Do You Know Your FISASCORE? 10 Reasons Why You Should

You’ve likely checked your personal FICO® credit score recently, but has your business checked its FISASCORE? Don’t know your FISASCORE – or never heard of it? You should read on, we’ve got 10 reasons why you should.

Standards like FICO® Scores allow lenders to assess risk before issuing credit. FISASCORES are similar to credit scores but instead focus on the complex task of evaluating a company’s overall cyber security and measure its risk of an information security incident. A FISASCORE rates a company’s information security program on a scale from 300 (not secure) to 850 (excellent) and identifies your company’s level of vulnerabilities, gaps and deficiencies in your security program. Get a FISASCORE assessment now.

1) FISASCORE is easy to understand.
Information security is a complex discipline with many moving parts, but FISASCORE simplifies the communication about how your information security program is performing. You don’t need to be an information security expert with years of experience to understand what FISASCORE is telling you. One simple number represents your overall risk, and additional indicators show where your most significant risks are.

2) FISASCORE can tell you what everyone else is doing.
Hundreds of organizations have received their FISASCORE and this allows for good, fact-based comparisons. One of the common questions we receive about information security is, “What is everybody else doing?” This question comes from the responsibility for due care/due diligence, liability, and knowing that there’s “protection in the herd.”

Once your full FISASCORE onsite assessment is complete, you’ll receive a risk measurement, from 300 (not secure) to 850 (excellent).

3) With a FISASCORE, you can track progress.
FISASCORE is a point of reference that should be used to track progress and to determine whether risk is maintained within your tolerance. Your information security program and risks are always getting better or worse; they never stay the same. Questions about progress, regular reporting, and support for maintaining your information security program are all answered through the FISASCORE.

4) FISASCORE is objective.
FISASCORE is maintained by an independent organization that doesn’t do consulting work, and has no other purpose but to provide accurate measurements of information security risk. In addition to organizational objectivity, the score is also objective. FISASCORE is calculated through the measurement of thousands of objective characteristics that take much of the guesswork and opinion out of the equation.

5) FISASCORE is credible.
FISASCORE was developed over the course of more than 15 years through the work of seasoned information security practitioners and is now on its fifth major release. FISASCORE is based on generally well-accepted information security standards. The criteria for measurement are all referenceable to the NIST Cybersecurity Framework (CSF), and its supporting standards: NIST SP 800-53, COBIT, ISO 27001:2013, and CIS CSC.

FRG offers the SecurityStudio Assess Your Vendors module as a solution for organizations to determine how secure their vendors and partners are.

6) FISASCORE represents risk.
Risk is the combination of vulnerabilities and applicable threats that manifest themselves into the likelihood of something bad happening and the impac ™t if it did. If there is no vulnerability (or weakness) in a control, there is no risk. If there is a vulnerability in a control without an applicable threat, there is also no risk. FISASCORE represents the analysis of hundreds of controls, thousands of vulnerabilities and thousands of threats, resulting in likelihoods and impacts of bad events.

7) FISASCORE is comprehensive.
Fundamental to FISASCORE is our definition of information security: The application of administrative, physical, and technical controls to protect the confidentiality, integrity and availability of information. There are four Phases within FISASCORE:

Phase 1 – Administrative Controls
Phase 2 – Physical Controls
Phase 3 – Internal Technical Controls
Phase 4 – External Technical Controls

All four parts of the information security program must work well together. A weakness in one control can lead to a collapse of all others. The phases are further segmented into sections, and the sections are further segmented into controls. The final FISASCORE report is presented both high level and then digs deep in the details.

8) There is fast-growing community support for FISASCORE.
The partner community behind FISASCORE is critical to its success. Partners works to generate FISASCOREs for their clients, but the partner community is also vital to future improvements and considerations. The partner community participates in further improvements of the methodology, shares critical information, and evangelizes the need for a common information security language (provided by FISASCORE). Our partners include IT service companies, CPA firms, insurance brokers and security consulting companies.

9) FISASCORE is an indicator of future losses.
As FISASCORE continues to evolve, we get closer to understanding the true losses behind information security incidents and breaches. FISASCORE provides the framework for predicting future information security losses accurately, using the best information available. Today FISASCORE is tied to research conducted by the Ponemon Institute for loss data.

10) FISASCORE is a competitive advantage.
Information security as a competitive advantage? Yes, absolutely! FISASCORE is a representation of the efforts you’ve put into information security and it’s a demonstration that you know where your most significant information security risks are. Armed with this information, you can make an objective case to your customers that you take information security seriously, backed by experienced information security experts, a community of partners, and a clean methodology. Don’t forget the fact that you can now invest your information security dollars where they will have the greatest benefit.


FRG is a trusted partner providing information cyber security solutions to organizations large and small.

