top of page

X-Analytics Software Update: September 30, 2025

  • Oct 1
  • 3 min read

To ensure the X-Analytics Application remains current and produces reliable outcomes, the X-Analytics Research Team aggregates and analyzes historical and cyber risk intelligence data to calibrate backend variables within X-Analytics.




Update Summary:


Since the last update, we updated the threat baseline for all industry verticals, data breach probability curve, business interruption probability curve, ransomware probability curve, misappropriation probability curve, and percent of electronic fund transfers related to fraudulent transactions.


Reminder to All Customer: If you are using threat overrides within Profile Builder, we highly recommend that you review these overrides in relation to the threat baseline for your industry vertical. We strongly recommend that all customers use the default industry values for threat, unless there is a compelling reason to override those values.



This update includes:


Industry Threat Baselines: +3.2% change since last update

The industry threat baselines increased by an average of 3.2% since the last update.


Crimeware (including ransomware), Denial of Service Attacks, and Web Application Attacks, are the top three threat categories (in order of most likely to least likely).


The increase in threat activity is mainly due to an increase in insider and privileged misuse, human error, and theft/loss activity.


The increase in threat activity will cause an increase in cyber exposure for most customers.


Data Breach Probability Baseline: -2.8% change since last update

Data breach probability baseline decreased by an average of 2.8% since the last update.


This decrease is partially due a decrease in hacking/IT incidents (or system intrusion incidents) and unauthorized access (such as stolen credentials).


Special Note: Currently, we believe that organizations are underreporting unauthorized disclosure within AI platforms due to lack of AI governance and lack of visibility. At some point, we expect this information will surface and cause an increase in data breach probability.


The average size of data breach is between 300k and 400k records


The decrease in data breach probability will cause a decrease in data breach cyber exposure for most customers.


Business Interruption (DoS) Probability Baseline: +10.3% change since last update

Business interruption (DoS) probability baseline increased by an average of 10.3% since the last update.


The probability between 30-minutes and 24 hours increased by 4.6% since the last update.

 

The probability greater than 24 hours increased by 12.7% since the last update.


The increase in business interruption (DoS) probability will cause an increase in business interruption (DoS) cyber exposure for most customers.


Business Interruption (Other) Probability Baseline: -0.3% change since last update

Business interruption (Other) probability baseline decreased by an average of 0.3% since the last update.


The probability between 30-minutes and 48 hours decreased by 1.0% since the last update. This is partially due to decrease in human error activity and system intrusion activity.


The probability greater than 48 hours increased by 0.7% since the last update. This is partially due to insufficient backup and recovery mechanisms that led to longer than expected incidents.


The decrease in business interruption (other) probability will cause a decrease in business interruption (other) expected loss for most customers.


Ransomware Probability Baseline: +3.9% change since last update

Ransomware baseline probability has increased by an average of 3.9% since the last update.


The probability between 30-minutes and 5 days increased by 2.1% since the last update.


The probability greater than 5 days increased by 5.3% since the last update.


The increase in ransomware probability is partially due to an increase unknown (or undisclosed), Qilin, and Pear ransomware groups.


This increase in ransomware probability will cause an increase in ransomware expected loss for most customers.


Misappropriation Probability Baseline: -6.5% change since last update

Misappropriation baseline probability decreased by an average of 6.5% since the last update.


The decrease in probability is mainly due to a decrease in accidental disclosures and cyber-espionage related activity.


The increase misappropriation probability will cause an increase in misappropriation cyber exposure for most customers.

Misappropriation of Funds: % of Payments Related to Fraud: -2.4% change since last update

"% of Payments Related to Fraud" decreased by 2.4% since the last update.


The decrease in “% payments related to fraud” is partially related to an increase in all forms of electronic payments where fraud is not increasing at the same rate.


The decrease in “% payment related to fraud” is also partially related to improved fraud-countermeasures within common electronic pay transfer systems.


The decrease in "% of Payments related to Fraud" will cause a decrease in misappropriation cyber exposure for most customers.



Additional Questions:

If you have questions, please contact your X-Analytics Customer Success Team Member.

 
 
 

Comments

bottom of page