Risk Scenario
  • 2 Minutes to read
  • PDF

Risk Scenario

  • PDF

Article Summary

1. Introduction

SAFE continuously monitors Cyber Risk Scenarios by correlating all the security findings to respective MITRE ATT&CK TTPs (Tactics, Techniques & Procedures). 

SAFE provides risk quantification for each of the Cyber Risk Scenarios, including SAFE Score, Breach Likelihood in percentage, Attack Behavior, Attack Surface,  Estimated Financial Impact(EFI), and Financial Risk(FR). Additionally, the Industry Benchmark SAFE Score is available for comparative analysis. 

Risk Scenario 48

  • SAFE categorizes the Risk Scenarios into five groups; General Risk, Known Hacks, Group Risks, Custom Risk, and Threat Group
  • To highlight and access quickly from the list, you can mark a risk scenario as a star risk scenario.
  • You can also search for a risk scenariofilter the list, and customize the risk scenario table using the options available at the header of the risk scenario table.
    Industry benchmarks for breach likelihood for General Risks and Enterprise Risk Scenario: Additionally, we have added details on the industry benchmark of breach likelihood for General Risks and Enterprise Risk Scenario in SAFE. Hovering on the breach likelihood percentage bar displays the top 10 percentile, average, and bottom 10 percentile in SAFE.

Industry Avg

2. Risk Scenario Details 

You can navigate to the individual Cyber Risk Scenario detail page by clicking on a Cyber Risk Scenario from the list. 

The details page displays the following:

  • Breach Likelihood and Financial Risk Trend
  • Estimated Financial Impact and Interactive Cost Model
  • Actionable Insights

2.1. Breach Likelihood and Financial Risk Trend

By default, SAFE displays the overall breach likelihood percentage timeline frame modeled graph to present the breach likelihood trend for the risk scenario. The risk scenario's current breach likelihood is available in the dial view.

On the other tab,  SAFE displays the financial risk trend. Financial risk represents the expected financial loss due to a risk scenario that can incur in case of a breach over a 12-month period. It is a function of the SAFE score and estimated financial impact associated with the risk scenario.

It also displays the summary on Threat Actor, Attack Behaviour, and Attack Surface at the top-right of the page.

Risk 2

2.2. Actionable Insights

SAFE displays the security findings that need immediate attention as Prioritised Actionable Insights for each risk scenario. These insights are available on the main dashboard for enterprise cyber risk scenarios and the individual cyber risk scenario dashboard. The prioritized list of actionable insights will help you measure, manage and mitigate the identified security findings.

Risk 3

2.3. MITRE ATT&CK View

ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) is a matrix of different cyberattack techniques sorted by various tactics. There are two views for ATT&CK mapping available to a user; Matrix View (Default). Additionally the control view and Attack Surface Views are available in separate tabs.

Risk 4

Was this article helpful?