We see this when analysts new to FAIR are working on Threat Event Frequency for web applications. A common use of RiskLens is to prioritize remediation efforts for web applications. Using FAIR provides a consistent and contextual way to identify what matters.
But if TEF is incorrectly derived, the analysis can run aground. Fortunately, mistakes made with Threat Event Frequency are often simple and easy to avoid.
Discover your industry’s greatest cyber risks in this new report. TRY IT FREE.
Threat Event Frequency in FAIR Cyber Risk Analytics
But first a quick recap of Threat Event Frequency. “Threat Event Frequency is the probable frequency, within a given time frame, that threat agents will act in a manner that may result in loss.” (from the…