Cybersecurity Reference > Glossary
Loss Event Frequency (LEF)
A Loss Event Frequency is a quantitative measure of how often a particular type of security incident or loss event occurs within a specified time period.
This metric forms a critical component of quantitative risk assessment methodologies, particularly in frameworks like FAIR (Factor Analysis of Information Risk), where it helps organizations calculate the probable frequency of different threat scenarios.
Loss Event Frequency is typically expressed as the number of incidents per unit of time, such as events per year, and can be derived from historical data analysis, industry benchmarks, expert judgment, or statistical modeling. Organizations use this metric alongside Loss Event Magnitude (the potential impact of each incident) to calculate Annualized Loss Expectancy and other risk metrics.
Accurate measurement of Loss Event Frequency requires comprehensive incident tracking, proper categorization of security events, and sufficient historical data to identify meaningful patterns. Factors that influence frequency include threat actor capability and motivation, organizational vulnerability levels, existing security controls, and external environmental conditions. This metric enables security teams to prioritize investments, justify security spending, and make data-driven decisions about risk treatment strategies by providing a quantitative foundation for comparing different risk scenarios.
Need Help Modeling Loss Event Frequency?
Plurilock's risk analytics expertise can help quantify and model your cybersecurity loss events.
Get Risk Modeling Support → Learn more →Downloadable References
Sample Governance Policy for AI Use
Establishing Guardrails for AI Whitepaper
