Network security situation assessment is an important research topic in the field of network security. In particular, the hierarchical analysis method is widely used in practice. However, the current assessment methods neglect common interrelation and restrictive correlation among security situation factors, and lack of security events backtracking capability. In this work, we proposed a new network security situation assessment method based on Fuzzy Cognitive Maps (FCM). Firstly, we created a structured description of the original security events. Secondly, we generated the FCM structure semi-automatically according to the original structured security events via the FCM build method we proposed. Thirdly, we classified the concept nodes into four types, i.e., vulnerability, service, host and system. Fourthly, we computed the security situation values of each type and the value of network security comprehensive situation. Fifthly, we assessed the network security comprehensive situation (NSCS) according to the network security state level table. At last, we introduced how to find the high risk events and trace the precondition. We used the DARPA2000 dataset which is developed by Lincoln Laboratory to verify and analyze our method and illustrated how to trace back the high risk events. The result shows that our method can model the network security situation accurately, and also has the security risk events backtracking capability.