ORX Cyber has announced its 2024 plans and looks forward to collaborating with subscribers in the upcoming year.
The ORX Cyber team has created plans based on research topics identified through subscriber feedback. With a network of 25 firms, we share expertise, knowledge and experience to make advancements in cyber and information security risk management.
2024 Research Topics
Risk management of AI
✓ We will conclude our current piece of work on risk management of AI with a short survey, run in partnership with the Data Science Community, followed by an overview of practices and progress in this space
Future of cyber
✓ In our latest piece of thought leadership, we will provide an outlook on the future of cyber risk management, based on conversations with senior leaders across the industry. This will be published in Q2 and available for all to read.
Cyber risk quantification
✓ Building on learnings from our 2022 study, we will investigate what has changed in terms of approaches to quantifying cyber risk, and how this is providing value to organisations
DORA
✓ Following our discussions in 2022, we will revisit DORA once again, helping the ORX community to understand how the industry is progressing with this key regulation
Third party risk
✓ As regulatory pressure and interest in third parties grows, we will bring the community together to understand best practice and share experience
Connecting the ORX Cyber Community
In 2024 we will continue to provide opportunities to bring together the entire ORX Cyber Community through our working groups and events.
After our highly successful forums last year, we are excited to announce that we will host two in-person forums this year. One will be held in London on 19 June for our European subscribers, and the other will take place in North America later in 2024. Stay tuned for more information about the North American event.
“One of my personal favourite elements of the service is the network - bringing practitioners across together to share their experience and learn from their peers, and collectively working together to deliver outputs that help improve the management of cyber risk across the industry."
Nikki Truss-West, ORX Cyber Manager
Cyber Definitions Working Group (CDWG)
Our CDWG will continue to meet and discuss topics relating to cyber data, including the event data exchange, and
the Controls and Indicators Benchmark
- We will hold meetings at least quarterly, in Q1 this will be in the form of a series of 1-1 calls with subscribers
- Working with the CDWG we will continue to evolve out two data exchanges, ensuring they are providing value to subscribers, including introducing additional Insight reporting and reviewing and updating the Cyber reporting standards.
Cyber Service Working Group (CSWG)
Our CSWG will continue to meet and discuss topics relating to cyber risk management and practice
- We will hold meetings at least quarterly, arranging additional calls as needed if required for particular topics
- We will continue to be responsive to the priorities of subscribers in developing our agenda, using what we have learned in 1-1 calls, feedback from the group, and our forums to shape the work plan