Skip to content
Home / Function (NIST CSF 2.0) / ID - Identify / RA - Risks Asst

FAIR Taxonomy for Cyber Risk Scenarios

This document focuses on:

The FAIR (Factor Analysis of Information Risk) taxonomy for cyber risk scenarios provides a rigorous analytical framework that decomposes risk into two fundamental pillars: Loss Event Frequency and Loss Magnitude. By quantifying precise variables such as threat capability, control strength (vulnerability), and primary versus secondary loss forms, this taxonomy transforms subjective qualitative assessments into probabilistic financial models. This structured approach allows decision-makers to view cyber risk through a standardized lens, facilitating better budget allocation and aligning cybersecurity investments directly with an organization’s overarching business objectives.


Publication's URL

https://www.fairinstitute.org/hubfs/FAIR%20CRM%20Body%20of%20Knowledge/FAIR%20Institute%20--%20Cyber%20Risk%20Scenario%20Taxonomy%20(February%202025).pdf

Additional documents on this topic



How would you rate this document ?

Click on a star to rate it!

1 thought on “FAIR Taxonomy for Cyber Risk Scenarios

What do you think of this document?

Your email address will not be published. Required fields are marked *