# New - Cyber Risk Quantification ## [Cyber Risk Quantification on CISO Assistant](https://app.guidde.com/playbooks/wTDpUXVPGoG4HGxhw44iN3) {% embed url="" %} This tutorial guides you through performing Cyber Risk Quantification using the CISO Assistant #### Go to your instance #### 1. Introduction You will learn how to create and configure risk studies, define scenarios with associated assets and threats, apply treatments, run simulations, and analyze results to make informed cybersecurity decisions. Before starting, ensure you have access to the CISO Assistant platform and necessary permissions to create and edit risk studies. ![Introduction](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2FfBjQKvcq1tfMJ8LNTA7pdr_doc.png?alt=media\&token=6585dd71-2c31-42d9-9139-08173fa2bf9b) #### 2. Click "Risk" Click "Risk" to access the risk management section where you can start your cyber risk quantification process. ![Click 'Risk'](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2F7LEW4efXaXXXq1reFBVVsS_doc.png?alt=media\&token=20e7e053-8726-4f52-bc42-124cb562ccc1) #### 3. Click "CRQ studies" Click "CRQ studies" to view and manage your Cyber Risk Quantification studies. ![Click 'CRQ studies'](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2FoGFoouB713KhJ8zhC3Z1SV_doc.png?alt=media\&token=3745a59d-2b18-499e-b165-143babb57a05) #### 4. Click here Click here to create a new study for your risk analysis. ![Click here](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2F13ubBCe3rZ54syDWcvek7h_doc.png?alt=media\&token=3b7aa2b9-7dd0-40bd-92c3-731c9e736322) #### 5. Fill the required fields of the study Fill "a study" to name your new study, which helps identify it later. ![Fill the required fields of the study](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2FdRkMTRSAjrM3rGkLKt3rj8_doc.png?alt=media\&token=77282fbc-3086-4412-bcfd-369b5f78fa1e) #### 6. Choose a domain Click "DEMO" to select the demo environment or dataset for your study. ![Choose a domain](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2F61rLXupmVtZPzv1DsGrgz3_doc.png?alt=media\&token=790331d7-c01a-4825-bfa6-c2dd3ca7def9) #### 7. Click "Save" Click "Save" to store your new study configuration. ![Click 'Save'](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2Fk9vG2HLWFoQhnDbeREbT4e_doc.png?alt=media\&token=9236d184-e4c1-4581-9af9-22f3808117f6) #### 8. Click "Add scenario" Click "Add scenario" to define a new risk scenario within your study. ![Click 'Add scenario'](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2F6MXtEHtPPUxCmxjgkFcSVq_doc.png?alt=media\&token=ef33d8c8-f720-4bd9-984a-6ce1e7d8e032) #### 9. Create your first scenario Fill "first scenario" to name your initial risk scenario for clarity and tracking. ![Create your first scenario](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2Fm5WMmChGB6y8HxsRMcvJer_doc.png?alt=media\&token=48131c06-080a-4515-b55b-620d966f10da) #### 10. You can select an asset now or do it later Click "DEMO/Ecommerce portal Primary" to assign the primary ecommerce portal asset to your scenario. ![You can select an asset now or do it later](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2F8mL4tLEwZrirJn1gs4bAcd_doc.png?alt=media\&token=7f2d200e-2b17-4fc2-abf4-b1fbad668794) #### 11. You can select a threat now or do it later Click "DEMO/Ransomware" to specify ransomware as the threat type for this scenario. ![You can select a threat now or do it later](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2F11VU7YrmqUEzXoqTLAhZkh_doc.png?alt=media\&token=8efa63ef-520b-4daf-8a5a-8535e6a8192e) #### 12. Click "Save" Click "Save" to save your scenario settings. ![Click 'Save'](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2FqDhmdxz25sPH71RWHx34u6_doc.png?alt=media\&token=a5bdb264-6a1d-4314-ad19-bcf8c7c8636e) #### 13. Click here Click here to move to the next configuration section. ![Click here](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2Fx4roxdYcUWDThJEVuBnNHw_doc.png?alt=media\&token=85c84c83-e74a-4f26-a056-307716893084) #### 14. Select the existing controls that serve as a baseline Click "Treatment" to define the risk treatment options for your scenario. ![Select the existing controls that serve as a baseline](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2F98pwZGqbtWgAYg78gSBVx4_doc.png?alt=media\&token=b8409531-ebce-41db-a163-26348bbe09c5) #### 15. Click "Simulation Parameters" Click "Simulation Parameters" to set parameters for your risk simulation. ![Click 'Simulation Parameters'](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2FbdxdnKJ6byi9Q1HML2Jha9_doc.png?alt=media\&token=c350f547-7064-4d14-89b1-73182831483a) #### 