Cyentia Institute collaborated with Cobalt on the latest State of Pentesting Report, which was released last week. The thing I found most interesting in this edition is the organization-level performance benchmarks we derived for the first time. We measured 4 key metrics and compared them across thousands of organizations: This essentially answers “How exposed are…
Exciting news for cyber risk practitioners! Tony Martin-Vegue has joined Cyentia Institute as an Executive Fellow. What exactly does that mean? Glad you asked! Tony is widely recognized and highly regarded in the cyber risk community as a leader, analyst, and communicator. Cyentia is well-known for its groundbreaking risk research and data-driven capabilities. Just imagine…
Our analysis of probability in the IRIS 2025 focused on the likelihood of experiencing at least one security incident within a year. It’s possible, of course, for organizations to suffer more than one loss event in that timeframe, and veteran IRIS readers may recall that prior studies included a table of probabilities for at least one, two, and three incidents in a 12-month period. Those readers may be disappointed upon realizing updated tables are missing from the latest IRIS. If that describes you, this should ease your disappointment.
If you’ve ever read one of our reports and wished there was some additional firmographic slices, more detail around an analytical technique, or another version of a chart…then this is your lucky day. This is exactly the kind of content you’ll get by joining Cyentia’s new membership program. Best of all, anyone can join right now for FREE!
Gov-Sponsored Study: Cost of Cyber Attacks Climbs 15X Higher–Analysis of 15 years of historical data reveals that cybersecurity incidents are more common and costly than ever
At Cyentia, we believe great analysis attracts great analysts. Our mission has always been to bring clarity to cyber risk through data, and that mission continues to attract some of the industry’s brightest minds. Today, we’re excited to share that Jack has joined us as our newest Executive Fellow — helping us take the next…
Today marks nine years since the Cyentia Institute first launched with a simple goal: make cybersecurity data make sense. Nearly a decade later, we’re still doing exactly that—with more data, more collaborators, and more curiosity than ever. Over the past nine years, we’ve published dozens of original research studies across the cybersecurity, risk, and insurance…
Adversaries with ominous names like Volt Typhoon and Dark Scorpius dominate cybersecurity discussions, yet one critical threat is often overlooked: the everyday behaviors of people within organizations. Protect your organization in 2025 with the insights gleaned from our report with Mimecast as we challenge this oversight by examining human risk in detail, exposing how it…
When AI Gets Weird, Data Can Keep You Safer Artificial intelligence (AI) is transforming cybersecurity, creating both advanced threats and powerful defenses. Cybercriminals are using AI to craft increasingly sophisticated attacks, while organizations rely on AI-driven tools to detect, prevent, and respond to these evolving risks. This rapidly changing landscape demands not just awareness but…
Phishing remains one of the most effective weapons in a cybercriminal’s arsenal, targeting human vulnerabilities to breach organizational defenses. While it’s easy to stereotype sales teams as the “gullible” ones most prone to phishing, the reality is far more nuanced. According to Mimecast’s Exposing Human Risk report, developed in collaboration with Cyentia Institute, sales teams…