Cyber Risk-Reporting Service

Financial Insights Delivering Better Cyber-Risk Decisions

The X-Analytics Cyber Risk-Reporting Service brought to you by NACD is an annual subscription that provides quarterly Board reports highlighting the financial exposure attributed to an organization’s cyber-risk leveraging the same analytics used by leaders within the cyber insurance industry. The reports detail the following:

• An organization’s overall financial exposure to cyber-risks and cyberattacks,
• A view of the cyber threats most likely to cause financial losses to a business,
• Insights on the cyber controls most effective in mitigating financial losses, and
• Insights on cyber-risk transfer/cyber insurance, including ”stress testing” existing policies across of range of potential cyber incidents.

Advisory Team

NACD has partnered with Secure Systems Innovation Corporation (SSIC), the innovators behind X-Analytics, to refer this service to NACD members. The X-Analytics team includes experienced subject matter experts in cyber-risk management, corporate governance, and regulatory compliance across multiple industry sectors.

Service Overview

• Quarterly discussion with your designated representative to collect basic company information (i.e., nature of business operations, geographical operating regions, employee headcount) and material business changes (for quarterly updates).
• The Cyber-Risk Advisory team prepares and delivers a tailored financial cyber-risk analytics report based on the findings of the quarterly discussion and changes in the evolving cyber-risk landscape.

Benefits

• Converts the highly technical nature of cyber-risk into easy-to-understand business metrics to support effective cyber-risk board oversight: Incorporate financial cyber-risk analysis to elevate cyber-risk governance including materiality analysis supporting current and emerging regulatory requirements.
• Provides prioritized cyber-risk mitigation guidance and trend analysis: Establish prioritized risk mitigation plans to reduce business and financial exposure to cyberattacks.
• Provides a framework and supporting analysis for quarterly cyber-risk oversight: Transform technical security conversations into effective board oversight discussions. Establish metrics and measure progress over time.
• Demonstrates strategic commitment to effective cyber-risk oversight: The NACD Cyber-Risk Advisory Service leverages key principles outlined in the NACD Director's Handbook on Cyber-Risk Oversight.

Disclaimer:
The services described above are created, produced, and delivered by SSIC. NACD is not responsible for the report(s) or the associated services.