The Importance of Business Security Risk Evaluation

How exposed are the businesses your clients invest in to a data breach?

Get a free, no obligation 1 hour consultation with our experts.


The average drop in a company's stock price after a security breach.


The chance of a second security breach.


The average per capita cost per lost record.


The number of records exposed in 2017.

Why Business Security Risk Evaluation (BSRE) is Necessary

Because the main job of your organization is to evaluate the potential growth of companies' stock prices, your due diligence rightly focuses on their financial strength and the ability to dominate their markets. But, what about the potential impact of a security breach on predicted value? These types of attacks can negatively impact stock values. On average, a company that suffers a security breach will see a 5% drop in their stock prices. While companies can eventually recover, their stock value will fall behind competitors for years after the breach. Our Business Security Risk Evaluation provides the missing element of your due diligence by exposing the security vulnerabilities of the firms that you are considering for your investments.

Read our in depth white paper on the risk of investing in an unsecured company.

Get the White Paper

Our Proven Processes for Closing the Risk Assessment Gap

BSC has a proven process for determining an organization's security risk that is based on the most widely-accepted risk evaluation criteria as well as solid objective evidence that fully supports our conclusions.

Our tried and true approach consists of the following:

  • Profile the Target's Sensitive Information

    We will identify, qualify and quantify the target’s sensitive information.

  • Assess the Target's Current Security Controls

    We use the current version of NIST SP 800-53, the most widely accepted source of authority for security control requirements, to gain access to the target’s security controls.

  • Evaluate the Target's Risk of a Security Incident

    We will capture objective evidence to support scoring of the target for each of the three security objectives:

  • Confidentiality

  • Integrity

  • Availability

  • Independence

    We work for you, not the target organization.

  • Objective Evidence

    We base all findings (positive, negative, or not-applicable) on official documents and other material to ensure that objective evidence supports all of our findings.

  • Minimum Interference

    Our process and extensive resources enable maximum preparation prior to the on-site assessment, minimizing interference with the target organization.

  • Continuing Support

    We can monitor the target’s progress towards mitigating their security risks and can even provide a follow-up assessment that identifies any improvements they have made.

The Valuable Services We Provide

Server Room in datacenter

Why Choose BSC Systems

During our 10 years of applying and refining our tried and true Business Security Risk Evaluation process, no organization has ever refuted our findings. We accomplish our evaluations at a reasonable, predictable cost with minimum interference to ongoing operations — yours or the targets.

For more information on BSC Systems and the other services we provide, click here. Or, download our free White Paper for more in-depth information about the importance of Business Security Risk Evaluation and to read more about our process. To get your free, no obligation 1 hour consultation with our experts, just fill out the form.