Cyber Risk-Reporting Service
Financial Insights Delivering Better Cyber-Risk Decisions
The X-Analytics Cyber Risk-Reporting Service brought to you by NACD is an annual subscription that provides quarterly Board reports highlighting the financial exposure attributed to an organization’s cyber-risk leveraging the same analytics used by leaders within the cyber insurance industry. The reports detail the following:
- An organization’s overall financial exposure to cyber-risks and cyberattacks,
- A view of the cyber threats most likely to cause financial losses to a business,
- Insights on the cyber controls most effective in mitigating financial losses, and
- Insights on cyber-risk transfer/cyber insurance, including ”stress testing” existing policies across of range of potential cyber incidents.
NACD has partnered with Secure Systems Innovation Corporation (SSIC), the innovators behind X-Analytics, to refer this service to NACD members. The X-Analytics team includes experienced subject matter experts in cyber-risk management, corporate governance, and regulatory compliance across multiple industry sectors.
- Quarterly discussion with your designated representative to collect basic company information (i.e., nature of business operations, geographical operating regions, employee headcount) and material business changes (for quarterly updates).
- The Cyber-Risk Advisory team prepares and delivers a tailored financial cyber-risk analytics report based on the findings of the quarterly discussion and changes in the evolving cyber-risk landscape.
- Converts the highly technical nature of cyber-risk into easy-to-understand business metrics to support effective cyber-risk board oversight: Incorporate financial cyber-risk analysis to elevate cyber-risk governance including materiality analysis supporting current and emerging regulatory requirements.
- Provides prioritized cyber-risk mitigation guidance and trend analysis: Establish prioritized risk mitigation plans to reduce business and financial exposure to cyberattacks.
- Provides a framework and supporting analysis for quarterly cyber-risk oversight: Transform technical security conversations into effective board oversight discussions. Establish metrics and measure progress over time.
- Demonstrates strategic commitment to effective cyber-risk oversight: The NACD Cyber-Risk Advisory Service leverages key principles outlined in the NACD Director's Handbook on Cyber-Risk Oversight.
The services described above are created, produced, and delivered by SSIC. NACD is not responsible for the report(s) or the associated services.