Risk Scenario

Introduction

SAFE continuously monitors Cyber Risk Scenarios by correlating all the security findings to respective MITRE ATT&CK TTPs (Tactics, Techniques & Procedures). 

SAFE provides risk quantification for each of the Cyber Risk Scenarios, including SAFE Score, Breach Likelihood in percentage, Attack Behavior, Attack Surface,  Estimated Financial Impact(EFI), and Financial Risk(FR). Additionally, the Industry Benchmark SAFE Score is available for comparative analysis. 

• SAFE categorizes the Risk Scenarios into five groups; General Risk, Known Hacks, Group Risks, Custom Risk, and Threat Group
• To highlight and access quickly from the list, you can mark a risk scenario as a star risk scenario.
• You can also search for a risk scenario, filter the list, and customize the risk scenario table using the options available at the header of the risk scenario table.
  Industry benchmarks for breach likelihood for each risk scenario: Additionally, we have added details on the industry benchmark of breach likelihood for each cyber risk scenario in SAFE. Hovering on the breach likelihood percentage bar displays the top 10 percentile, average, and bottom ten percentile in SAFE.
  
  

Risk Scenario Details 

You can navigate to the individual Cyber Risk Scenario detail page by clicking on a Cyber Risk Scenario from the list. 

The details page displays the following:

• Breach Likelihood and Financial Risk Trend
• Estimated Financial Impact and Interactive Cost Model
• Actionable Insights
• MITER ATT&CK View

Breach Likelihood and Financial Risk Trend

By default, SAFE displays the overall breach likelihood percentage timeline frame modeled graph to present the breach likelihood trend for the risk scenario. The current breach likelihood is available in the dial view for the risk scenario.

On the other tab,  SAFE displays the financial risk trend. Financial risk represents the expected financial loss due to a risk scenario that can incur in case of a breach over a 12-month period. It is a function of the SAFE score and estimated financial impact associated with the risk scenario.

It also displays the summary on Threat Actor, Attack Behaviour, and Attack Surface at the top-right of the page.

Actionable Insights

SAFE displays the security findings that need immediate attention as Prioritised Actionable Insights for each risk scenario. These insights are available on the main dashboard for enterprise cyber risk scenarios and the individual cyber risk scenario dashboard. The prioritized list of actionable insights will help you measure, manage and mitigate the identified security findings.

MITRE ATT&CK View

ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) is a matrix of different cyberattack techniques sorted by various tactics. There are two views for ATT&CK mapping available to a user; Matrix View (Default). Additionally the control view and Attack Surface Views are available in separate tabs.