Cyber Risk Index (CRI)

Trend Micro and the Ponemon Institute investigate cybersecurity gaps

The Cyber Risk Index (CRI)

We teamed up with the Ponemon Institute to investigate the level of cyber risk across organizations and create a Cyber Risk Index (CRI). The CRI is a comprehensive measure of the gap between an organization's current security posture and its likelihood of being attacked. We’ll be refreshing the index every 6 months. Check back for the latest on the cybersecurity risk landscape.

Current industry average index: - 0.15
Lower CRI = Higher Risk

The index is based on a numerical scale of -10 to 10, with -10 representing the highest level of risk.

Elevated Risk
Elevated Risk

Key findings reveal the need for a better security strategy

Key findings

5 key risk areas

Top risk factors indicated by the survey’s respondents

Risk Areas

Cybersecurity challenges

We surveyed 1,039 U.S.-based IT security professionals from a wide range of industries and company sizes, and here what’s we found

Overall, small and medium businesses are at an elevated cybersecurity risk, with small businesses being the most vulnerable, and enterprises are at a moderate risk.  

8 out of 10 respondents expect to be breached in the next 12 months, exposing a critical gap in breach detection capabilities.  

The top 4 data types at highest risk of loss or theft are R&D information, trade secrets, customer accounts, and companies’ confidential information, each of which could dramatically affect the health of an organization.

Try the quick Cyber Risk Index calculator

A business with a strong cybersecurity posture can assess, protect, detect, respond to, and recover from serious threats against data, applications, and IT infrastructure.

How does your organization fare? 

Recover Threats

Assess, protect, detect, respond to, and recover from threats

Deploying a comprehensive enterprise risk management framework, such as NIST’s Cyber Security Framework, is a great start. Since each organization is different, CISOs must apply their unique formula of people + process + technology to reduce their overall risk.

At Trend Micro, we are committed to helping organizations address their security challenges through tailored and automated security solutions.