The IRIS 20/20 Xtreme is a follow-up to the IRIS 20/20 study earlier this year, this time focusing on the 100 largest cyber incidents of the last five years, totaling $18 billion in reported losses and 10 billion compromised records. (more available)

A survey-driven report of over 150 third-party risk practitioners to understand the challenges facing their programs, the actions those professionals are taking to address the challenges, and identify success factors. (more available)

Using breach information from Advisen, this report seeks to fill in missing gaps in the loss frequency and impact side of quantitative risk analysis. (more available)

Using breach data from Advisen, this report defines ripple effects of breaches as the impacts on companies more than one degree of separation from the company directly affected by the breach. (more available)

The Cisco 2018 Privacy Maturity Benchmark Study was created in conjunction with Cisco’s Annual Cybersecurity Benchmark Study, a double-blind survey completed by more than 3600 security professional in 25 countries and across all major industries. (more available)

To determine real-world costs posed by DDoS attacks in 2014, Incapsula commissioned a survey to gauge real organizations’ experiences with them. (more available)

The purpose of the research, in this report, is to understand how organizations qualify and quantify the financial risk to their tangible and intangible assets in the event of a network privacy or security incident. (more available)

This study claims to be the first systematic discussion of potential risk transfer options for cyber risks. They compare several risk transfer options, including insurance, reinsurance and alternative risk transfer. (more available)

Today’s threat landscape is rapidly evolving, which means it is simply not enough for organizations to roll out an annual security training program and then pat themselves on the back for a job well done. (more available)