Risk Assessment Methodology
Our approach to risk assessment is based on three core factors:
- How much would different kinds of attacks cost your organisation?
- How likely are different kinds of attacks?
- How much would defence against different attack vectors cost?
Based on these three pieces of information, we can estimate the likely return on investment of different security remediations. This allows organisations to prioritise the security investments likely to provide the greatest reduction in risk for a given investment.
The difficulty, of course, lies in assessing each of the three terms of the equation - the real cost of attacks, the probability of attacks, and the difficulty of preventing an attack. These depend on both the details of your organisation and on technical knowledge of the mechanics of real-world threats. Our Risk Assessment service offers an opportunity for us to collaborate with your organisation to estimate those values, combining our technical understanding of how real-world attacks occur with your knowledge of the details of your organisation.