Below is an example of Defense Intelligence provided through Scalar's Def.Inity assessment. This chart shows average compliance with each of the 20 Critical Controls across several key industries. A score of 1 means the respondent has implemented defenses (that's good) – a score of -1 means the respondent is unaware whether the defenses exist (that's bad).
Below are two basic readout showing how breach attack vectors tend to coincide with a lack of rigor in certain control areas. You can interpret this as follows:
"25% of attacks that used Crimeware took advantage of insufficient attention to Control #3"
A full list of the 20 Critical Controls and the areas they cover can be found here.