Skip to content

White paper identifies top priorities for cyber risk management


A new white paper from ORX Cyber has identified financial firms' top priorities for cyber risk management.

Understanding the direction of travel for cyber risk management

Cybercrime and technology are at the top of the agenda for financial institutions around the world. As organisations transform – digitalising customer journeys, introducing new technologies and more – the threats posed by cyber continue to grow.

To help firms face this challenge, the ORX Cyber team interviewed 30+ senior cyber risk leaders from 16 financial organisations to gather an industry view of cyber risk management for this white paper. The discussions covered the challenges faced by these leaders and their priorities for the next 12 to 18 months.


“It is now inevitable that organisations will experience a cyber event. The time is right to review the state of play in cyber risk management...This paper looks at the industry landscape today through a cyber risk lens, and then considers the priorities identified by senior leaders that will collectively drive a strengthening of cyber risk management practices across the industry.”

Faster & safer: Priorities for cyber risk management


8 key cyber risk management priorities identified

These conversations helped us identify eight key industry priorities that, if implemented, will strengthen cyber risk management and measurement.

Top priorities

1. Move to data-driven cyber risk management  

There was consensus that data and metrics need to improve to achieve data-centric risk management, using both internal and external data to drive the correct decisions and actions.

2. Scale use of technology to support business transformation  

New technology must be deployed to enhance risk-management activities and maintain the pace of change. 

3. Identify gaps and blind spots to gain visibility of the end-to-end risk exposure 

Providing a group or enterprise level end-to-end view of risk exposure, in a language that the business understands is a priority, and includes identifying gaps and blind spots to gain full visibility

4. Manage third party reliance and complexity more effectively  

Third and “nth” party risk in the context of cyber is an increasing priority. Given the need for partners, and the complexity of supply chains, organisations need to better understand, map, and mitigate the vulnerabilities that come with this.

Download the free white paper to read all eight priorities, and the other insights from our interviews. The paper also looks at the factors impacting cyber risk and the progress financial organisations have made managing them to date.

Download the white paper


Join a global community of cyber risk managers

Find out more about ORX Cyber to see how we can support cyber and information security risk management at your organisation.