Organizational risk assessment based on attacks repetition
Risk assessment is a very critical and important process to protect the organization assets and reputation against security threats and risks. It provides a clear picture of the current threats that the organization is facing and helps the top management to take the right decision to eliminate or mitigate those risks. Usually if the vulnerability is exploited, the same attack may be happen twice or more in a different time periods because the vulnerability has been exploited and not mitigated. In this paper, we are illustrating our observation of the relation between the risk value and the number of attacks targeting this risk. © 2012 IEEE.