Our 'Risk' pages make it easy to see where specific security risk appear in your organisation. Surfacing this data means that you can take steps to reduce the risk in these areas before an incident happens.
You can find this report in the Admin menu: Reports > Risk.
If you have the CybSafe ‘Insights’ package you can also view the risk on an individual or group basis. This means you can deliver tailored learnings to specific groups depending on their risk. The ‘Insights’ package also means you can narrow down by date to ensure your training is as relevant as possible, and provided at the best time.
Risk outcome tab
Here you can see how certain risk categories have been tracked over time. The 'Risk category' percentage shows the change in risk over the last 30 days (or other custom date range if you have our Insights package).
On this page you can also see the 'likelihood' and 'impact' of this risk on your organisation.
Each risk outcome has its own impact score that is based on the three impact factors of expected monetary loss, expected level of effort, and expected level of disruption.
In the Risk outcome reports impact can be seen on the risk outcome banner.
The impact factors are customisable, each with a value between 1 and 4.
The three impact factor values are multiplied together to create an combined score between 1 (1x1x1) and 64 (4x4x4).
The combined score is mapped using the below chart to determine the impact score (1 to 5) and impact category (Minor, Moderate, Major, Extreme)
Using the ‘Analytics’, ‘Recommendations’, ‘Linked behaviours’ and ‘Risk factors’ tabs, you can then delve into the specific security behaviours linked to this risk, and possible actions to take.
Analytics tab
In this tab you can see the 'Risk outcome score' over time.
Recommendations tab
In this tab you can see 'Risk reduction insights'. These are some of the behaviours that contribute to the risk that might need increased coverage. You can take 'Actions' based on these recommendations by clicking on the three dots which will give you options to send a nudge, assign a module or a goal.
Linked behaviours tab
This tab shows you the specific behaviours linked to the risk and how your organisation is performing.
Risk factors: Score contributions
This tab shows the actual contribution rates and scores for each risk factor. You can find more on risk factor contributions on the 'Human cyber risk with CybSafe' [CHECK LINK] Help Centre page.
Risk factors tab
This graph shows the risk of each category, and the proportion of your users exhibiting good security practices.
Groups/ People tabs
With the CybSafe 'Insights' package you can also break down the risk in your organisation by ‘groups’ and specific people, using the relevant tabs.
Recommendations tab
This tab outlines some of the behaviours that contribute to the risk that might need increased coverage. You can take 'Actions' based on these recommendations by clicking on the three dots which will give you options to send a nudge, assign a module or a goal.
Activity log tab
These activity logs give you visibility of all of the events that feed into our behaviour scores.
Impact settings
To tailor the impact of a security risk to your organisation, you can change the settings to reflect the impact one would have on the organisation. This is then pulled through to each risk category so you can see the real impact, and use this to report to other stakeholders in the business, giving real life examples.
See more information on 'Impact settings' Help Centre article here.
What steps should I take when I have spotted an area to reduce risk in?
If you have the CybSafe Insights package, then we have done the work for you! In our ‘Recommendations’ tab we have calculated 10 risk-reduction insights. These are the highest tier behaviours, with the lowest coverage and targeting these will have the highest chance of reducing risk outcomes.
Still have questions?
If you still have questions, you can contact the CybSafe team via [email protected]. We’re on hand to help resolve any further issues!