Words of Estimative Probability (WEP) in Cyber Threat Intel
Words of Estimative Probability (WEP or WEPs) are used to express the likelihood of an event occurring. They’re necessary because there are varying degrees of reliability of intelligence sources and information. They were originally defined by CIA analyst Sherman Kent, and are frequently used in cyber threat intelligence, as well as other intelligence disciplines.
Words such as “unlikely,” “probable,” or “almost certain” can be ambiguous, so someone reading finished intelligence may interpret them differently than the analyst who produced the intelligence. Words of Estimative Probability help reduce misunderstanding by quantifying such qualitative statements, by assigning probability ranges to them.
Words of Estimative Probability are available in MISP, which refers to them as estimative language.
Sherman Kent’s Words of Estimative Probability
Here are the Words of Estimative Probability originally defined by Sherman Kent:
- 100%: Certainty
- 93% ± 6% (87–99%): Almost certain
- 75% ± 12 % (63–87%): Probable
- 50% ± 10 % (40–60%): Chances about even
- 30% ± 10 % (20–40%): Probably not
- 7% ± 5 % (2–12%): Almost certainly not
- 0%: Impossibility
Center for Cyber Intelligence’s Words of Estimative Probability
Here are alternative Words of Estimative Probability defined by the Center for Cyber Intelligence:
- Highly Likely (highly probable, convinced, virtually/almost certain, high likelihood, odds/chances are overwhelming): >90%
- Likely (probable, chances are good): 60–89%
- Even Chance (possible, chances are about even): 40–59%
- Unlikely (not likely, improbable, doubtful): 10–39%
- Highly Unlikely (highly improbable, nearly impossible, highly doubtful, almost certainly not, virtually impossible): <9%
Confidence Levels
Some intelligence organizations use confidence levels, such as low, moderate, and high confidence.
