Keys to effective security training may lie in behavior science

by | Oct 19, 2022 | Technology

Did you miss a session from MetaBeat 2022? Head over to the on-demand library for all of our featured sessions here.

Few risks are as difficult to manage as human risk. How do you measure how likely an employee is to click on a link or attachment in a phishing email or share the wrong piece of information with an unauthorized third party? According to behavioral risk platform, Cybsafe which launched today, the answer, is behavioral science. 

Cybsafe’s new platform uses behavioral science and data taken from security behavior database SebDB to provide enterprises with human risk quantification. The platform can measure over 70 security behaviors including whether users implement strong passwords or deploy multi-factor authentication (MFA). 

For enterprises, this behavioral risk platform-based approach has the potential to offer an alternative to security awareness training programs, to calculate the precise level of risk employees pose to an enterprise’s security standing. 

Addressing human risk with behavioral science 

The announcement comes as concerns over human risk continue to grow, with Verizon research finding that 82% of data breaches involved the human element, including social attacks, errors, and misuse. 

Event
Low-Code/No-Code Summit
Join today’s leading executives at the Low-Code/No-Code Summit virtually on November 9. Register for your free pass today.

Register Here

An unfortunate reality of the current threat landscape is any mistake an employee makes, from selecting a weak password to failing to update a personal device or clicking on a link in a phishing email, can leave sensitive information exposed. 

While many enterprises turn to security awareness training to highlight the importance of best practices and eliminating high risk behavior, these approaches are often limited in focus. 

“The status quo is unsafe, untenable and unacceptable. It gives organizations a false sense of security. Traditional security awareness training doesn’t consider the range of security behaviors. It doesn’t target those security behaviors. It is not built to change security behaviors,” said CEO and founder of CybSafe, Oz Alashe. 

“It also lacks the scientific rigor of behavioral and data science and is lacking in the tracking and measurement that organizations need to reduce people related security risk,” Alashe said. 

Instead, Alashe believes that digitizing human risk quant …

Article Attribution | Read More at Article Source

Share This