Table 2. Host protection and threat reduction. If we can ensure the safety of a subset of the network by stringent control (or limit risk by blocking access to the hosts), we can calculate the resulting reduction in the incidence of a given threat. The desired degree of reduction in threat incidence determines a threshold for selecting hosts according to the risk factor services they run. This table shows the expected reductions in the incidence of the JBoss worm by means of different selection criteria.

Number of risk-factors	Covered hosts	Threat reduction
at least 1	66.6%	98.9%
at least 5	14%	79.5%
at least 9	2.1%	45.1%
at least 12	1.7%	40%