Skip to content


ORX Cyber


ORX Cyber Community

Risk programme

Risk Landscape

Report - February 2022

Over the last two years, information security, including cyber risk, has consistently been at or close to the top spot in the ORX Top Risk Reviews


There is no shortage of news regarding new cyberattacks that continue to increase in sophistication. These are executed by a wide range of potential actors looking to exploit vulnerabilities. The risk consumes a significant amount of board and management time.


Introduction to the study

Cyber continues to be a real challenge for risk managers

Discussions with the ORX Cyber community have highlighted how challenging the risk is to quantify, and therefore how difficult it is to determine an organisation’s risk exposure. This makes it tougher for organisational leaders to understand the risk and harder still to make decisions on control investment and action prioritisation.

Banks and insurers describe many contributing issues, including:

  • A shortage of data and skills
  • Impacts often being non-financial in nature
  • The complexity of the risk.

There are questions over whether traditional risk quantification techniques are appropriate and whether sufficient investment is being made to innovate.

As a result of the challenges presented by this significant risk, ORX Cyber subscribers asked us to focus on this topic. This report is the first step to help our subscribers understand and share current and leading practices and to help develop and enhance cyber risk quantification going forward.

The report is based on information collected from 30 banks and insurers through both a survey and roundtable discussions. It provides insights into current practice, outlines challenges and benefits, and summarises potential future direction for cyber risk quantification.








Gated content start

This resource was produced as part of ORX Cyber

Want to access this resource?

If your firm subscribes to ORX Cyber, log in or register to read this resource.

Log into the ORX website

Not a subscriber? Talk to us today to discuss how you could benefit from ORX Cyber.

Speak to an expert

Gated content stop


Disclaimer: ORX has prepared this resource with care and attention. ORX does not accept responsibility for any errors or omissions. ORX does not warrant the accuracy of the advice, statement or recommendations in this resource. ORX shall not be liable for any loss, expense, damage or claim arising from this resource. The content of this resource does not itself constitute a contractual agreement, and ORX accepts no obligation associated with this resource except as expressly agreed in writing. ©ORX 2024


Nikki Truss-West

Nikki Truss-West

Research Senior Manager - Cyber, ORX


Get in touch

Contact us