In the past, ratings of other parameters like financial suffered from lack of visibility, bias and conflict of interest. Understanding that the ecosystem requires a trusted foundation for the adoption of cybersecurity ratings, the consortium of companies, together with the US Chamber of Commerce, concluded that cybersecurity ratings need to be fair, accurate and transparent. It’s this baseline that companies need to build upon.

For these reasons, the Chamber of Commerce created principles to increase confidence in fair and accurate security ratings. Since its inception, Panorays has strongly supported these pillars.  

The Principles

The Chamber of Commerce principles include

  • Transparency
  • Dispute, correction and appeal
  • Accuracy and validation
  • Model governance
  • Independence
  • Confidentiality

The Relevance

The Chamber of Commerce principles are especially relevant to Panorays because they closely align to our solution and beliefs. 

Transparency is at the heart of Panorays. It’s why we’re called “Panorays” — shining rays, providing a panoramic clear view of the company. With that in mind, Panorays has always been transparent about how security ratings are calculated. We work closely with both evaluators and suppliers so that everyone has access to findings and fully understands their cyber risk and the steps that can be taken to improve it. 

Unfortunately, security ratings can cause friction between evaluators and suppliers, and suppliers are not aware or do not know how to dispute findings. Panorays recognized this pain point from day one, and made it a priority to lessen friction and ease collaboration and engagement. It’s for this reason that we built a platform that inherently allows for easy engagement between evaluators and suppliers, even to the point of quick messaging. Using Panorays, findings can be rapidly disputed, corrected and appealed without having the hassle of emails and phone calls. 

Panorays’ unique 360-degree view ensures that ratings are accurate and validated. Its non-invasive scan of attack surfaces checks and validates answers to customizable security questionnaires so that customers can be certain that they are getting the full picture of cybersecurity posture

To achieve a solid model governance framework, Panorays’ product team works closely with the customer success team to regularly communicate with customers about changes and upgrades to the platform and the rating model. 

We believe that for an industry to feel confident about ratings and adopt ratings methodology, ratings must be fully independent. For this reason, any organization rated by Panorays may see its rating, regardless of whether it is a customer. In addition, Panorays keeps all sensitive evaluator and supplier data confidential

If you would like more supporting documentation, please email success@panorays.com.