RETINA BY CYENTIA

Cyber Risk Intelligence,
Grounded in Data

We do the groundwork. You ditch the guesswork.

Let’s talk

Retina brings cyber risk into focus

Put Your Risk in Context

Without a proper grounding, risk assessments devolve into guesswork. Retina starts with a baseline analysis of historical incidents and losses among organizations of similar sector and size — so you know where you stand.

Quantify Risk With Confidence

CRQ models are only as good as the underlying data. Retina delivers empirical incident frequency and loss distributions drawn from real cyber events — credible, defensible inputs for your cyber risk quantification program.

Stay Ahead of Cyber Risk Trends

The cyber risk landscape isn't set in stone. Quarterly intelligence on changing risk factors, major cyber loss events, and evolving attack vectors keeps your risk register current — not frozen at last year's assessment.

  • "This is what mature risk management looks like."

    "Cyentia gives us the statistical foundation our quantitative models need. This elevates our entire profession from "security theater" to evidence-based risk management."
    Tony Martin-Vegue
    Author, Heatmaps to Histograms

Stop Taking Your Chances with Cyber Risk

Most organizations are playing cyber risk roulette — making high-stakes decisions on gut feel and dubious data. Every Retina deliverable is designed to change that.

  • Annual Risk Baseline report: An IRIS-derived analysis of incident frequency and loss factors for organizations in your sector and size range. The empirical foundation your cyber risk program needs to know where it stands.
  • CRQ models and estimates: Quarterly analysis of frequency and losses for common cyber risk scenarios, including modeled estimates and distribution parameters ready to feed directly into your CRQ models.
  • Key risk trends and forecasts: Quarterly analysis of how incident frequency and loss patterns are shifting over time — the forward-looking intelligence your risk program needs to stay ahead of an evolving threat landscape.
  • Extreme cyber loss events: Quarterly analysis of major incidents and extreme cyber events landing in the top 5% of reported financial losses. Essential context for managing tail-risk scenarios.
  • Buzzworthy cyber events: Rational analysis of the cyber events dominating the headlines — separating signal from noise so your team can evaluate what actually changes your risk exposure.
  • Priority ATT&CK techniques: Relative frequency and loss data for ATT&CK techniques observed in real security incidents — so your risk treatment priorities reflect actual attacker behavior, not theoretical threat models.
  • Ask the Data: Direct access to Cyentia analysts who can query our proprietary incident and loss databases to answer the specific questions your risk analyses surface. The difference between a subscription and a research partnership.

Ready for Retina? Let's talk.

We'd love to explore how Retina can lay the empirical groundwork to take the guesswork out of your cyber risk assessments. Tell us a bit about your goals, and we'll follow up about how Retina can help achieve them.

Join newsletter

Does Retina Play FAIR?

Yes. And it works with any quantitative risk methodology, not just FAIR™. The CRQ ecosystem already has capable frameworks, sound models, and useful software. What's been missing is the hard empirical data those tools actually run on. Retina fills that gap: credible incident frequency and loss magnitude distributions, calibrated to your sector and organization size, delivered without software to install, without consulting engagements to endure, and without lock-in to any platform or process.

  • "Crucial for any risk leader."

    "Cyentia delves into cyber risk, helping companies assess the frequency and severity they may face by providing industry data, averages, highs/lows and much more. This is crucial for any risk leader starting on a risk quantification journey."
    Isabelle Dumont
    Tech B2B Leader

The Research Behind Retina

The Information Risk Insights Study (IRIS) built Cyentia's reputation for rigorous, data-driven cyber risk analysis. Risk teams read it and kept asking us the same question: "Can you do this for my organization?" Retina is that answer — IRIS-quality data and methodology, focused on your sector and size rather than the broader industry.

  • One of the few reports I read cover to cover

    "I’ve always appreciated Cyentia's commitment to letting the data speak for itself. No hype, no sensationalism — just a clear-eyed attempt to map the cyber loss landscape using what’s actually observable."
    James Hanbury, cyber risk leader
Read the latest IRIS

Ready to Ditch the Guesswork?

The groundwork is done. You've seen what Retina delivers and the research it's built on. Tell us about your cyber risk program — we'll bring the data.

Let's talk