Cybersecurity defense gap analysis

Cybersecurity's Crystal Ball: Predicting Risks with Peer Data

Samir D’Costa in Tech & Innovation December 2025 • 4 min read.

"Unlock the secrets to better cybersecurity by benchmarking your defenses against industry peers and forecasting future threats."

For years, organizations have grappled with fundamental cybersecurity questions: What's our estimated risk exposure? How do our defenses stack up against others in our industry? The challenge has always been accessing the necessary data, as security incidents, posture, and losses are often considered too sensitive to share. But what if there was a way to unlock this critical information while preserving confidentiality?

Privacy-enhancing technologies (PETs), particularly cryptographic computing, are changing the game. These technologies enable the secure computation of aggregate cyber risk metrics from a group of organizations without revealing sensitive individual data. This creates a powerful opportunity to benchmark security performance and develop more reliable risk models.

This article explores a new framework for benchmarking cyber posture against peers and estimating cyber risk within specific economic sectors, leveraging the insights derived from secure computations. We delve into the 'Defense Gap Index,' a novel variable that represents the weighted security gap between an organization and its peers, and how it can be used to forecast an organization's security risk based on historical industry data.

Decoding the Defense Gap Index: Bridging Security Differences

The core of this new framework lies in the 'Defense Gap Index' (DGI). This index quantifies how a company's security posture deviates from the average of its peer group, using historical industry data. Here's how it works:

Data Aggregation: Organizations securely share data on security posture (e.g., implementation of specific controls), incident frequencies, and financial losses through cryptographic computing.

Weighting Controls: Assign weights to specific security controls based on their impact on reducing financial losses, as reported by the peer group.
Calculating Deviations: Determine how an organization's implementation of each control deviates from the peer group average.
Index Calculation: Combine the control weights and deviations to calculate the DGI, representing the organization's overall security gap.

The DGI then acts as a multiplier in a standard cyber risk model (PLG=R, where P = Probability of an incident, L = Average Loss, G = Defense Gap Index, and R = Risk). A DGI greater than 1 indicates a weaker security posture compared to peers, increasing the forecasted risk, while a DGI less than 1 suggests a stronger posture and reduced risk.

Turning Data into Actionable Insights

This framework marks a significant step forward in cybersecurity risk management. By leveraging secure data aggregation and the Defense Gap Index, organizations can move beyond generic assessments and gain a clear understanding of their security posture relative to their peers. This enables more informed investment decisions, better resource allocation, and ultimately, a stronger defense against evolving cyber threats. The future of cybersecurity is data-driven and collaborative, and these new approaches are paving the way.

About this Article -

This article was crafted using a human-AI hybrid and collaborative approach. AI assisted our team with initial drafting, research insights, identifying key questions, and image generation. Our human editors guided topic selection, defined the angle, structured the content, ensured factual accuracy and relevance, refined the tone, and conducted thorough editing to deliver helpful, high-quality information.See our About page for more information.

Everything You Need To Know

What are privacy-enhancing technologies (PETs) and how do they help in cybersecurity risk management?

Privacy-enhancing technologies (PETs), specifically cryptographic computing, allow organizations to securely compute aggregate cyber risk metrics without revealing sensitive individual data. This enables benchmarking of security performance and development of more reliable risk models by maintaining confidentiality while extracting insights from shared data. This approach addresses concerns about sharing sensitive information, fostering greater collaboration in improving overall cybersecurity posture across industries. PETs, such as cryptographic computing, play a crucial role in balancing data utilization and data privacy, paving the way for advanced cybersecurity strategies.

What is the 'Defense Gap Index' (DGI) and how is it calculated?

The 'Defense Gap Index' (DGI) is a variable that quantifies how a company's security posture deviates from the average of its peer group, using historical industry data. It is calculated through a process involving data aggregation (where organizations securely share data on security posture, incident frequencies, and financial losses), weighting controls (assigning weights to specific security controls based on their impact on reducing financial losses), calculating deviations (determining how an organization's implementation of each control deviates from the peer group average), and combining the control weights and deviations to represent the organization's overall security gap. The DGI acts as a multiplier in a standard cyber risk model, influencing the forecasted risk based on the organization's security posture relative to its peers.

How does the 'Defense Gap Index' (DGI) help organizations in assessing and managing their cybersecurity risk?

The 'Defense Gap Index' (DGI) enables organizations to understand their security posture relative to their peers. A DGI greater than 1 indicates a weaker security posture compared to peers, increasing the forecasted risk, while a DGI less than 1 suggests a stronger posture and reduced risk. This allows for more informed investment decisions, better resource allocation, and ultimately, a stronger defense against evolving cyber threats. By understanding their security gap, organizations can prioritize improvements in specific security controls to align with or surpass industry standards, leading to more effective risk mitigation.

What is the significance of using aggregated cyber risk data from peer organizations in cybersecurity?

Aggregated cyber risk data from peer organizations is highly significant as it provides a benchmark for an organization's security posture. By comparing their security measures and incident rates against their peers, organizations can identify areas where they are lagging and need improvement. The use of privacy-enhancing technologies (PETs) ensures that sensitive data is protected while still enabling valuable insights to be derived. This collaborative approach enhances overall industry security by promoting a more informed and proactive approach to risk management, fostering a culture of continuous improvement.

Can you explain the cyber risk model that incorporates the 'Defense Gap Index' (DGI), and how it forecasts risk?

The cyber risk model incorporating the 'Defense Gap Index' (DGI) is represented by the equation PLG=R, where P = Probability of an incident, L = Average Loss, G = Defense Gap Index, and R = Risk. The DGI acts as a multiplier in this equation. If an organization's DGI is greater than 1, it indicates a weaker security posture compared to its peers, which increases the overall risk (R). Conversely, if the DGI is less than 1, it suggests a stronger posture, reducing the risk. This model uses the DGI to adjust the forecasted risk based on how an organization's security measures compare to its industry peers, offering a more tailored and accurate risk assessment.