Kovrr and SANS Institute released their joint survey that reveals enterprise motivation and impact of cyber risk quantification (CRQ) in the modern cybersecurity landscape. CRQ helps businesses evaluate the potential financial impact of cyber events on an organization and is becoming an increasingly critical part of risk management programs.
The survey found that over 75% of security professionals employ CRQ or plan to in the next 18 months. Primary CRQ use cases include cyber budget allocation (72.4%), board reporting and governance (70.7%), cyber insurance and risk transfer options (67.2%), M&A cyber due diligence (27.6%) and for capital reserve and management strategy (17.2%). Regulatory compliance, reducing incidents and breaches, and keeping up with the evolving threat landscape were the most significant drivers.