top of page

Estimating the Likelihood of a Cyber Event

In today's ever-changing digital environment, the persistent threat of cyber incidents looms large for organizations, irrespective of their size or industry. The concern isn't just the severity of these cyber events, but also their escalating occurrence. As such, gauging the frequency of cyber incidents is a cornerstone of a well-rounded cybersecurity strategy.

How to Estimate Cyber Event Likelihood:

1. Analyzing Past Incidents

Reviewing your organization's historical cyber incidents can offer invaluable insights into the frequency and types of attacks you've faced. While past data can guide future predictions, it's crucial to note that the absence of a past incident doesn't guarantee future safety.

2. Leveraging Threat Intelligence for Enhanced Cybersecurity

The utilization of external threat intelligence is instrumental in deepening your grasp of the cyber risks that are particularly relevant to your industry, as well as the broader digital environment. Various authoritative sources offer invaluable insights into emerging threats, vulnerabilities, and best practices. These sources include but are not limited to:

Verizon's Data Breach Investigations Report

This annual report provides an in-depth analysis of data breaches across various industries. It offers valuable insights into the types of attacks that are most common in each sector, helping organizations tailor their cybersecurity strategies accordingly.

Cybersecurity and Infrastructure Security Agency (CISA) Reports

CISA, a U.S. federal agency, regularly publishes reports and bulletins that provide timely information on current threats, vulnerabilities, and mitigations. These reports are particularly useful for organizations that are part of the nation's critical infrastructure.

Symantec's Internet Security Threat Report

Symantec's report is a comprehensive source of global cybersecurity trends, providing data and commentary on everything from malware and phishing attacks to targeted attacks and emerging threats.

National Institute of Standards and Technology (NIST) Publications

NIST offers a range of publications that set the standards for cybersecurity practices. These documents are particularly useful for organizations looking to align their cybersecurity measures with recognized best practices.

By integrating insights from these and other reputable sources into your cybersecurity strategy, you can achieve a more holistic understanding of the risks you face and how best to mitigate them.

3. Industry-Specific Trends

Monitoring trends within your industry can offer additional context. For example, financial institutions are often targeted for monetary gains, whereas healthcare organizations are more susceptible to ransomware attacks due to the sensitive nature of their data.

  • Financial Institutions

    • FS-ISAC Annual Cybersecurity Report

    • PwC Global Economic Crime and Fraud Survey Financial Sector

  • Healthcare Providers

    • HealthITSecurity Healthcare Cybersecurity Report

    • Kaspersky Healthcare Cybersecurity Trends

  • Corporate Enterprises

    • Deloitte Corporate Cybersecurity Report

    • FireEye Enterprise Security Report

  • Educational Institutions

    • EDUCAUSE Higher Education Cybersecurity Report

    • SANS Institute School Cybersecurity Report

  • Retail

    • Trustwave Global Security Report Retail Sector

    • Kaspersky Retail Cybersecurity Trends

  • Hospitality

    • Symantec Hospitality Cybersecurity Report

    • Hotel Management Cybersecurity Best Practices

  • Energy & Utilities

    • ICS-CERT Annual Report Energy Sector

    • SANS Institute Utilities Cybersecurity Report

  • Government & Public Sector

    • CISA Cybersecurity Report Government Sector

    • NCSC Public Sector Annual Review

  • Manufacturing

    • NIST Manufacturing Cybersecurity Guidelines

    • Deloitte Industry 4.0 Cybersecurity Report

  • Transportation & Logistics

    • FMCSA Cybersecurity Guidelines

    • SANS Institute Transportation Cybersecurity Whitepaper

  • Media & Entertainment

    • MPA Cybersecurity Best Practices

    • PwC Media Cybersecurity Survey

You can search for these titles in your preferred search engine to find the reports. Some may be freely available, while others might require registration or a subscription.

These sources often provide detailed statistics and insights into the frequency and types of cyberattacks experienced by various industries, which can give you a more accurate understanding of the likelihood of such incidents.

The cyber threat landscape is ever-changing, and each industry has its own set of unique vulnerabilities. Below are some of the emerging trends in cyber threats by industry, along with references for further information:

Understanding these trends can help organizations in these industries better prepare for, and defend against, the evolving landscape of cyber threats.

Evaluating Likelihood Based Other Factors:

Threat Types and Likelihood

  • Social Engineering Attacks:

    • Very Likely: Routine phishing attacks.

    • Likely: Spear phishing aimed at specific staff.

    • Unlikely: Whaling attacks on senior executives.

    • Very Unlikely: Highly intricate social engineering schemes.

  • Malware Incidents:

    • Very Likely: Prevalent but preventable viruses.

    • Likely: Ransomware, particularly if peers have been targeted.

    • Unlikely: Zero-day malware.

    • Very Unlikely: Advanced Persistent Threats (APTs) targeting your organization.

  • Network Intrusions:

    • Very Likely: Brute-force attacks exploiting weak passwords.

    • Likely: Man-in-the-middle attacks on insecure networks.

    • Unlikely: Resource-intensive DDoS attacks.

    • Very Unlikely: Cyber-attacks sponsored by nation-states.

  • Data Breaches:

    • Very Likely: Accidental data leaks due to configuration errors.

    • Likely: Data breaches via third-party vendors.

    • Unlikely: Insider threats from trusted employees.

    • Very Unlikely: Complex breaches involving multiple security layers.

User Interaction and Likelihood

  • Very Likely: Exploits requiring no user interaction.

  • Likely: Minimal user interaction, like clicking a link.

  • Unlikely: Multi-step user interaction, such as downloading and executing a file.

  • Very Unlikely: Highly complex and improbable user interactions.

Network Exposure and Likelihood

  • Very Likely: Fully exposed systems lacking adequate security.

  • Likely: Exposed systems with basic security measures.

  • Unlikely: Partially exposed systems with some security.

  • Very Unlikely: Systems not exposed to the internet.

4. Consulting Cybersecurity Specialists

Engaging with cybersecurity experts can offer a fresh perspective, identify overlooked vulnerabilities, and provide advice on emerging threats.

In summary, estimating the frequency of cyber events is a nuanced task that demands a multi-pronged approach. While it's impossible to entirely negate cyber risks, understanding the likelihood of various threats enables organizations to allocate resources wisely, prioritize defenses, and bolster their cybersecurity stance.



bottom of page