Incorporating technologies across all sectors has meant that cybersecurity risk assessment is now a critical step in management. However, can be complicated process for organizations. Therefore, many authors have attempted to automate this using qualitative and quantitative tools. The problems with the tools stage general are (1) not considering sub-steps of (2) identifying variables necessary ...