At Protos Labs, we quantify cyber risk using a structured, data-driven approach rooted in industry best practices—specifically the FAIR framework (Factor Analysis of Information Risk), a leading standard used by global enterprises and insurers.
FAIR breaks down risk into two core components:
Frequency – How likely is a cyber event to happen?
Severity – How much financial damage could it cause?
We build on this logical foundation but take it further using advanced AI techniques and stochastic modeling to simulate thousands of potential outcomes. This lets us provide realistic, decision-ready risk estimates—not just theoretical ones.
Here are the three main data sources we use to power our models:
1. 🛡️ Security Posture (via External Telemetry)
We continuously assess an organization’s external attack surface—the parts of its IT systems that are visible to attackers. This gives us insight into its real-world cyber hygiene.
If we detect unpatched vulnerabilities, exposed systems, or outdated configurations, we assume there may be gaps in controls like patch management or endpoint protection.
We score these findings using mappings to well-established standards such as NIST Cybersecurity Framework (CSF), across relevant control families (e.g., Identify, Protect, Detect).
This gives us a proxy for the organization's cyber defense readiness—especially useful when internal data isn't available.
🧠 Example:
If we assess a Singapore-based SaaS company and detect several exposed APIs and high-risk vulnerabilities, we simulate the likelihood of a data breach based on similar historical cases—adjusting for sector, geography, and known local threat actor activity. This helps estimate both the probability and financial impact of an incident.
2. 🌍 Demographic & Contextual Data
We also incorporate key profile details of the organization, such as:
Industry sector
Country of operation
Revenue and company size
Number of customer or employee records held
Why does this matter? A healthcare firm in the U.S. holding millions of patient records faces different risk dynamics compared to a small manufacturing business in Southeast Asia. These factors help us fine-tune our estimates of both how often incidents might occur and how severe they could be.
3. 📊 Cyber Loss Data & Threat Intelligence
We draw from extensive cyber loss datasets—including hundreds of thousands of anonymized incidents—to build baseline models of real-world financial impact.
But we don’t stop there. We enrich this with:
Up-to-date threat intelligence (e.g., ransomware groups, data breach trends)
Expert insights into attacker tactics, techniques, and procedures (TTPs)
Adjustments for emerging threats and evolving risks
This means our models account not just for historical losses, but also for how threats are evolving and how they might realistically affect your organization today.
🎯 Why It Matters
We analyze billions of data points to help you see what your potential cyber losses could look like. The output is not a guarantee—it’s a starting point for a meaningful conversation about risk exposure, investment in controls, and financial preparedness.
As with any model, it won’t be perfect. But it is transparent, evidence-based, and continuously improving. And it’s built to give you the best estimate possible with the data available—so you can make smarter decisions, faster.