The DRI scores an organization’s readiness to respond to cyberattacks and provides upskilling training. Credit: Shutterstock Cyber defense upskilling company RangeForce has announced the release of the Defense Readiness Index (DRI) to enable companies to measure and improve their cybersecurity capabilities. Integrated into RangeForce’s Threat Centric platform and mapped to both the MITRE ATT&CK and D3FEND frameworks, the DRI scores an organization’s readiness to respond to cyberattacks, the firm said in a press release. It also provides cybersecurity upskilling rooted in United States Department of Defense and NATO training to help teams to prepare for threats, it added. Strong and effective cyber readiness can be challenging for many organizations. The latest Cisco Cybersecurity Readiness Index, which ranks companies in four stages of cybersecurity readiness (beginner, formative, progressive, and mature), found that more than half of organizations fall into either the beginner or formative category, with only 15% in the mature stage. Identity management is recognized as the most critical area of concern with 58% of organizations either in the formative or beginner category, while 56% of organizations were at the lower end of the readiness spectrum for network protection. DRI ranks organizations’ cybersecurity readiness on a scale of 1 to 5 The DRI pinpoints weaknesses in an organization’s cybersecurity capabilities, enabling them to assess skills gaps and implement strategic recommendations to plug them, RangeForce said. It also informs senior management with objective metrics, providing visibility into the strength of their cybersecurity teams. The DRI ranks organizations on a scale of 1 to 5, each with its own set of controls and practices to provide visibility into where defensive teams stand in terms of competency against cyberattacks, RangeForce said. Furthermore, it provides insight into a team’s mix of demonstrated skills, their capabilities to detect and disrupt threats, their ability to collaborate on investigations, where skill gaps exist, and the associated costs, it claimed. A roadmap helps companies focus on the skills needed to move up to the next level (or to remain at the same level as the threat landscape evolves over time) while assessment and reporting mechanisms are enhanced to help businesses measure progress. DRI incorporates US DoD, NATO cybersecurity training The DRI draws upon collaborative work with the US DoD and NATO. “NATO runs the largest international cybersecurity exercises in the world, and defends against nation-state level attacks,” said Taavi Must, co-founder and CEO, RangeForce. “But we found – when it came to defense – even their teams needed to practice using real tools, in real time, under stressful conditions. We developed customized training to provide visibility into skills gaps, and to identify areas for improvement. Then we focused on scaling our platform, extending the same benefits to everyone with the launch of RangeForce. “Based on DRI results, teams are provided a curated training plan built from RangeForce’s library of 1000-plus on-demand training modules,” Tanner Howell, global director of solution engineering at RangeForce, tells CSO. “For example, let’s say an organization is targeting a DRI level of 4. If, when they complete a team exercise at that DRI level, they are not able to appropriately deconstruct the malware to mitigate the threat, they will be given a curated training plan including RangeForce modules specifically focused on differing malware deconstruction techniques.” Related content news CISA, FBI urge developers to patch path traversal bugs before shipping The advisory highlights how developers can follow best practices to fix these vulnerabilities during production. By Shweta Sharma May 03, 2024 3 mins Vulnerabilities news Microsoft continues to add, shuffle security execs in the wake of security incidents The company has appointed new product security chiefs as well as a customer-facing CISO as it continues to respond to high-profile attacks on its products and own network. By Elizabeth Montalbano May 03, 2024 4 mins CSO and CISO feature Malware explained: How to prevent, detect and recover from it What are the types of malware? How does malware spread? How do you know if you’re infected? We've got answers. By Josh Fruhlinger May 03, 2024 18 mins Ransomware Phishing Malware brandpost Sponsored by Cyber NewsWire LayerX Security Raises $26M for its Browser Security Platform, Enabling Employees to Work Securely from Any Browser, Anywhere Early adoption by Fortune 100 companies worldwide, LayerX already secures more users than any other browser security solution and enables unmatched security, performance and experience By Cyber NewsWire May 02, 2024 4 mins Cyberattacks Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe