Latest CRAE Index Highlights ‘Devastating’ Impact of Data Breaches

Published on
June 17, 2021

Quarterly tracker shows organizations centralizing their cybersecurity strategies and increasing their focus on external partners

New York, NY, June 17, 2021 – Organizations suffered extensive damage from cybersecurity breaches in the first quarter of 2021, including data losses and system outages, prompting additional efforts to centralize security strategies and improve coordination with external partners, according to the latest Cybersecurity ResourceAllocation and Efficacy (CRAE) Index.

First quarter data also shows greater awareness among cybersecurity and IT professionals about the threats targeting networks and data; however, they acknowledge that ongoing efforts to secure IT infrastructure have not been sufficient. Fallout from breaches, particularly financial losses and operational shutdowns, pushed organizations to develop holistic security strategies that integrate third-party partners and suppliers and more effectively align internal resources.

The CRAE index, developed and published by the CyberRisk Alliance Business Intelligence unit and underwritten by Ivanti, reports on the overall focus and direction of organizations’ cybersecurity activities, spending, and perceived progress over time. Data is derived fromquarterly surveys among 300 business, IT, and cybersecurity professionals at organizations with at least 500 employees in manufacturing, high tech/business services, financial services, and healthcare industries in North America and Europe.

The latest report shows that new security investments and employee cybersecurity training have not been enough to ward off persistent threats. “Major breaches of data security have made the impact of incidents on our business devastating,” according to one respondent.In response, more organizations are adopting centralized, comprehensive approaches, such as internal “centers of excellence” that are responsible for developing and implementing overall security strategy and structure.

For more detail about how organizations are reacting to breaches, including their management of third-party risks, click here to view or download the full report.

About CyberRisk Alliance

CyberRisk Alliance (CRA) is a business intelligence company serving the high growth, rapidly evolving cybersecurity community with a diversified portfolio of services that inform, educate, build community and inspire an efficient marketplace. Our trusted information leverages a unique network of journalists, analysts and influencers, policymakers and practitioners. CRA’s brands include SC Media, Security Weekly, InfoSec World, CybersecurityCollaboration Forum, our research unit CRA Business Intelligence, and the peer-to-peerCISO membership network, Cybersecurity Collaborative. More information is available at

We're Here to Help

From news, analysis, and insight, to events, communities, custom content and marketing solutions, the CyberRisk Alliance portfolio provides support to the entire cybersecurity ecosystem. We'd love to help support your goals.