The key to creating a safe computing environment is electing and following the appropriate ‘Cyber Risk-Based Monitoring’ assessment methodology. However, assessing risk and recognising the rate of return is a time-consuming task to accomplish. Thus, it often does not become a priority for many businesses and corporations. Determining risk can be a complicated task due to limited resources and a constantly changing threat landscape. Because of this, IT security experts must have a toolset to help them create a comprehensive view with regards to the potential impact of different IT security related threats and attacks. This toolset should be reliable, and cost-effective.