Looking out across the sweep of cyber incidents in 2022, attackers spared no industry, sector or organization, no matter how sophisticated. A technology leader like Uber was compromised (reportedly by a 16-year-old from the Lapsus$ gang) along with technology-poor institutions like the Jackson County, MI, Intermediate School District, closed for days by ransomware.
Risk themes continued to evolve in insidiously creative ways, from Insider Misuse (Meta employees were revealed to be ransoming Facebook and Instagram accounts) to ransomware (not just double but triple extortion) to business email compromise (adding voicemail compromise with deep fakes).
Facing this whirl of bad news, cybersecurity defenders, risk managers and business leaders need, more than ever, clarity about their risk landscape and risk posture to guide their actions. At RiskLens, we believe that clarity comes through cyber risk quantification (CRQ). In other words, understanding cyber risk in business terms — dollars and cents — and prioritizing what matters most. To hit that goal requires a transparent, proven risk model and carefully curated cyber risk data. We based this 2023 Cybersecurity
Risk Report on Factor Analysis of Information Risk (FAIRTM), the international standard for cyber risk quantification (CRQ), and extensive research by the RiskLens Data Science team. We invite you to dig down into this report to discover the most relevant cyber risk data for your organization and benchmark your performance against peers in your industry and others.
