The Cybernews research team analysed 466 companies on the Fortune 500 list. Thirty-four companies could not be analysed to evaluate an organization's cybersecurity posture. The report evaluates risk across seven key areas: software patching, web application security, email security, system reputation, SSL Configuration, system hosting, and data breach history.
Below is detailed data collected from multiple sources, including IOT search engines, IP and Domain name reputation databases, and custom scanners, that show Fortune 500 companies' digital security posture.
Only 9% of construction and engineering companies received an A grade.
Although the biggest U.S. companies by revenue are responsible for sensitive customer data, the results show they have major shortcomings in corporate customer data security.
According to the index, which grades businesses based on their online security measures, 84% of Fortune 500 companies scored D or worse, with 43% falling into the F category. Only 6% of analysed organizations earned an A rating for security measures.
The Construction and Engineering category is also vulnerable, with 45% of the scored companies receiving a D rating and 27% an F rating. Only 9% of the companies analysed in this category category from Fortune 500 achieved an A grade. Overall, this sector received an average security score of 71.
The second-biggest category behind finance and insurance companies, with 88 companies, is Manufacturing. This category's average security score is 65. According to The Business Digital Index, 81% of companies analysed received a security rating of D or worse, with 53% falling into the F category. Only 3% of companies earned an A rating for their security measures.
