Skip to main content

How Hyver Calculates Cost of Breach (CoB V2)

Learn how Hyver’s advanced breach impact model estimates financial loss using real-world data and maturity scores.

Updated over 5 months ago

Overview

This article explains how Hyver calculates the Cost of Breach (CoB) in version 2 of its risk model. CoB v2 uses a more comprehensive and evidence-based approach than earlier models, incorporating maturity scores, predictive analytics, and industry-wide breach data to estimate financial impact more accurately. This helps security leaders and decision-makers understand what’s truly at stake.

A More Advanced Approach to Breach Impact

CoB v2 builds on the limitations of traditional breach modeling by combining:

  • Sophisticated algorithms and machine learning

  • Public and proprietary breach data

  • Your organization's Business profile

  • Inputs from the Maturity assessment, particularly at the NIST CSF subcategory level

The result is a model that tailors financial impact estimates to your specific security posture and operational reality.

Key Data Sources Used

  • Advisen’s cyber loss database: Over 90,000 real-world cyber events

  • CYE’s proprietary intelligence: Risk assessments, red team engagements, and internal breach data

  • Industry benchmarks: Including ransomware trends, insurance data, and regulatory fines

  • NIST CSF maturity scores: Directly influence the CoB output

This combination provides a much more accurate picture than models based solely on headcount or customer records.

How the CoB v2 Model Works

The model uses:

  • Inputs from the Business Profile and Maturity Assessment

  • Machine learning to estimate breach scale and severity

  • Smart calculators for business continuity, ransomware, and legal/regulatory impact

These are blended with probabilistic models to generate your estimated breach cost — not as a guess, but as a result of validated, evidence-backed logic.

Better Than Traditional Models

Most insurance-based models only account for:

  • Containment costs: Breach coach, call center, investigation

  • Regulatory fines & lawsuits: Often based only on customer count and leaked record types

But these approaches often miss:

  • Product liability (e.g., a software vendor being liable for a client’s breach)

  • Hidden costs (like long-term brand damage or IP loss)

  • Organizational maturity (a key factor in real-world breach outcomes)

Hyver’s CoB v2 takes these into account — and more — by incorporating actual maturity data and a wider scope of loss components.

Important notes

  • CoB v2 requires Maturity subcategory scoring to function correctly — your maturity data feeds directly into the breach impact model

  • Vendor liability and ransomware impact are now explicitly modeled, offering broader visibility into financial exposure

Wrap-up / Next Steps

CoB v2 gives you a smarter, more reliable view of what a breach would actually cost — and why. By including maturity scores and validated event data, Hyver’s approach helps you budget wisely and explain risk in business terms.

Related Articles
Switch Cost of Breach (CoB) versions in Hyver
Cost of Breach in Hyver
Inputting Cost of Breach Data (CoB V2)
Maturity Factors in Cost of Breach (CoB V2)
Reviewing Cost of Breach Results (CoB V2)
Did this answer your question?