Cyber incidents are a major risk facing organizations and companies of all sizes and industries. Cyber incidents ranked third in a list of the most important global business risks for the upcoming year, coming in second behind risks stemming from the pandemic itself. Cyber risk quantification allows CISOs to identify and rank risk scenarios that are most critical to their enterprise, based on factors such as which attacks would have the biggest financial impact, and how equipped the company is to defend itself against any given attack. Security leaders can calculate the return on investment of their tools and teams in the context of risk reduction for the enterprise.
Source: https://www.helpnetsecurity.com/2021/03/17/cyber-risk-quantification/