Information Risk Insights Study 2025 Inside the Shifting Threat Landscape IRIS 2025 analyzes long-term cyber incident patterns to show where risk is increasing, where it’s fading, and where new exposures may emerge. These insights help organizations move beyond headlines to understand how today’s changes translate into real-world impact. Key Findings Incidents Are Rising FastSignificant security…
IRIS Ransomware A data-driven analysis of thousands of ransomware incidents designed to replace fear and uncertainty with clear insights that help organizations strengthen their defenses. Understanding the True Impact of Ransomware Supported by CISA, this IRIS report analyzes more than 14,000 ransomware incidents from the past five years to uncover how attacks occur, how they…
Information Risk Insights Study 2022 A Decade of Cyber Risk Data Supported by CISA, the 2022 edition of the Information Risk Insights Study expands the IRIS research series with one of the most comprehensive datasets available. Examining $57 billion in reported losses and 72 billion compromised records, the study identifies the patterns, threat techniques, and…
Information Risk Insights Study, Tsunami Edition A Data-Driven Look at Cyber Risk Drawing from a dataset of 56,000 cyber events across 35,000 organizations, this research challenges traditional, subjective approaches to cyber risk assessment. By analyzing real incident frequency, breach probabilities, and financial impacts, the report provides a clearer, evidence-based view of how cyber threats affect…
Information Risk Insights Study, Xtreme Edition Inside the Most Extreme Cyber Events IRIS 20/20 Xtreme examines the 100 largest cyber incidents of the past five years, representing $18 billion in reported losses and more than 10 billion compromised records. Using enriched data from Advisen’s Cyber Loss Database, the study analyzes the actors, attack types, and…
Information Risk Insight Study 20/20 A Clearer View of Cyber Risk Built on a dataset of 56,000 cyber events across 35,000 organizations, IRIS 20/20 provides an empirical look at how often cyber incidents occur and what they truly cost. By challenging traditional, subjective risk assessment methods and introducing probabilistic models for estimating breach impact, the…