Digital Risk Management Institute



The DRM Institute is an independent, expert, nonprofit organization led by business executives, risk officers and CISOs to analyze industry-specific digital risk scenarios, create standard DRM knowledge, and promote best practices for managing digital business risk.

These are some of the trends driving the request:


Continued Losses

Organizations are increasingly reliant on digital processes to run their business and despite their security investments continue to suffer major service failures and losses due to cyber attacks.


Minimum Security

Current security processes and technologies mostly address compliance requirements, which are critical in defining minimum security standards but are not sufficient to protect organizations from ever-evolving cyber threats.

Growing Interdependencies

Operational technology, IT, the Internet of Things, and physical security technologies have growing interdependencies that require a risk-based approach to governance and management.

Executive Needs

Increasingly, board of directors and executive management teams want to understand their digital risk posture and the business underpinnings of risk mitigation initiatives.

Incongruous Approaches

Most organizations are not equipped for a risk-based approach to governance and management, as there are no common methods to measure and manage digital business risk across the various stakeholders (business, IT, security).

Discover the next evolution in enterprise technology risk.
Take me there >