Wondering about how your partners and vendors FISASCORE might affect yours? Use Vendefense to evaluate the risks presented by the providers you rely on.

Want to get a free FISASCORE assessment? CLICK HERE.

FRG DuoGuard is a combination software and hardware cyber security solution designed specifically for AV networks. Learn more about DuoGuard AV security solutions.



weframe One – Complete Meeting Collaboration Solution

Whether its a presentation, multi-media work session, brainstorming, webcasting, or an interactive group work session with participants in multiple locations, weframe One may be the only device you’ll ever need.

Forget flipcharts, post-it notes, a projector, video conferencing camera, flat screen TV, screen sharing devices and white boards. The weFrame One replaces all of these collaboration tools with one stand-alone, portable, cloud-connected 85″ 4K display with amazing multi-touch-enabled software that allows groups to remotely collaborate and save session contents for later reference.

Immersive – The 85″ 4K multi-touch display provides a massive canvas on which notes can be taken and organized and images and video can be viewed. Multiple sheets can be opened simultaneously to allow content organization and select notes stored and out-of-the-way when not needed.

Beyond Note Taking – weframe One’s onboard software allows session leaders to take notes on-screen and solicit notes from session participants near and far. Notes can be moved, re-sized and color-coded on-screen and organized on-the-fly into pre-designed templates or blank pages. Snapshots can be taken at any time during the session and stored for later retrieval via secure DropBox folder.

Screen Sharing – participants log into a weframe session via web browser on their own devices and can share their text, photos, screen grabs, videos to the main screen with a swipe. No special software or apps required. If you have an internet connection your team can use weframe One. Participants can also share entire screens with weframe One via Apple Airplay, Miracast or via HDMI input.

Connected – Built-in camera and microphone, and the encrypted weframe session URL allow remote participants to view all screen content as well as see and hear live action in the meeting room.

Solution Spotlight: Sony TAA Laser Projector

Sony is pleased to announce the introduction of Made in Japan version of the highly successful VPL-FHZ65 projector. The new model, VPLFHZ65/BJ is manufactured in Japan in order to serve Federal Government business opportunities which require products to be manufactured in Trade Compliant countries. The product will be available in Black cabinet. Its optional lens accessories are also made in Japan to deliver full solution to the targeted market.

The VPLFHZ65/BJ outputs 6000 lumens brightness with WUXGA (1920×1200) high resolution. It deploys Z-Phosphor laser light source technology which offers long life illumination source with no lamps to change, consistent picture brightness and quality. This technology also reduces total cost of ownership vs lamp based technology and provides long reliable, virtually maintenance free operation.

With Z-Phosphor technology the FHZ65/BJ enjoys added benefits of lamp-less technology such as (i) 7 seconds quick on and quick shut off; (ii) the capability to mount the projector at any angle and (iii) no Mercury based lamps to dispose of.

The FHZ65/BJ also employs Sony’s latest in advanced image processing technology : Reality Creation and Contrast Enhancer. These new features in conjunction with Z-Phosphor light source give superb picture quality, with a very wide accurate color response. For customers with further needs on accurate color reproduction, the new projectors offer Color Space adjustment and Color Correction features. The new projectors create an image quality without compromise.

The projector also deploys robust AV integration features including wide range of lens shift, five optional lenses and HDBaseTTM connectivity for simplified wiring solution.


Solution Spotlight: Polycom Eagle Eye Producer

Polycom-EagleEye-ProducerPolycom’s EagleEye Producer changes the face of video collaboration through automatic, intimate framing of meeting participants. Utilizing the latest in facial recognition, the system continually views the room and seamlessly commands the movable camera appropriately frame the users with subtle pan, tilt, zoom (PTZ) technology. This intelligent method of camera tracking and framing greatly improves the user experience and solves the common problem of wide angle shots that fail to immerse the participants, showing true expressions and understanding.

The power of EagleEye Producer doesn’t stop at the conference room door. With EagleEye Producer, IT administrators can download powerful analytics that can be used to measure the return on investment of video collaboration. During each session, the system will produce data showing the number of participants at the beginning, middle, and end of the call. This information can be used in video usage and physical real estate planning, ensuring that each video room investment is utilized to its full potential. For example, reports generated stating that 10,000 hours of video collaboration took place with 1,700 people, or an average of six people per conference. Furthermore, IT professionals can monitor room usage to ensure that automated conferences are being attended and not running in empty rooms.

Benefits to You

  • Automated camera operation improves the meeting experience without the need for user interaction
  • Powerful analytics provide a level of visibility into the video room usage like never before
  • Interoperability with current investments in room systems and cameras can easily be upgraded in minutes
  • Expanding innovation to huddle to medium-sized rooms empowers the entire organization
  • Consistent camera pointing technologies improve usability with no training required