Unveiling the IRIS 2022

The new Information Risk Insights Study has arrived!

Since its original release in 2020, the Information Risk Insights Study has expanded upon its extensive analysis of a huge historical dataset in the IRIS series, shining light on topics like extreme loss events and massive multi-party incidents.

Now, thanks to sponsorship from the Cybersecurity & Infrastructure Security Agency (CISA), the IRIS is back – bigger and better than ever for a 2022 update and expansion. The new study analyzes 77,000 cyber events, $57 billion in reported losses, and 72 billion compromised records. We explore common patterns among those events and identify threat techniques that contributed to their success.

Download

Additional Information Risk Insights Study Publications

Cyber risk quantification has been plagued by FUD (fear, uncertainty, and doubt) for far too long and our research series, the Information Risk Insights Study, is dedicated to clearing away these fears by leveraging real-world data and rigorous analysis focused on key aspects and challenges of managing cyber risk. We’re incredibly grateful to our partners and sponsors for making the research possible.