Industrial Cybersecurity & OT Risk worked example
Vendor Remote Session Risk with vendor session impact score of 20 score: a worked example
This scenario runs the vendor remote session risk calculation on the strong side: vendor session impact score of 20 score, with every other input held at its documented default. Use it when reviewing remote support sessions for integrators, OEMs, machine builders, and service providers.
The inputs for this scenario
- Vendor session impact score: 20 score (raised for this scenario; the documented default is 8)
- Vendor session exposure score: 7 score (unchanged)
- Vendor access control weakness score: 4 score (unchanged)
Working through the calculation
- Applying the documented formula (Vendor remote session risk score = vendor session impact score × vendor session exposure score × vendor access control weakness score) to the inputs above produces each figure below.
- At this operating point the engine returns 11.45 score for vendor remote session risk score, the number this scenario is built around.
- At this operating point the engine returns 20 score for vendor session impact score.
- At this operating point the engine returns 7 score for vendor session exposure score.
- At this operating point the engine returns 4 score for vendor access control weakness score.
How this compares with the baseline
- Against the tool's baseline example, where vendor session impact score sits at 8 score and the headline result is 6.65 score, this scenario comes in 72.18% above the baseline at 11.45 score.
- Use it to rank standing OEM, integrator, and support connections so you harden the most dangerous sessions first. Treat this as a target state: the delta against the baseline quantifies what the improvement is worth before you commit to chasing it.
Results at a glance
- Vendor remote session risk score: 11.45 score (headline result)
- Vendor session impact score: 20 score
- Vendor session exposure score: 7 score
- Vendor access control weakness score: 4 score
Run it with your numbers
- Every input above is editable in the live Vendor Remote Session Risk calculator, which recalculates instantly and can be shared with the inputs intact.
Last reviewed 2026-05-12.