Skip to content

Service

ORX Cyber

Community

ORX Cyber Community

Risk programme

Risk Landscape

Report - March 2022

This report summarises the highlights from 2021 submissions to the ORX Cyber Controls and Indicators Benchmark



The Controls and Indicator Benchmark from ORX Cyber provides invaluable insights into the controls and indicators firms are operating and how they are operating them.


Over half of the ORX Cyber service subscribers participated in the 2021 data collection cycles. Participants receive bi-annual personalised benchmark reports and the annual editorial report which further looks at trends identified by the data set.

Executive summary

The ORX Cyber Controls and Indicators Benchmark provides invaluable insights into the controls and indicators our subscribers are operating and how they are operating them.

The ORX Cyber controls benchmark is based on the NIST framework, while the indicators benchmark is ORX’s bespoke list of cyber-related indicators in operation in the industry. It has been aligned to NIST framework functions to ensure consistency of reporting and support a more holistic view of cyber risk management.

Over half of the ORX Cyber service subscribers participated in the 2021 data collection cycles. Participants receive bi-annual personalised benchmark reports and the annual editorial report which further looks at trends identified by the data set.

The benchmark is continually evolving, and as it enters its third year, we anticipate a further increase in participation, and subsequently in the value of the offering. For 2022, we have significantly enhanced the personalised benchmark reports each participant receives. This will provide an even deeper understanding of control or indicator gaps organisations have, and how controls and indicators can be more effectively used. It will also provide deeper insights into how controls and indicators are used to help manage risk.

The benchmark operates on a give-to-get basis, meaning you must participate in data collection to receive an individual benchmark. This report provides the highlights from 2021 submissions.

 

 

 

 

 

 

 

 

 

 

 

Gated content start

This resource was produced as part of ORX Cyber

Want to access this resource?

If your firm subscribes to ORX Cyber, log in or register to read this resource.

Log into the ORX website

Not a subscriber? Talk to us today to discuss how you could benefit from ORX Cyber.

Speak to an expert

Gated content stop

About the ORX Cyber Controls and Indicators Benchmark

The ORX Cyber controls benchmark is based on the NIST framework, while the indicators benchmark is ORX’s bespoke list of cyber-related indicators in operation in the industry. It has been aligned to NIST framework functions to ensure consistency of reporting and support a more holistic view of cyber risk management.

 


Disclaimer: ORX has prepared this resource with care and attention. ORX does not accept responsibility for any errors or omissions. ORX does not warrant the accuracy of the advice, statement or recommendations in this resource. ORX shall not be liable for any loss, expense, damage or claim arising from this resource. The content of this resource does not itself constitute a contractual agreement, and ORX accepts no obligation associated with this resource except as expressly agreed in writing. ©ORX 2024


Contacts:

Helen L’Abbate

Helen L’Abbate

Deputy Director - Research & Information, ORX