Executives clearly recognize the danger. Almost three-quarters (74%) of 168 executives recently surveyed by Harvard Business Review Analytic Services regard cyber risk as one of the top-three risks their company faces today, and 67% predict it will be a top three risk two years for now. Only half of respondents, however, say they are successful or very successful at generating insights and enabling informed decisions on cyber risk and at anticipating, preparing for, and responding to future cyber incidents.

Hyperproof conducts an annual survey to uncover the top challenges IT compliance professionals face and what issues they are focused on in the coming year. We’ve asked over 1,000 survey respondents about their pain points, IT risk and compliance budgets, staffing, risk management best practices, and much more to provide an in-depth view of the market’s current state and what to prepare for this year.

In this risk surface series, RiskRecon, a Mastercard Company, and Cyentia have worked to help third-party risk managers understand how to measure and manage risk. We’ve seen variation across industries and other slices. But not all firms are interchangeable. A payroll processor cannot be replaced with a janitorial supply company, at least not with good business outcomes! In this report, we look at what distinguishes top-performing firms from those that struggle the most. Armed with this knowledge, Third-Party Risk Management (TPRM) professionals can take into account the totality of their risk surface, and how it impacts the overall security performance of an organization

This report explores the critical distinctions between natural and cyber catastrophes, why cyber requires an entirely different approach, and how Active Insurance can mitigate cyber risk. We also provide an in-depth look at how we construct our model and explain why Coalition remains confident that cyber risk is insurable and that cyber insurance can play an essential role in the modern economy.

In the summer and fall of 2019, EY surveyed 246 global institutions that had a third-party risk management (TPRM) function in various sectors, including but not limited to, retail and commercial banking, investment banking, insurance, advanced manufacturing and mobility, technology, media and entertainment, power and utilities, and health.

For our seventh annual survey, Venminder surveyed individuals from a wide variety of organizations and industries, including financial services, fintech, retail, food services, insurance, healthcare, information technology, and more in a nice balance of different sizes ranging from less than $1B assets of less than 100 employees to more than $10B assets or more than 5,000 employees.

In its 8th edition this year, the 2023 “Open Source Security and Risk Analysis” (OSSRA) report delivers our annual in-depth look at the current state of open source security, compliance, licensing, and code quality risks in commercial software. We share these findings with the goal of helping security, legal, risk, and development team better understand the open source security and license risk landscape.

The RiskLens Cybersecurity Risk Report is designed to provide references estimate for the probability, loss, and loss exposure of common cyber events. It summarizes the findings by industry and event themes, and details how actionable variables, such as security stance and data retention management, can reduce risk exposure.

For this survey, we surveyed 426 security professionals directly responsible for managing cyber vulnerabilities in their day-to-day work. The survey was conducted online via Pollfish using organic sampling. What we found is that some organizations have effective ways to detect, respond to, and remediate their vulnerabilities, while other organizations have more blind spots than they think.

This report is based on comprehensive survey of 578 cybersecurity professionals to reveal how AWS user organizations are responding to evolving cloud security threats, and what tools and best practices cybersecurity leaders prioritize as their cloud infrastructures mature.

This report offers IT, risk management and security leaders a lens into factors that can increase or help mitigate the rising cost of data breaches. This report also examines root causes, short-term and long-term consequences of data breaches, and the mitigating factors and technologies that allow companies to limit losses.

This report dives into major security challenges, while also providing guidance for how enterprises can close the gap between what attackers see and what defenders think they’re protecting. They surveyed 398 IT and security decision-makers in the U.S. and Canada, and discovered that enterprises are struggling to keep up with a rapidly changing threat landscape due to process challenges that are overwhelming security staff.

This study leverages a vast dataset spanning over 77,000 cyber events experienced by 35,000 organizations over the last decade. This dataset is drawn from Advisen’s Cyber Loss Data, which contains over 138,000 cyber events collected from publicly verifiable sources.

This report summarizes our findings and provides a resource for benchmarking an organization’s approach to risk oversight against current practices. In addition to highlighting key findings for the full sample of 560 respondents, we also separately report many of the key findings for the following subgroups of respondents: 152 large organizations (those with revenues greater than $1 billion), 129 publicly traded companies, 151 financial services entities and 156 not-for-profit organizations.

The goal of the study was to provide a state-of-the-market on third-party risk with actionable recommendations that organizations can take to grow and mature their programs across every stage of the third-party risk lifecycle.

Between February and March 2022, Prevalent conducted a study on current trends, challenges and initiatives impacting third-party risk management (TPRM) practitioners worldwide.

This free public report from the Cyentia IRIS Risk Retina series clears away the fog of FUD, providing parameters for frequency and loss of publicly discoverable cyberevents in the nonprofit sector.

This report is based on an annual survey of boards of directors and C-suite executives about risks on the horizon for the upcoming year. It highlights top risks of immediate concern on the minds of executives for this year - 2021 - and for the long-term - 2030.

Using RiskRecon’s assessment information, explanatory models are built to demonstrate the value of technical information in predicting measures of risk at varying levels of greater technical insight.

This report provides the results of the third study the ACFE has done on the fight against fraud in the wake of COVID-19. It aims to help educate organizational leadership and staff, as well as the general public, so that it is better understood where fraud is going in the wake of COVID-19.

A deep dive into the nature of the finance sector’s public risk surface. Reviewing subsectors of the finance ecosystem, including supply chains.