Board Advisory Services
Cyber-Risk Reporting Services
The X-Analytics Cyber Risk-Reporting Service brought to you by NACD is an annual subscription that provides quarterly board reports highlighting the financial exposure attributable to an organization’s cyber risk, leveraging the same analytics used by leaders within the cyber insurance industry.
The reports detail the following:
- An organization’s overall financial exposure to cyber risks and cyberattacks
- A view of the cyber threats most likely to cause financial losses to a business
- Insights on the cyber controls most effective in mitigating financial losses
- Insights on cyber risk transfer/cyber insurance, including ”stress testing” existing policies across of range of potential cyber incidents
NACD has partnered with Secure Systems Innovation Corporation (SSIC), the innovators behind X-Analytics, to refer this service to NACD members. The X-Analytics team includes experienced subject-matter experts in cyber-risk management, corporate governance, and regulatory compliance across multiple industry sectors.
We’re using the [X-Analytics] report to give us context to the financial exposure from cyber risk beyond what we were getting with maturity and compliance scores.
—Chair of the Audit Committee for a regional major bank
[X-Analytics] presents cyber exposure the way I want to see it — in financial terms, and provides me the insights I need to provide better guidance to management.
—Director for a public bank, public healthcare system, and a public financial services/investment firm
For the first time, this new [X-Analytics] reporting provides me with something actionable. It shows you’re aligning your cyber strategy with the priorities of the business.
CEO at public high tech company
(to their CISO)
- Quarterly discussion with your designated representative to collect basic company information (i.e., nature of business operations, geographical operating regions, employee headcount) and material business changes (for quarterly updates)
- The Cyber-Risk Advisory team prepares and delivers a tailored financial cyber-risk analytics report based on the findings of the quarterly discussion and changes in the evolving cyber-risk landscape
- Converts the highly technical nature of cyber-risk into easy-to-understand business metrics to support effective cyber-risk board oversight: Incorporate financial cyber-risk analysis to elevate your cyber-risk governance including materiality analysis supporting current and emerging regulatory requirements.
- Provides prioritized cyber-risk mitigation guidance and trend analysis: Establish prioritized risk mitigation plans to reduce business and financial exposure to cyberattacks.
- Provides a framework and supporting analysis for quarterly cyber-risk oversight: Transform technical security conversations into effective board oversight discussions. Establish metrics and measure progress over time.
- Demonstrates strategic commitment to effective cyber-risk oversight: The NACD Cyber-Risk Advisory Service leverages key principles outlined in the NACD Director's Handbook on Cyber-Risk Oversight.