Executive Summary
The methodology outlined in this report describes several ways, based on openly available internet connections, to measure the exposure of specific organizations and industry sectors to certain cybersecurity risks. The report covers the following topics:
- The average attack surface, broken down by industry, presented on the internet by the top companies in America
- Corporate adoption of Domain-based Message Authentication Reporting & Conformance (DMARC), a set of inexpensive—but critical—anti-phishing controls
- Malicious activity emanating from these companies, as measured by connections to Rapid7’s Project Heisenberg
- Internet exposure of inappropriate and insecure services such as Windows SMB and Telnet as surveyed from Rapid7’s Project Sonar
To learn more about the key findings and analysis, read the Industry Cyber-Exposure Report in its entirety, and register for our webcast to hear directly from the researchers.