Report: 75% of Fortune 500 technology companies scored a D or lower for their cybersecurity efforts

The increasing sophistication of cyberattacks and the expanding attack surface due to cloud adoption, remote work, and complex supply chains have made robust cybersecurity risk assessment more critical than ever.

Unfortunately, with the threat of cyberattacks growing, most organizations haven’t raised their security standards accordingly. Cybernews Business Digital Index shows that 84% of analyzed Fortune 500 companies scored a D or worse for their cybersecurity efforts.

The Cybernews research team analyzed 466 companies on the Fortune 500 list. Thirty-four companies could not be analyzed to evaluate an organization’s cybersecurity posture. The report evaluates risk across seven key areas: software patching, web application security, email security, system reputation, SSL Configuration, system hosting, and data breach history.

Below is detailed data collected from multiple sources, including IOT search engines, IP and Domain name reputation databases, and custom scanners, that show Fortune 500 companies’ digital security posture.

Technology and IT companies are some of the most vulnerable

Although the biggest U.S. companies by revenue are responsible for sensitive customer data, the results show they have major shortcomings in corporate customer data security.

According to the index, which grades businesses based on their online security measures, 84% of Fortune 500 companies scored D or worse, with 43% falling into the F category. Only 6% of analyzed organizations earned an A rating for security measures.

Research shows that 75% of analyzed Technology and IT category companies scored a D or worse in their cybersecurity efforts. Overall, this sector received an average security score of 71.

With 57 companies on the list, the Technology and IT category is the fourth biggest Fortune 500 category. 35% of the scored companies received a D rating, and 40% received an F rating. Just 7% of companies received C and 17.5% of companies A ratings.

Only 1% of finance and insurance companies scored an A

The biggest Fortune 500 category is Finance and Insurance, with 102 companies on the list. 63% of the scored companies received a D rating, and almost 24% received an F rating. Overall, this sector received an average security score of 71.

Finance and Insurance category companies are the most vulnerable. Only 1% of them gained an A-level security score.

The second-biggest category, with 88 companies, is Manufacturing. This category’s average security score is 65. According to The Business Digital Index, 81% of companies analyzed received a security rating of D or worse, with 53% falling into the F category. Only 3% of companies earned an A rating for their security measures.

61% of analyzed Energy and Natural Resources category companies worldwide scored F, and 24% got a barely passing grade of D. Only 7% of these organizations were worthy of an A rating for their security measures.

The healthcare industry is also particularly vulnerable, with 55% of the scored companies receiving a D rating and 31% an F rating. Only 10% of the companies analyzed in the Healthcare and Pharmaceuticals category achieved an A grade. Overall, the healthcare sector received an average security score of 70.

Also, 50% of the scored Retail and Wholesale category companies received a D rating and 40%  an F rating. In contrast, Construction and Engineering category companies fared better, with 73% earning a D and F grade for their security.

33% of Transportation and Logistics category companies received D and F scores equally. Most (43%) of Consulting and Business services category companies were rated D, and 57% got an F. Meanwhile, Real estate and Development category companies received 30% for D and 60% for F ratings.

Among all industries, the Transportation and Logistics category has the highest share of A-level companies (20%).

Researchers found nearly 671 critical or high-risk vulnerabilities

The Business Digital Index shows that the most common security issue is related to Secure Sockets Layer (SSL) configurations, with over 490 issues found in 466 analyzed companies

Furthermore, researchers found nearly 671 critical or high-risk vulnerabilities that hackers can exploit to enter networks and steal information.

Researchers also found that analyzed Fortune 500 list companies have 254 email security issues and 480 total data breach incidents.

Research Methodology

You can review the report’s Methodology here. It provides detailed information on how researchers conducted this analysis.