- 2 Minutes to read
- Print
- PDF
Risk Scenario
- 2 Minutes to read
- Print
- PDF
1. Introduction
SAFE continuously monitors Cyber Risk Scenarios by correlating all the security findings to respective MITRE ATT&CK TTPs (Tactics, Techniques & Procedures).
SAFE provides risk quantification for each of the Cyber Risk Scenarios, including SAFE Score, Breach Likelihood in percentage, Attack Behavior, Attack Surface, Estimated Financial Impact(EFI), and Financial Risk(FR). Additionally, the Industry Benchmark SAFE Score is available for comparative analysis.
- SAFE categorizes the Risk Scenarios into five groups; General Risk, Known Hacks, Group Risks, Custom Risk, and Threat Group
- To highlight and access quickly from the list, you can mark a risk scenario as a star risk scenario.
- You can also search for a risk scenario, filter the list, and customize the risk scenario table using the options available at the header of the risk scenario table.
Industry benchmarks for breach likelihood for General Risks and Enterprise Risk Scenario: Additionally, we have added details on the industry benchmark of breach likelihood for General Risks and Enterprise Risk Scenario in SAFE. Hovering on the breach likelihood percentage bar displays the top 10 percentile, average, and bottom 10 percentile in SAFE.
2. Risk Scenario Details
You can navigate to the individual Cyber Risk Scenario detail page by clicking on a Cyber Risk Scenario from the list.
The details page displays the following:
- Breach Likelihood and Financial Risk Trend
- Estimated Financial Impact and Interactive Cost Model
- Actionable Insights
- MITRE ATT&CK View
2.1. Breach Likelihood and Financial Risk Trend
By default, SAFE displays the overall breach likelihood percentage timeline frame modeled graph to present the breach likelihood trend for the risk scenario. The risk scenario's current breach likelihood is available in the dial view.
On the other tab, SAFE displays the financial risk trend. Financial risk represents the expected financial loss due to a risk scenario that can incur in case of a breach over a 12-month period. It is a function of the SAFE score and estimated financial impact associated with the risk scenario.
It also displays the summary on Threat Actor, Attack Behaviour, and Attack Surface at the top-right of the page.
2.2. Actionable Insights
SAFE displays the security findings that need immediate attention as Prioritised Actionable Insights for each risk scenario. These insights are available on the main dashboard for enterprise cyber risk scenarios and the individual cyber risk scenario dashboard. The prioritized list of actionable insights will help you measure, manage and mitigate the identified security findings.
2.3. MITRE ATT&CK View
ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) is a matrix of different cyberattack techniques sorted by various tactics. There are two views for ATT&CK mapping available to a user; Matrix View (Default). Additionally the control view and Attack Surface Views are available in separate tabs.