Contents x
    Interactive Cost Model (ICM)
    • 1 Minute to read
    • Print
    • PDF
    Contents

    Interactive Cost Model (ICM)

    • 1 Minute to read
    • Print
    • PDF
    Article summary

    Estimated Financial Impact

    SAFE displays the Estimated Financial Impact per Cyber Risk Scenario, i.e, the dollar value impact an enterprise can incur due to a breach. A range is also provided with upper and lower bounds of Financial Impact, with an expected value that is generally a mean. SAFE auto-generates the inherent EFI for a risk scenario based on the company characteristics, security findings, and applicable cost drivers.

    Financila Risk

    The default Estimated Financial Impact estimation is powered by Safe Security’s proprietary database - built and maintained by our expert analysts and threat intelligence teams. The model leverages:

    • Over 500,000 data points across 2,000 mapped discrete incidents taken from primary sources across:
      • Financial fraud - such as business email compromise, account takeover, and advertising fraud
      • Ransomware, PxI data breaches - including leaks and exposures
      • Wiper and cryptocurrency theft - including lost access
      • Data privacy violations
    • ~1300 CVEs identified as seen in the wild., and over 1,100 attack groups, including identified aliases
    • TTP mapping to MITRE ATT&CK for over 100 attack groups and malware (with more added regularly)
    • A pipeline of over 25,000 security incidents is being actively reconciled and processed.

    ICM

    Interactive Cost Model (ICM)

    Additionally, SAFE does not limit the financial impact estimation to the default assumptions. It also provides an Interactive Cost Model (ICM), which is capable of conforming to different internal assumptions for cost modelling.

    The Interactive Cost Model (ICM) is designed as an interactive tool where a user can calibrate the cost modelling assumptions for the applicable cost categories for a cyber risk scenario. A user can provide upper bound, lower bound, and expected values for all the tunable cost drivers. Based on the inputs, EFI and, subsequently, the Financial Risk for the scenario shall be calibrated for the Cyber Risk Scenario. 

    Click the Edit button, change the values for cost drivers, and click the updated button to save your values.

    Edit ICM


    Was this article helpful?
    What's Next