Risk Assessment Simulator
Categorise and prioritise security threats through interactive drag-and-drop exercises. Build your threat modelling instincts.
Risk assessment helps you make informed decisions about where to focus your security efforts. A simple but powerful framework considers two dimensions: likelihood and impact.
Likelihood: How Probable?
How likely is this threat to actually occur? - Very Likely: Happens frequently, few barriers, motivated adversaries - Likely: Has happened before, known attack vectors exist - Possible: Could happen under certain conditions - Unlikely: Rare circumstances required, significant barriers - Very Unlikely: Theoretical possibility only
Impact: How Bad?
If this threat occurs, what's the damage? - Catastrophic: Business survival at stake, massive data loss - Major: Significant financial loss, regulatory action, extended outage - Moderate: Noticeable disruption, manageable recovery - Minor: Limited scope, quick recovery - Negligible: Minimal effect, easily absorbed
The Risk Matrix
Plotting likelihood against impact creates a risk matrix. High-likelihood, high-impact threats demand immediate attention. Low-likelihood, low-impact threats can be accepted or addressed later.
Critical: High likelihood + High impact = Fix now High: Medium-high in either dimension = Plan remediation Medium: Balanced or moderate = Monitor and schedule Low: Low in both dimensions = Accept or defer