Cyber Exposure Index
A single 0–10 board-level number: a client-weighted roll-up of the five indices below. The CXI introduces no new collection — it is strictly a function of CES, IMI, RPS, BLV, and BIR. Internal collection sub-signals are absorbed into their parent index before the roll-up; none are reported as standalone indices.
CXI = Σ_i w_i · normalize(index_i) i ∈ {CES, IMI, RPS, BLV, BIR}Each index is normalized to a common 0–10 scale, weighted, and summed. Weights sum to 1.0.
CES 0.30 · RPS 0.30 · IMI 0.19 · BIR 0.11 · BLV 0.10
Per-client weights are set at onboarding to match the buyer's risk priorities and audited quarterly. The applied vector ships with every report. Re-weighting is a client-level configuration, not a methodology version change.
- ·A high reading on one index is surfaced as a standalone alert, never averaged away by a calm composite.
- ·Peer percentile on the CXI requires a cohort of N ≥ 5; below that we report the absolute value and trend only.
- ·The composite carries the widest confidence band of any contributing index — it never reads tighter than its inputs.