Glossary
Expected annual loss (ALE)
The sum, over every incident scenario, of its annual probability times its cost. The number underneath every cyber insurance quote.
Expected annual loss, sometimes called annual loss expectancy, is what you get when you multiply the cost of each incident by how likely it is in a year, then add across scenarios:
Expected Annual Loss = Σ Probability(incident) × Cost(incident)
A 2M breach that is 10% likely this year contributes 200k of expected loss. Sum ransomware, data breach, business interruption, BEC and regulatory, and you have the pure premium an insurer starts from.
It turns a scary worst case into a number you can budget against and compare to the cost of a control. How insurers use it, or run it for your business.