Board of Directors
Cyber Insurance: $50M. Estimated Breach Cost: $187M.
The $137M Question Nobody's Asking
Your cyber insurance policy covers $50M. Your estimated breach cost—factoring in business interruption, regulatory fines, legal fees, and reputation damage—is $187M. The board is asking about cyber risk. You need to show them the gap.
The Coverage Gap
What your insurance actually covers
$50M
Covered
$137M
Uninsured Exposure
$42M
Business Interruption
$38M
Regulatory Fines
$28M
Legal & Settlement
$29M
Reputation/Churn
Risk by Attack Vector
Probability, cost, and coverage gaps
| Attack Vector | Probability | Avg Cost | Max Cost | Coverage | Gap |
|---|---|---|---|---|---|
| Ransomware | 34% | $4.5M | $28M | $5M | $23M |
| Data Breach | 28% | $9.4M | $42M | $15M | $27M |
| Business Email Compromise | 22% | $2.4M | $12M | $3M | $9M |
| Third-Party/Supply Chain | 18% | $4.8M | $65M | $10M | $55M |
| Insider Threat | 12% | $3.2M | $18M | $5M | $13M |
Questions the Board Will Ask
"What is our total cyber exposure?"
$187M worst-case scenario including business interruption, fines, legal, and reputation damage.
"How much is insured vs. uninsured?"
$50M covered by current policy. $137M remains on the balance sheet as uninsured risk.
"What would a major breach cost us?"
Ransomware scenario: 23-day downtime, $4.5M ransom, $42M business impact, $28M in fines.
"How does our security posture compare?"
NIST CSF maturity: 2.8/5. Industry average: 3.4/5. We're in the bottom quartile.
Cyber Risk KPIs for the Board
NIST CSF Maturity
2.8/5
Target: >3.5
Mean Time to Detect
197 days
Target: <30 days
Mean Time to Respond
68 days
Target: <7 days
Vulnerability Remediation
47 days
Target: <15 days
Phishing Click Rate
8.2%
Target: <2%
Third-Party Risk Score
C+
Target: A
Source: IBM Cost of Data Breach 2024, Verizon DBIR 2024, NIST CSF
Risk Transfer Options
OPTION A
Increase Coverage
$150M
Premium: +$2.4M/year
Gap remaining: $37M
OPTION B
Captive Insurance
$75M
Setup: $1.8M + $1.2M/year
Combined with A: Full coverage
OPTION C
Security Investment
$8M
Reduce risk by 40%
New estimated exposure: $112M
TRANSFORM YOUR OPERATIONS
Present Cyber Risk to the Board
SlideStrike connects to your security tools and risk assessments to show exactly where you're exposed—and your options for risk transfer.
Quantified cyber risk by attack vector and business impact
Insurance coverage gap analysis with scenarios
Security posture scoring with peer benchmarking
Risk transfer options with cost-benefit analysis