The Cyber Security Risk calculation involves analyzing the most dangerous cyber threats and assessing how the company addresses these threats. It involves collecting the necessary data to perform a quantitative analysis and using the Open FAIR model to determine the most likely, minimum and maximum risk, as well as the number of annual events for that specific threat.
The information required for the model is collected from the data gathered from the attack perimeter and analyzed through the rating calculation. Other information related to the company is analyzed from financial statements and compared to companies of the same size in terms of revenue and employees and in the same industry.
CYSR, through the Open Fair model, calculates the most likely financial impact on the company in case a specific attackl. The financial analysis of an impact is crucial for the company to analyze the next remedies and to objectively evaluate the steps to be taken to minimize the risk and improve specific aspects of its own structure for a specific threat.