Risk algorithm version 1.1 increases the significance of Attack Detection events.
Attack Surface Risk Management calculates the risk score for
each of your company's assets based on numerical values assigned to risk events occurring
on the
assets. Asset risk scores are then used to calculate the Risk Index.
Risk events have the following values assigned to them:
-
Likelihood: A value that represents the probability that the risk will be exploited by an adversary
-
Impact: A value that represents potential negative impact on business continuity if the risk is exploited
Prior to the June 5, 2023 update, the likelihood value was calculated using a
probability equation that gave equal weighting to the three risk categories: Attack
Detection,
Security Configuration, and Exposure. This algorithm usually produced an accurate
representation
of asset risk, but ongoing testing conducted by Trend Micro threat experts determined
that
high-risk Attack Detection events, such as
security breaches and ransomware incidents, did not increase asset risk scores proportional
to
the critical nature of such events.
In the new algorithm, the Exposure and Security Configuration risk level is calculated
separately from Attack Detection, and the larger of the two results is used to determine
likelihood. Following this algorithm update, the risk scores of assets affected by
Attack Detection events may increased significantly, which might result in a sharp
increase in
the Risk Index.
The updated asset risk and Risk Index scores are a more accurate representation of
your
company's attack surface risk. You can effectively reduce the Risk Index by prioritizing
the
mitigation of Attack Detection risk events on affected assets.