What is Risk Quantification?

Risk quantification is the process in which IT security teams measure the potential financial impact of an organization’s current cyber threat risks. By doing so, the company can focus on the most costly risks and implement proper solutions to mitigate them. Risk quantification is an important aspect of a company’s overall cybersecurity program.

Security professionals can leverage the following: 

• NIST 800-30 risk assessment model 
• FAIR framework

Ready to start your CRQ journey? Download our guide to conducting a CRQ pilot. 

Return to Cyber Risk Quantification Glossary