ICS Value, January 2013 = 1599.2 (Base = 1000, March 2011)


The Index of Cyber Security is a measure of risk. A higher index value indicates a perception of increasing risk, while a lower index value indicates the opposite.



Introduction - January 2013

The Index of Cyber Security rose by 2.1% over the previous month, largely due to increased phishing and social engineering based attacks, a worsening of the public perception of the state of cybersecurity, and an increse in the risk from attacks on web facing applications.

Key findings

The top sub-indices for the Index did not change, neither did their relative positions.

  • Risk from counterparties, ie the risk from information compromise as a result of sharing information with insecure third parties (counterparties, vendors, partners etc), was rated as the top risk by our respondents.
  • The activist-hacktivist threat was rated the number two risk by our respondents.
  • Public perception of the state of cyber insecurity was rated as the third worst perception in the minds of security practitioners.
  • Respondents reported continued improvements in information sharing by firms in their industry.

All risk indicators except that for information sharing were up when compared to the previous month.

Detailed report

As before, in the coming days, we will share with our respondents the detailed report from this survey, outlining each of the component sub-indices that constitute the aggregate index. We continue to expand our respondent base each month and are looking for qualified referrals to security practitioners. If you would like to participate in this project, or know of someone who might be a valuable contributor to this effort, please do let us know. Our contact information is available under the 'Contacts' tab on this website.