Frequency
A per-industry base breach rate, scaled by your revenue (attack surface) and the data you hold (attacker interest), then reduced by the preventive controls you have deployed.
Most cyber-risk conversations stop at 'high/medium/low'. This tool converts your exposure into an annualized dollar range — frequency × magnitude — calibrated to industry benchmarks. No signup; nothing leaves your browser.
Five inputs. The estimate updates live.
Drives per-record cost and regulatory exposure
Toggle what you actually have deployed
Probability-weighted loss across a year. A material breach is expected roughly every 5.0 years.
Estimate only. A FAIR-lite model calibrated to public benchmarks (IBM Cost of a Data Breach, Verizon DBIR); it is not a substitute for a scoped assessment. No inputs leave your browser.
A transparent FAIR-lite model — frequency × magnitude — calibrated to public benchmarks. No black box, no signup, nothing leaves your browser.
A per-industry base breach rate, scaled by your revenue (attack surface) and the data you hold (attacker interest), then reduced by the preventive controls you have deployed.
Primary loss (records × industry cost-per-record × data sensitivity) plus secondary loss (forensics, legal, notification, regulatory fines, downtime and churn), attenuated by your response controls.
A Monte Carlo simulation combines frequency and magnitude into a full distribution — surfaced as an expected annual loss, a bad-year tail, and a loss-exceedance curve.
Benchmarks are derived from public sources including the IBM Cost of a Data Breach report and the Verizon Data Breach Investigations Report (DBIR). This is a directional estimate for planning and board conversations — not a scoped assessment.