Skip to main content
About

Why Your Cyber Health Rating May Have Changed

  • Updated

At Coalition, our Cyber Health Rating (CHR) is designed to give you a clear, actionable assessment of your cyber risk. We continuously refine the CHR model to ensure it accurately reflects the evolving threat landscape. Recent updates have affected some customers' ratings—this post explains why.

 

Why Did My Rating Change?

We've updated the way certain security vulnerabilities impact your rating, focusing on two key areas:

  • Claims-Driven Insights: Our insurance claims data reveals that certain security issues—such as vulnerabilities commonly exploited by attackers—are strong predictors of breaches. As a result, we've increased the weight of:
    • Frequent Claim Indicator (FCI) findings – Security gaps that have historically contributed to real-world cyber claims (e.g., open RDP, exposed pulse connect secure device, etc.)
    • Critical vulnerabilities – Issues more likely to lead to unauthorized access or data breaches (e.g. citrix VPN panel exposed, asset found in spamming sourcelist, etc.)
  • Threat Intelligence Enhancements: We're leveraging more comprehensive threat intelligence to identify newly exposed risks. If recent data leaks or emerging threats have been linked to your organization, this may impact your rating.

 

What Does a Drop in My Rating Mean?

If your rating has decreased, it does not necessarily mean your security posture has worsened — rather, it reflects a more accurate risk assessment using updated intelligence. This change ensures higher-risk issues receive appropriate attention, helping you proactively strengthen your defenses.

 

How Can I Improve My Rating?

To improve your rating, consider implementing the following key measures:

  • Addressing FCIs & Critical Vulnerabilities – Prioritize patching and remediation of critical vulnerabilities that pose significant security risks to your systems and data.
  • Monitoring Threat Intelligence Alerts – Stay informed about newly discovered data leaks and take action when your information is exposed.
  • Strengthening Security Controls and Best Practices – Ensure you’ve filled out your Security Checklist and implemented industry-standard best practices such as access controls based on principle of least privilege, multi-factor authentication, data encryption, regular security audits, and secure backups.

 

We're Here to Help

If you have any questions about your rating or need guidance on improving it, we're here to help. Reach out to our team for further guidance.

Related articles

Powered by Zendesk