What is R-Score & Why Your Organization Needs to Understand It

Former head of U.S. Cybersecurity, Chris Krebs, recently cautioned that digital experts are fighting a “pandemic of a different variety” as ransomware attacks across the country increase. Ransomware attacks were up 150% in 2020 versus the previous year, with the amount paid by victims up 300%.

Ronald van Loon is a HYCU partner and is applying his analyst experience to explore the growing threat of ransomware and how companies can protect themselves.

Ransomware is a type of malware deployed by malicious actors to break into a company’s system, encrypt their data, and demand a ransom in exchange for the encryption key. These attacks are a trend emerging from digital acceleration, cybersecurity vulnerabilities surrounding digital infrastructures, growing adoption of instant and faster payment channels, and geopolitical factors, among others.

Every modern business is vulnerable to ransomware attacks, which is why IT and security executives need to understand their organization’s R-Score.

Everything You Need to Know About R-Score

Organizations must prepare for a ransomware attack and understand what steps they can take to defend their data and recover from a potential attack. While cybersecurity software adoption is accelerating and the majority of organizations have already implemented cybersecurity software, ransomware can bypass defenses. Private businesses and government entities alike need to have recovery solutions in place and quantify the efficacy of their solutions.

What is R-Score?

R-Score, or Ransomware Recovery Score, is an assessment tool developed in collaboration with cybersecurity leaders and experts that enables organizations to evaluate their capacity to recover from a ransomware attack. The online tool, which is offered as a free public service, generates a score between 0 – 1,000 based on a simple, comprehensive survey. Additionally, the user will obtain suggested steps that they can take to boost their general score. In order for the score to provide an accurate assessment, it’s ideal that a knowledgeable individual, such as an IT manager or CTO for example, provides the survey answers.

Businesses of all sizes and complexities, and in any industry, can use R-Score as a framework to rapidly ascertain their risk and get insights to assist them in taking action to enhance their risk profile.

The value in understanding your R-Score.

Recent ransomware attacks are continuous and indiscriminate; as a vital data protection metric, R-Score can help organizations better safeguard sensitive personal data from both employees and customers, business operations, intellectual property, and other proprietary data. The R-Score enables senior executives and information security teams to gain key insights into their overall recovery preparedness, and pinpoint vulnerable areas in their data protection and recovery capabilities so they can take strategic measures to strengthen their IT environment and prioritize areas that need attention and improvement.

By frequently checking their R-Score, organizations can develop a cyber resilience infrastructure based on specific strengths and weaknesses in their recovery capabilities, and evolve them alongside changing a threat landscape, new technology developments, and emerging recovery processes.

Key Factors in Ransomware Recovery Readiness

Numerous elements impact a business’s ransomware recovery readiness, and these can help organizations identify the correlation between where their current protection strategy resides, and where it can be optimized.

The R-Score accounts for these core factors by assessing the following areas:

  • Backup process: How well the organization’s service level objectives (SLOs) connect to their existing backup practices, such as backup storage locations.
  • Backup infrastructure: Evaluates backup server configuration, protection, management, and recovery, as well as backup agent requirements.
  • Security and networking: Includes identity access and management (IAM) and network segmentation practices.
  • Restore processes: Explores how often the organization verifies backups, restores, and their reliance on particular hypervisors or storage arrays.
  • Disaster recovery (DR): Examines if the organization has a DR plan, the available sites for DR, and DR configuration prerequisites.

Be Proactive About Your R-Score

Ransomware threats present monumental, widespread risks to data security. R-Score is an organic approach to bringing awareness to the potential vulnerabilities in the ability to recover from an attack and an opportunity to build more robust defenses. You can determine your R-Score at https://www.getrscore.org/ and get more information about protecting your data and mission-critical workloads.

By Ronald van Loon

Peter Tsai

Infrastructure-as-a-Service Security Responsibilities

Infrastructure-as-a-Service Updated: 11.19.2020 What is IaaS? Infrastructure as a Service (IaaS) allows you to rent computing resources from a third party that you then access through the web. You essentially outsource having to set up ...
The Top 20 Machine Learning Startups To Watch In 2021

The Top 20 Machine Learning Startups To Watch In 2021

Machine Learning Startups There are a record number of 9,977 machine learning startups and companies in Crunchbase today, an 8.2% increase over the 9,216 startups listed in 2020 and a 14.6% increase over the 8,705 ...
Ronald van Loon

Getting Future Ready with a Modernized Hybrid Cloud Environment

Getting Future Ready Hybrid cloud is the foundation in which modernized organizations are built, and organizations need a modern platform and infrastructure to get the most out of their hybrid cloud environments. Organizations need to ...
Willie Cash

How leveraging cloud assessments enhances Microsoft 365 for ITSPs

Enhancing Microsoft 365 for ITSPs Microsoft 365 is growing, and so are the opportunities to add value to companies that leverage the cloud service. Last year, Microsoft reported that Office 365 has 258 million monthly ...
Martin Mendelsohn

How Will COVID-19 Impact Security Talent?

New Security Talent As we emerge from the era of COVID-19, unemployment will recede, and new jobs will be created more rapidly than jobs were lost between March and May of this year. We’re already ...


The CloudTweaks technology lists will include updated resources to leading services from around the globe. Examples include leading IT Monitoring Services, Bootcamps, VPNs, CDNs, Reseller Programs and much more...

  • Smartproxy


    Smartproxy is a rising star in the constantly growing proxy market. Smartproxy offers awarded customer service, impressive performance, and is serious about your anonymity (yes, cybersecurity matters). The latest features developed by Smartproxy are 30 minute long sticky sessions and Google Proxies. Rumor has it, the latter guarantee 100% success rate

  • Bright Data

    Bright Data

    Bright Data’s network is one of the most robust of its kind globally. Here are its stark advantages: Extremely stable connection for long sessions (99.99% uptime guaranteed). Free to integrate with our Proxy Manager which allows you to define custom rules for optimized results. Send unlimited concurrent requests increasing speed, cost-effectiveness, and overall efficiency.

  • Rsocks


    RSocks team offers a huge amount of residential plans which were developed for plenty of tasks and, most importantly, has been proved to be quite efficient. Such variety has been created on purpose to let everyone choose a plan for a reasonable price, online, rotation and other parameters.

  • Storm Proxies

    Storm Proxies

    Storm Proxies' network is optimized for high performance and fast multi-threaded tools. You get unlimited bandwidth. No hidden costs, no limits on bandwidth. Try Storm Proxies 100% Risk Free. If you are not happy with the service email us within 24 hours of purchase and we will refund you.