Risk Profile

Overview

The Risk Profile module is an advanced assessment tool that quantifies the specific threat level for your organization. Using historical and contextual data, PanicSafe generates an accurate estimate of the cyber risk your entity is exposed to, allowing you to adapt your security strategy accordingly.

Creating a Risk Profile

Identification Information

To configure a risk profile, you need to provide the following information:

• Profile name: Unique identifier for this risk profile (e.g., "Dream On Technology #1")

• Domain name: Your company's primary domain name (e.g., "dream-on.tech")

  • This field must contain a valid domain composed of at least one label and an extension (TLD)

  • Format: example.com, subdomain.example.org, etc.

• Country: Main geographic location of your company

• Industry sector: Industry in which your company operates (e.g., "Engineering, accounting, research, management and related services")

• Currency: Currency used for your financial transactions

• Annual revenue: Revenue generated by your company over a fiscal year

Assessment Methodology

Once this information is entered, PanicSafe conducts an analysis in several steps:

1. Contextual analysis: Risk assessment based on country and industry sector

2. Historical evaluation: Comparison with our cyber incident database

3. Risk score calculation: Assignment of a score out of 100 and a risk level (Low, Medium, High)

Incident Database

PanicSafe relies on a proprietary knowledge base compiling over 15 years of global cyberattack data. This database references:

• Most frequent types of attacks by industry sector

• Geographical distribution of incidents

• Preferred attack vectors according to company profiles

• Emerging threat trends

Thanks to this wealth of information, we can accurately calculate the probability that your organization will be targeted by a cyberattack.

Domain Name Usage

The domain name provided currently serves as a unique identifier for your organization. In upcoming versions of PanicSafe, this information will be used to:

• Analyze exposure surface: Identification of Internet-visible assets via OSINT (Open Source Intelligence) techniques

• Evaluate cyber supply chain: Mapping dependencies on external providers

• Identify potential vulnerabilities: Detection of weak links in your digital ecosystem

Important note: This feature does not perform a complete attack surface analysis, but focuses on assessing risks related to the digital supply chain (cyber supply chain).

Role of Annual Revenue

The annual revenue information is used to:

• Estimate the potential valuation of company assets

• Calculate the financial impact of a security incident

• Determine your organization's attractiveness to attackers

Interpreting Results

The risk profile assessment results in:

• Numerical score: Rating out of 100 (e.g., 88/100)

• Risk level: Qualitative classification (High, Medium, Low)

Practical Usage

Once your risk profile is established, you can:

• Adapt your security strategy according to the identified risk level

• Prioritize crisis scenarios to prepare for

• Raise awareness among your management about the specific threat level to your organization

• Justify cybersecurity investments based on an objective assessment

• Track the evolution of your risk level over time

Profile Updates

To maintain the relevance of your assessment, we recommend updating your risk profile:

• At least once a year

• After any significant change in your business

• Following a merger, acquisition, or geographic expansion

• In case of major evolution in your IT infrastructure