SAFE Product and Quantification Updates

1. Findings Prioritization

• Introducing a new risk-based approach to prioritize security findings.

• All security findings are linked to one or more FAIR-CAM Controls.

• Control maturity is dynamically calculated based on these security findings.

• This updates Likelihood and Loss Magnitude of Risk Scenarios.

  ---

2. Threat Center - Live

• Introducing external Threat Feeds.

• Threat Feeds now contribute to Threat Event Frequency.

• This dynamically updates Likelihood of Risk Scenarios.

  ---

3. Initial Attack Method - Any

• The scoping of Risk Scenario includes the Initial Attack Method (IAM).

• IAM-Any has now been enhanced to aggregate all individual IAMs with respective Attack Surfaces.

• This improves the accuracy of Likelihood of IAM-Any based Risk Scenarios.

  ---

4. FAIR CAM Control and Maturity Updates

• Several updates have been made to FAIR-CAM Control mappings.

• Control maturities have been adjusted, and the overall maturities for M1, M2, and M3 have been recalibrated.

• These new mappings will update the Control Maturity %.

• This improves the accuracy of Likelihood and Loss Magnitude.

  ---

5. FAIR-MAM Updates

• The algorithm for calculating loss magnitude for certain loss drivers with a Likelihood aspect has been improved.

• Previously, events with a Likelihood below 50% underestimated Loss Magnitude.

• This improves the accuracy of Loss Magnitude.

Webinar

For more details, watch the Webinar covering these changes.

Note: For questions or concerns, contact your Customer Success Partners.