TMCnet News

Ostrich Cyber-Risk Implements the Cyber Risk Institute Cyber Profile to Enhance Risk Management and Cyber Resiliency for Financial Institutions
[September 13, 2023]

Ostrich Cyber-Risk Implements the Cyber Risk Institute Cyber Profile to Enhance Risk Management and Cyber Resiliency for Financial Institutions

Ostrich Cyber-Risk, a leading vendor in cyber-risk management offering both qualitative and quantitative solutions, today announced it has joined the Cyber Risk Institute (CRI), a globally recognized not-for-profit coalition of financial institutions and trade associations that strives to sharpen cybersecurity to protect the global economy, as an Innovator Sponsor. By working together, Ostrich Cyber-Risk and CRI will help financial institutions measure their security program capabilities to achieve greater cyber readiness and enhance cybersecurity and resiliency through standardization.

The CRI Cyber Profile assessment helps financial institutions measure their security program capabilities by expanding the NIST Cyber Security Framework (CSF) to address the focus of regulators on important governance and third-party issues. The Cyber Profile is recognized as a global standard for cyber risk assessment, offers more coverage than the NIST CSF and can be tailored to financial institutions of various sizes with different risk environments and tolerances.

"We are a huge supporter of CRI's mission to improve financial institution's organizational resiliency to cyber threats. Our implementation of the Cyber Profile makes it very easy for organizations of all sizes to perform assessments and measure their rik more accurately. We hope other vendors in the cyber risk community adopt the Cyber Profile and follow us in sponsoring CRI's mission of improving cybersecurity to improve the global economy," said Bret Laughlin, CEO and Co-Founder, Ostrich Cyber-Risk.

Implementing CRI's Cyber Profile into Ostrich Cyber Risk's intuitive SaaS workflow with built-in subject matter expert collaboration and program management, will enable financial institutions of all sizes to take the assessment at the tier best representing their operations size to measure security program controls that matter most to them.

Additionally, CRI's Cyber Profile combined with Ostrich-Cyber Risk's Quantify solution produces results that can be used to drive risk scenario scope and data inputs to quantify loss exposure forecasts in financial terms for different risk types. In turn, these outcomes help drive proactive decision support based on an organization's governance about appropriate handling to mitigate material risks.

"CRI is honored to have Ostrich Cyber-Risk join our expanding network of Innovators. The Profile is offered for free as a compliance assessment framework for financial institutions. The leadership that Ostrich Cyber-Risk and others are showing by joining CRI helps us ensure that it is responsibly licensed for commercial use. This is key for the continued health of the entire ecosystem. In taking this step, Ostrich Cyber-Risk has joined the ranks of leading organizations working together to better secure the financial sector, and we welcome them to this effort," said Josh Magri, CRI's President and Founder.

About Ostrich Cyber-Risk

Ostrich Cyber-Risk helps organizations reduce the complexity of identifying, quantifying and communicating cyber and operational risks related to your cybersecurity posture with its Birdseye™ SaaS solution. Benchmarked against NIST CSF with references to best standards, Birdseye™ is a unified qualitative and quantitative cyber risk management application that offers an intuitive assessment workflow to track your organization's risk over time, all in one place. The Birdseye™ proprietary features include continuous progress tracking, real world data insights from Advisen for peer comparison, its CRQ Simulator that simulates unlimited risk scenarios to enable risk-reduction ROI calculations, and shareable reports. Learn more at

About Cyber Risk Institute

The Cyber Risk Institute (CRI) is a not-for-profit coalition of financial institutions and trade associations. We're working to protect the global economy by enhancing cybersecurity and resiliency through standardization.

Our Cyber Profile tool is the benchmark for cyber security and resiliency in the financial services industry. This ever-evolving and concise list of assessment questions is curated based on the intersection of global regulations and cyber standards, such as ISO and NIST. Learn more at

[ Back To's Homepage ]