Harvard Survey Finds FAIR Top Cyber Risk Quantification Choice

PwC Report on Cyber Risk Quantification Usage - DetailRecent surveys of business executives and board members by Harvard Business Review Analytics and PwC give evidence that the movement to cyber risk quantification and FAIR™ is growing, if from a small base:

  • Harvard found FAIR to be the most popular choice for quantification methodology, in use at 9% of survey respondents with over 10,000 employees and 17% with under 10,000 employees (also a sign that FAIR isn't just for big companies).
  • 77% of those surveyed for PwC’s Global Digital Trust Insights 2021 said that they are starting to use some form of risk quantification or plan to – with the big triggers a need to improve cyber risk management and to prioritize cybersecurity spend.

Read PwC’s report on the surveys.

Among organizations running risk management with cyber risk quantification, top use cases were: 

  • 55% - Continuously evaluate our risk landscape and priorities against changing business objectives
  • 46% - Help evaluate and communicate risks in line with a defined risk tolerance
  • 36% - Identify and justify improvements to, or transformation in, protective capabilities
  • 34% - Measure and compare various threats and risk events on an apples-to-apples basis 

“The two major triggers for quantifying cyber risk are the need to improve cyber risk management and to prioritize (and justify) cyber spend,” PwC found. “The current gaps in these areas are glaring.” Less than half of those surveyed were satisfied with their cyber risk management:  

  • 42% have strong confidence in their ability to adjust cyber investments to match changes in the risk landscape or in business priorities. 
  • 45% in the PwC survey were very confident that their cyber spend is allocated to the most significant risks. 
  • 42% were very confident that cybersecurity spending can be justified for return on investment (ROI).

“As more companies quantify cyber risks with the speed and sophistication that decision-makers need, we should see improvements beyond the current state,” PwC predicted. 


Download 'Understanding Cyber Risk Quantification: The Buyer’s Guide' by Jack Jones

Meet a Member: Jason Ha of PwC, Chair of the New FAIR Chapter in Melbourne

Learn How FAIR Can Help You Make Better Business Decisions

Order today
image 37