Bringing transparency to cybersecurity risk in the public markets

Get on the waiting list

Get SDP’s cybersecurity risk insights across public companies.

Security DataPoint delivers independent, data-driven insight into cybersecurity posture — a material factor across risk assessment, governance, and long-term resilience.

We believe cybersecurity risk is financial risk, and that modern markets require clearer, more comparable visibility into cyber exposure.

Security DataPoint supports informed decisions across capital allocation, partnerships, and enterprise oversight.

Frequently Asked Questions

What insights does Security DataPoint offer?

Security DataPoint delivers independent, data-driven insight into the cybersecurity posture of publicly traded companies.
By evaluating each company across six key security categories and normalizing the results to a 0–100 score, SDP provides a clear, comparable view of cyber risk across the public markets.

These insights help market participants, enterprises, and other stakeholders better understand cybersecurity exposure as part of broader risk assessment and oversight.

Why is cybersecurity an important risk factor for public companies?

Cybersecurity incidents can lead to financial loss, operational disruption, regulatory scrutiny, and lasting damage to brand trust. For public companies, these impacts can affect business continuity, governance, and market confidence.

Understanding a company’s cybersecurity posture provides additional context for assessing cyber-related risks alongside other operational and governance considerations.

 

How are SDP’s cybersecurity scores calculated?

SDP assesses publicly traded companies across six key cybersecurity and governance categories using a combination of external signals, public disclosures, and structured analysis. The scores are normalized to a 0–100 model to provide a clear, comparable view of cybersecurity risk across companies.

The resulting scores are intended as an independent data point to help contextualize cyber-related risk alongside other operational and governance factors.

Does SDP replace traditional financial analysis?

No. SDP’s data is intended to complement traditional financial and operational research by adding an independent cybersecurity risk signal. It provides additional context that can be considered alongside existing analysis, not a substitute for it.

Which exchanges, market segments, and tickers does SDP cover?

SDP provides cybersecurity risk data for companies listed on NASDAQ, NYSE, and AMEX. Current coverage includes small-cap, micro-cap, and nano-cap public companies, totaling just over 3,000 firms.

Coverage was expanded to mid-cap companies in Q1 2026 as the platform continues to scale.

SDP focuses on primary equity tickers that represent operating companies. Secondary tickers — including financial instruments, special-purpose or acquisition vehicles, and similar listings — are not included.

How can clients access SDP data?

Clients can access SDP data through APIs as well as dashboard reports. The specific delivery options and level of access depend on the selected subscription tier.

Why does SDP focus on nano- to mid-cap companies?

Larger public companies typically have more mature cybersecurity programs and greater resources to manage cyber risk. In contrast, nano-, micro-, small-, and mid-cap companies often face higher relative exposure due to leaner security teams and less standardized disclosure.

SDP focuses on these segments to provide clearer insight into cybersecurity risk where information asymmetry is highest across the public markets.