16. Fill the probability of the current baseline Fill "0.40" to set the probability or impact factor for the simulation. ![Fill the probability of the current baseline](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2Fd3Ry8LTbs9owtfa976xTkU_doc.png?alt=media\&token=12390716-b740-4635-81a2-ab65d3435f9f) #### 17. Setup your lower bound (best case scenario) Click here to proceed to the next parameter. ![Setup your lower bound (best case scenario)](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2F7n6khXirYZigZVsHGACG9o_doc.png?alt=media\&token=e76e6a8b-a247-40d2-a6df-351f1b037fd3) #### 18. and your upper bound (worst case scenario) Fill "100000" to set the worst-case loss estimate for the scenario. ![and your upper bound (worst case scenario)](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2F6i6QKPE8DqQGYKa6ZmiiMd_doc.png?alt=media\&token=519a7b15-379b-4beb-9d90-44471a5127b9) #### 19. Click "Save" Click "Save" to apply your simulation parameters. ![Click 'Save'](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2F533U8t8uxF1NDk7oumV8aC_doc.png?alt=media\&token=877e9203-c3d2-4481-82aa-996896082fde) #### 20. Click on the hypothesis and then Click "Run simulation" Click "Run simulation" to start the risk quantification process based on your inputs. ![Click on the hypothesis and then Click 'Run simulation'](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2FodYJaXUTwAmX626Gf8Mbbq_doc.png?alt=media\&token=0fbdc43b-6a55-41a2-8b89-b6408cfc2fde) #### 21. You'll notice that your LEC chart has been generated as well as multiple risk insights You can hove over the chart for a fine grained review #### 22. Click here to go back to the scenario Click "first scenario" to select the scenario for which you want to view simulation results. ![Click here to go back to the scenario](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2FiXfWkb5UHAfv9ke98fCdPL_doc.png?alt=media\&token=0f45360f-f042-4bd1-b680-296c0db9ef58) #### 23. Let's create a new hypothesis Click "New hypothesis" to create a what-if analysis for alternative risk treatments. ![Let's create a new hypothesis](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2FeFtp1Q9fX8qM4SbQVjiNin_doc.png?alt=media\&token=e3d0be89-fc62-4cce-b158-2935ddc7d1c2) #### 24. Click "Treatment" Click "Treatment" to assign treatments to your new hypothesis. ![Click 'Treatment'](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2Fpsf5ReRKyjAv8objynN1hv_doc.png?alt=media\&token=1974526b-664f-4acc-aaa9-ce570283397b) #### 25. and pick one of the controls you want to implement Click "DEMO/Deploy EDR solution" to select the deployment of an Endpoint Detection and Response solution as a treatment. ![and pick one of the controls you want to implement](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2F4vu3uWKY6vBtfARP545hJ7_doc.png?alt=media\&token=0eb4a770-d806-4b14-a4bc-6096174a1590) #### 26. Click "Simulation Parameters" Click "Simulation Parameters" to adjust parameters for the hypothesis simulation. ![Click 'Simulation Parameters'](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2Fot2v9F7N64HFL3rWMRJt4m_doc.png?alt=media\&token=d834d4cf-82dc-4647-bb09-8fcfd210e029) #### 27. update the simulation parameters of this hypothesis based on your estimate of risk reduction with this treatment plan ![update the simulation parameters of this hypothesis](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2FpijJzU6wThf6irKYGZEiaD_doc.png?alt=media\&token=c3df0af8-1d34-439e-908f-90bd67e639b2) #### 28. Update the probability and/or the UB/LB Fill "0.2" to set the updated probability or impact factor for the hypothesis. ![Update the probability and/or the UB/LB](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2FmJ8GHkz9VisG22QhHDpcrg_doc.png?alt=media\&token=2dc83d5d-df8e-425e-9d0f-26c328c16a62) #### 29. Click "Save" Click "Save" to store your hypothesis simulation parameters. ![Click 'Save'](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2F526wxhumdZrzBAvRtfMW1X_doc.png?alt=media\&token=e484bd55-0ec6-49df-8fa7-191a8c608e70) #### 30. Click "Run simulation" Click "Run simulation" to execute the what-if analysis and compare results. ![Click 'Run simulation'](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2Fvt2Awhka1S2Xhr2W6bKE5X_doc.png?alt=media\&token=94b045c8-fb14-41bb-9cfb-3094d0039576) #### 31. Let's go back to the scenario to compare the two hypotheses Click "first scenario" to return to the main scenario view. ![Let's go back to the scenario to compare the two