This white paper provides an analysis of Risk Management and overcoming uncertainty.

This study prepared by the Cyentia Institute breaks down walls between cybersecurity leaders and Boards of Direc- tors. Data is often said to be the lifeblood of the company; yet, there is immense frustration at how risks to that information are measured, mitigated, and communicated across the enterprise. As the financial, regulatory, and legal stakes of data breaches and disruptions rise, leaders at all levels must come together to protect and further the business.

Based on a 2015 survey of more than 100 major Canadian organizations across all major sectors, this paper sets out to prove that with additional focus, investment, and increased maturity, not all breaches need to be the size or have the impact that we have seen recently reported.

This paper sets out to reveal if IT data reported to boards of directors, enables them to make good decisions.

This is a handy guide to fraud protection management.

From the report, “The perpetually expanding volume and propagation of the unstructured data being stored and used by organizations is making information increasingly difficult to secure. Security and risk management leaders who implement data classification technologies will greatly enhance their chances of success.”

This paper examines the life of those in the cybersecurity profession, and seeks to provide answers to the high turnover rate in the field.

Research by McKinsey and the World Economic Forum points to a widening range of technology vulnerabilities and potentially huge losses in value tied to innovation.

A key takeaway from this research is that accountability for managing third party risk is dispersed throughout the organization. Not having one person or function with ownership of the risk is a serious barrier to achieving an effective third part risk management program.

The 360° Cyber Risk Survey Report provides rich benchmarked data, informed analysis, and actionable best practices to help middle-market organizations, senior leaders, and boards of directors obtain a better understanding of the operational and financial impacts of cyber risks. In today’s ever-changing cyber threat landscape, knowing how your organization stacks up against others is key in the fight to stay ahead of the next threat.

This report lays out a new strategy for addressing cybersecurity issues.

The CRO Forum looked into the issues around cyber resilience in the paper it published in 2014. In this paper, cyber risk was defined as the risk of doing business in the cyber environment. This paper builds on the 2014 paper to focus on how to address the challenges around the collection of data to support improved cyber resilience.

This paper was written to help Enterprises prioritize cyber security activities in real time based on potential financial loss.

This paper was written to understand understand how organizations qualify and quantify the financial risk to their tangible and intangible assets in the event of a network privacy or security incident.

The data presented here illustrates an escalating and dangerous game of cyber security “cat and mouse.” Cyber- adversaries continue to develop creative tactics, techniques, and procedures (TTPs) for attacks. Recognizing the risk, large and small organizations are prioritizing and investing in cyber security defenses and oversight.

Lloyd’s City Risk Index 2015-2025, shows that trillions of dollars are at risk from manmade and natural disasters – disasters that have occurred in the past and are likely to do so again in the future. The nature of these threats is changing too. Certain extreme weather events linked to climate change are increasing in severity and frequency. Manmade threats, such as cyber attack and market crash, are increasingly significant as companies expand into new markets and territories.

This report details the changes that have taken place in Board governance. It discusses the impact these changes have on security and risk issues in business.

This report includes insights and recommendations intended to help organi- zations and their security, risk, legal, and development teams better understand the open source security and license risk landscape as they strive to improve their application risk management processes.

The aim of this paper is to establish a database on studies, articles and working papers on cyber risk and cyber risk insurance.Based on this, we provide insurance practitioners and academics a high-level overview of the main research topics and future research directions in the field.

This paper lays out the 5 steps necessary for the foundation of an effective cyber risk management program.

From the report, “While I call this document a ‘getting started guide,’ regardless of your program’s maturity I think you’ll find some helpful hints regarding the people, process, and technology that can elevate your mobile app security program to the next level.”