Latest News

Cyber Forecasting Model Discovered in Verizon’s Incident Data

HALOCK Security Labs was recently recognized for their contribution to the 2024 Verizon Data Breach Investigations Report (DBIR) having found a way to practically apply Verizon’s raw data for risk assessments.

HALOCK’s HIT Index (HALOCK Industry Threat Index) uses Verizon’s crowd-sourced dataset known as the VERIS Community Database (VCDB). It contains over 10,000 breach records with more than 2,500 columns detailing the characteristics of each attack. The HIT Index is a detailed analysis of the VCBD data against a set of cybersecurity safeguards. It states that the more commonly a threat appears in incident records, the more likely it would be the cause of an eventual incident.

A version of the HIT Index methodology was donated to the Center for Internet Security (CIS) and incorporated into the CIS Risk Assessment Method (CIS RAM 2.1) which is provided free to the cybersecurity community.

“When you look at the data deeply, you see the patterns emerge. We just needed to model it in a way that people can use in risk analysis. The stronger your safeguards are for each threat, the less you should expect them to happen.” – Todd Becker, Principal at HALOCK

This is not HALOCK’s first foray into giving away intellectual property. HALOCK also developed the Duty of Care Risk Analysis methodology, or “DoCRA,” to define reasonable security. Its principles have been adopted by CIS and cited by regulators from ten states. In conjunction with the HIT Index, this standard has been implemented as a part of CIS RAM and can be applied to most risk assessment methodologies prevalent today.

Reasonable Risk LLC, a GRC SaaS application and sister company to HALOCK, has automated the HIT Index, CIS RAM, and DoCRA using VCBD data. Organizations using the application can derive the likelihood of threats based on real threat data (combined with the maturity of the safeguard in place), making risk analysis more credible and automatic.

“Anyone who has been part of a risk assessment has been asked to determine the ‘likelihood’ of an event happening. The answer usually leaves us feeling like we are guessing. The Reasonable Risk Application utilizes the VCBD data to derive likelihood levels instead of guessing.  This results in significantly more accurate risk scoring, which in turn translates to better prioritization for risk remediation. Deriving likelihood is a transformative step forward for risk management.” – Jim Mirochnik, CEO of Reasonable Risk, LLC

Until now, VCBD data has not been utilized to improve risk assessments. A broad understanding of various cybersecurity attack vectors, as well as the knowledge of how to manipulate that data into insight, is required. HALOCK’s team has created several solutions to facilitate ease in solving this exact problem, earning their credit in the 2024 Verizon DBIR.

To learn more about how DoCRA and the HIT Index (using VCDB data analysis) has been optimized in a Risk Management SaaS application, please visit


HALOCK is a risk management and information security consulting firm providing cybersecurity, regulatory, strategic, and litigation services. HALOCK has pioneered an approach to risk analysis that aligns with regulatory standards for “reasonable” and “appropriate” safeguards and risk, using due care and reasonable person principles. As authors of CIS Risk Assessment Method (RAM) and board members of The Duty of Care Risk Analysis (DoCRA) Council, HALOCK offers unique insight to help organizations define their acceptable level of risk and establish reasonable security.

To Top

Pin It on Pinterest

Share This