Cyber Readiness

The CFO Alliance Cyber Readiness methodology takes a simple yet innovative approach to cyber risk assessment, addressing the challenge from the perspective of security and resilence practitioners vice the traditional insurance industry approach.


Our methodology more effectively
assesses cyber risk by:

  • Recognizing the true, dynamic nature of cyber risk
  • Allowing leaders of client organizations to utilize a familiar business process (the procurement of insurance) to better manage enterprise cyber risk -not just IT-specific cyber risk-
  • Being more client-specific in assessing cyber risk
  • Increasing confidence and reducing risk for the insurer thereby creating a more reliable product for the client with fewer exclusions


How it works:

Inform assess act horizontal Inform assess act

Inform with real cyber intelligence

  • Utilize real intelligence from the real cyber domain to illuminate the client sector-specific cyber threats
  • What actors and methods are most active in the client's sector and are most likely to impact the client?

Assess specific client risk

  • An actuarial-centric approach is both antiquated and too general to effectively determine cyber risk
  • The Ridge Methodology leverages the inteligence to deliver an informed assessment that assists both the insured and insurer in recognizing client-specific cyber risk, avoiding a "check-the-box" approach that is often too standard.
    • What is the client's capability to defend against the most likely threats?
    • At a minimum, is the client compliant with any industry standards?
    • Is the client prepared to deal with comprehensive cyber risk (IT/non-IT)?

Act to reduce risk and rates

Utilizing the information from the inteligence and assessment phases, enable the client to take mitigating action, potentialy leading to stable or reduced client premiums.

  • Incentivize cyber risk reduction
  • Strengthen the capaticy of the C-Suite and Board to provide oversight