Quantify the financial impact of cyber threats to support cost-effective, business-driven security decisions.
Cyber Risk Quantification evaluates how likely specific cyber threats are to affect
your organization and estimates how much each could cost as a monetary value. For
each risk scenario you select, Cyber Risk Quantification produces a predicted likelihood
of occurrence and a set of estimated monetary losses. Risk scenarios represent specific
threat combinations your organization can face, such as ransomware via phishing that
encrypts your systems or data exfiltration of personally identifiable information
(PII). For descriptions of all available scenarios, see Cyber Risk Quantification risk scenarios.
Analysis draws on your organization's attack and threat detection history in TrendAI Vision One™, NIST SP 800-53 security control data from your environment, your connected TrendAI™ and third-party data sources, global threat intelligence, and anonymized data from
peer organizations in similar industries and regions. Business information you provide
in the self-assessment tailors impact estimates to your organization's specific financial
profile, workforce structure, and defined asset groups.
Analysis results include:
-
Predicted event likelihood and financial impact per risk scenario
-
Likeliest monetary risks and their percentage of your annual revenue
-
Confidence level for each scenario based on the completeness of available data
-
Security recommendations that can reduce your potential monetary risk
To run your first analysis, complete a business self-assessment. The self-assessment
collects information about your organization's industry, size, finances, workforce,
security practices, and asset groups. More complete information produces results with
higher confidence levels.
Two self-assessment types are available:
|
Self-assessment type
|
Description
|
|
A two-step process that collects essential business information and risk scenario
preferences. Suitable for an initial assessment or when detailed organizational data
is not yet available. You can switch to the advanced self-assessment at any time to
improve the confidence level of results.
|
|
|
A multi-section workspace that collects detailed information about your business profile,
security practice implementation levels, enriched asset groups, and risk scenarios.
Complete sections in any order and save progress at any time. Security practice questions
can be answered manually or automatically completed using connected data sources.
More detailed information and connected data sources produce results with higher confidence
levels.
|