hypotheses](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2Fg8Y1vo8c1JAgsMLCrMgjjq_doc.png?alt=media\&token=14083293-3572-43b4-9c8e-bfee1838643c) #### 32. What if the ROSI is not calculated? Click your control to jump to its details. ![What if the ROSI is not calculated?](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2Fnej3bWoDUXJA9J9G5ZS3Xn_doc.png?alt=media\&token=cff0f062-bbd4-42d2-8e06-5d9141c4b5d7) #### 33. Click "Edit" Click "Edit" to modify treatment or scenario settings as needed. ![Click 'Edit'](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2F67u1JKPstXgTznTnYiXzfc_doc.png?alt=media\&token=3970b4cb-8303-4341-b0c9-458209fb023e) #### 34. Click "Cost" Click "Cost" to enter the financial impact or cost associated with the treatment. ![Click 'Cost'](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2F4rtd8QTZXfd2tfUTsfQYN5_doc.png?alt=media\&token=b141d68b-6c41-443a-97bb-31f93e520cc9) #### 35. Describe the Build and Run cost structure Click here to open the cost input field. ![Describe the Build and Run cost structure](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2F9WtARB7vxEs51LMcb7THRm_doc.png?alt=media\&token=bcf7093b-eed8-40f8-85c8-df013c6b2ab4) #### 36. Click "Save" Click "Save" to apply your cost settings. ![Click 'Save'](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2FbK2fMGkYW4AMCCnfjow9MP_doc.png?alt=media\&token=fe3e3b68-1683-42b9-b5ef-a84dce7608f7) #### 37. The ROSI will get refreshed when you access the scenario again Accessing a residual hypothesis details section will show you the calculation of ROSI #### 38. What if I want a summary of all my scenarios and a portfolio overview Click "Executive Summary" to view a high-level overview of your risk quantification results. ![What if I want a summary of all my scenarios and a portfolio overview](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2F5A71G4o3rpodDuNYaCLVCZ_doc.png?alt=media\&token=ad648d93-58bd-4133-b6f9-0f0c4fd73810) #### 39. You can go "Back to Study" anytime to refine the scenarios and hypotheses Click "Back to Study" to return to detailed study configuration. ![You can go 'Back to Study' anytime to refine the scenarios and hypotheses](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2Fa8oAxfiq1m7LqeC4Z6YYwr_doc.png?alt=media\&token=a2315c8e-40f2-4d0c-b3a6-f3c8b54ae057) #### 40. What if I want to set a loss threshold Click "Edit" to make further changes to your study settings. ![What if I want to set a loss threshold](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2F7J1qfUK1ZiDAHUNprMNpx1_doc.png?alt=media\&token=e693646b-d367-45b5-abed-d7830d62fcff) #### 41. Click "Tolerance settings" Click "Tolerance settings" to adjust risk tolerance thresholds for your analysis. ![Click 'Tolerance settings'](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2FvNgnRMZZENF7skrTRfKD3S_doc.png?alt=media\&token=e149fedf-3760-4993-8bfb-5025e18c78d4) #### 42. Click here Click here to open tolerance input fields. ![Click here](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2FtSRyYcijmauPbFBuumiznx_doc.png?alt=media\&token=7f3ddbaf-7b69-4d9a-b781-720badc98b16) #### 43. Click "Save" Click "Save" to confirm your tolerance settings. ![Click 'Save'](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2F8MSsMQ5KVLTNb5uWsSqpvq_doc.png?alt=media\&token=d6a2e5c0-992b-405e-9ea2-15d627cb0b83) #### 44. Tip: click "Retrigger All Simulations" to refresh all simulations and insights Click "Retrigger All Simulations" to rerun simulations with updated parameters and settings. ![Tip: click 'Retrigger All Simulations' to refresh all simulations and insights](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2F5J17NdZrqXTfoq3w5KKuzs_doc.png?alt=media\&token=a7cc91d8-b754-4b21-a5b8-3c7866f09db9) #### 45. Don't forget to use this to go to the parent object From a hypothesis to its parent scenario, or from a scenario to its parent study ![Don't forget to use this to go to the parent object](https://static.guidde.com/v0/qg%2FJ0RVKao966SmT5uQXRHVpcgc2yd2%2FwTDpUXVPGoG4HGxhw44iN3%2FabVFKZPMA4dzBExHN81jsk_doc.png?alt=media\&token=63d1b191-417c-4567-8beb-3b833f3437fc) You have successfully completed a Cyber Risk Quantification study using the CISO Assistant. By defining scenarios, assigning assets and threats, configuring treatments, and running simulations, you can now analyze potential risks and their financial impacts. To verify success, review the Executive Summary and ensure simulations reflect your updated parameters. Next, consider exploring advanced hypothesis testing or adjusting tolerance settings to refine your risk management strategy. [Powered by **guidde**](https://www.guidde.com)