{
  "docId": "019dd923-5de0-76bd-a16a-5ae74afc8cbc",
  "docSlug": "70414404d6257472",
  "documentTitle": "IIF/McKinsey Cyber Resilience Survey",
  "authorId": "McKinsey",
  "authorName": "McKinsey",
  "documentKindSlug": "consulting-deck",
  "documentKindLabel": "Consulting deck",
  "sourceTypeSlug": "strategy_consulting",
  "sourceTypeLabel": "Strategy consulting",
  "presentationDate": null,
  "orientation": "landscape",
  "aspectRatio": 1.294,
  "pageNumber": 10,
  "pageCount": 24,
  "prevPage": 9,
  "nextPage": 11,
  "slideType": "diagnosis",
  "function": "diagnose",
  "density": "dense",
  "nDataPoints": 1,
  "notes": "The chart uses a radar/spider plot to compare average vs top-quartile resilience scores across 7 functions.",
  "elementsJson": [
    "headline_text",
    "radar_chart",
    "paragraph",
    "footnote"
  ],
  "metadataConfidence": 1,
  "imagePath": null,
  "slideHref": "/slides/019dd923-5de0-76bd-a16a-5ae74afc8cbc/10",
  "deckHref": "/decks/019dd923-5de0-76bd-a16a-5ae74afc8cbc",
  "deckJsonHref": "/decks/019dd923-5de0-76bd-a16a-5ae74afc8cbc.json",
  "deckAnchorHref": "/decks/019dd923-5de0-76bd-a16a-5ae74afc8cbc#slide-10",
  "components": [
    {
      "bbox": null,
      "kind": "callout",
      "text": "Security around supply chain and vendors, and incident response were reported as the least-mature capabilities.",
      "attrs": null,
      "subkind": null,
      "toolName": "Visual emphasis",
      "toolSlug": "visual-emphasis",
      "confidence": null,
      "componentId": "019dd952-2e35-763d-8380-f048f149d263",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": {
        "h": 0.45,
        "w": 0.38,
        "x": 0.195,
        "y": 0.345
      },
      "kind": "chart",
      "text": "Resilience score averages and top quartile view, by function",
      "attrs": null,
      "subkind": "radar",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "3b432fa4-2db7-4e56-a6ef-755edeaf682d",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": null,
      "kind": "metric",
      "text": "Resilience score: 33%",
      "attrs": null,
      "subkind": "primary",
      "toolName": "Quantification",
      "toolSlug": "quantification",
      "confidence": null,
      "componentId": "019dd952-2e35-763d-8380-f62bc10117c8",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": {
        "h": 0.2,
        "w": 0.28,
        "x": 0.65,
        "y": 0.495
      },
      "kind": "paragraph",
      "text": "Security around supply chain and vendors, and incident response were reported as the least-mature capabilities. For example, 33% of companies responded that they don't have proper vendor remote access management, with multi-factor authentication. This suggests a need to strengthen access control and other cybersecurity areas for vendors",
      "attrs": null,
      "subkind": "paragraph",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "bf29c93a-445d-4ea4-b992-b519739403b7",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": {
        "h": 0.05,
        "w": 0.4,
        "x": 0.195,
        "y": 0.865
      },
      "kind": "source-note",
      "text": "Note: Resilience scores are calculated for every function of the FSSCP based on self reported responses, so may not accurately reflect overall organizational cyber resilience",
      "attrs": null,
      "subkind": null,
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "e5422037-89cd-4460-875f-b050bdecfa66",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": {
        "h": 0.12,
        "w": 0.45,
        "x": 0.344,
        "y": 0.095
      },
      "kind": "title",
      "text": "Supply chain and dependency management could be the weakest link",
      "attrs": null,
      "subkind": "headline",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "dabb218b-fe8b-4927-a0f1-3907e21aad88",
      "frameworkName": null,
      "frameworkSlug": null
    }
  ],
  "metrics": [],
  "tools": [
    {
      "name": "2x2 matrix",
      "slug": "matrix-2x2",
      "agent": null,
      "layer": "slide",
      "matchId": "7f4bc475-f60b-4150-b4b1-0b29bd610155",
      "evidence": "The use of a radar chart to display data, which can be considered a type of matrix",
      "confidence": 0.5
    }
  ],
  "frameworks": [
    {
      "name": "maturity-model",
      "slug": null,
      "matchId": "8faf3150-3910-4ff8-92f1-22a909baed92",
      "evidence": "Radar chart measuring resilience scores across functions",
      "confidence": 0.9
    }
  ],
  "arcBeats": [
    {
      "to": 12,
      "from": 10,
      "beatId": "c6743ea3-1d9e-46a0-bcc3-0ee93dba6896",
      "arcName": "The Consultant's Gambit",
      "arcSlug": "consultants-gambit",
      "beatName": "Problem & Complication",
      "beatSlug": "consultants-gambit-problem-complication",
      "evidence": "The document highlights the challenges and weaknesses in current cyber resilience measures",
      "position": 1,
      "confidence": 0.8,
      "parentBeatName": "Complication",
      "parentBeatSlug": "complication"
    }
  ],
  "loops": [],
  "imagePathAlt": null,
  "thumbSrc": null,
  "thumbSrcAlt": null,
  "locked": true
}