies prioritise the work of their cybersecurity and their third-party risk management (TPRM) team.

The FICO® Cyber Risk Score is based on billions of cyber risk indicators that are monitored at Internet scale. It relies on machine learning to interpret the network hygiene practices of thousands of previously breached organisations and form predictors that amplify the signals associated with risk of data loss. The FICO Cyber Risk Score is part of the FICO® Enterprise Risk Suite, which provides a framework for discovering, sharing, and monitoring the cyber risk of third and fourth parties (vendors of vendors) in an extended supply chain.

“Accurate prediction of cyber breach in the next 12 months is the goal of the model,” said Doug Clare, FICO’s vice president for cyber security solutions. “The algorithm generates a score with a dynamic range of more than 24X, which means that the lowest scoring organisations have a breach risk 24 times higher than those with the highest scores. Our ability to accurately discern risk gives our clients the confidence to focus their limited resources on those vendor relationships that actually require the most scrutiny.”

“We’re thrilled to extend our relationship with T-Mobile to cover supply chain risk,” said Shawna Morgan, FICO’s director for telecommunications, media, entertainment, and technology. “FICO has a long and successful relationship with T-Mobile across multiple risk management disciplines. As a supplier to T-Mobile, we appreciate the opportunity to help T-Mobile upgrade its supply chain risk assessment capability.”