Breach Blast Radius Simulator
Estimate your organisation's likely breach impact — dwell time, ransomware probability, blast radius, and recovery cost — based on your current security controls.
01 // Detection & Response
These controls determine how quickly you detect and respond to threats.
e.g. CrowdStrike, SentinelOne, Defender for Endpoint
Security Operations Centre or Managed Detection & Response service
Written plan that's been exercised/tabletop tested in the last 12 months
02 // Access Control
Controls that limit attacker movement and privilege escalation.
Multi-factor authentication on email, VPN, admin portals, cloud apps
Controlled admin access, credential vaulting, just-in-time access
VLANs, micro-segmentation, or zero trust network architecture
03 // Prevention & Hygiene
Proactive controls that reduce your attack surface.
Advanced email filtering, DMARC, sandboxing, link protection
Regular scanning, patching cadence, prioritised remediation
Regular phishing simulations, security training for all staff
04 // Recovery Readiness
Your ability to recover when (not if) something goes wrong.
Regular backups with tested restores, offline/immutable copies
05 // Organisation Profile
Industry and size affect breach costs and attacker targeting.
🎯 Top 3 Recommendations
- IBM Cost of a Data Breach Report 2024 — global average breach cost USD $4.88M; healthcare highest at $9.77M
- Mandiant M-Trends 2024 — global median dwell time 10 days (with detection controls); 100+ days without
- Verizon 2024 DBIR — 24% of breaches involve ransomware; 68% involve human element
- Calculations are estimates based on statistical averages and control effectiveness research. Not a substitute for professional risk assessment.
📊 Get Your Full Risk Report
Receive a detailed PDF with personalised recommendations, cost-benefit analysis, and a prioritised remediation roadmap.