Human Risk Service

Upskill your team from cyber zeroes to cyber heroes

People make mistakes

6 out of 7 of breaches involve human error.

People are targets

1 out of 3 of breaches involve phishing emails.

Stolen credentials

2 out of 3 of breaches involve stolen user credentials.

People can be your greatest weakness

Whether it’s sharing passwords with colleagues, emailing sensitive data to the wrong recipient, or falling victim to a phishing attack, people can be the weakest link in your cyber security.

Left unaddressed, you face the risk of data breaches, fines, or damage to your business’s reputation.

Reduce incidents

Cybersecurity incidents are reduced by 70% by awareness training.

Reduce impacts

A modest investment in training has a 72% chance of reducing the impact of a cyber attack.

7-fold ROI

Even the least effective training programs have a 7-fold Return On Investment.

* Data taken from Varonis, Verizon, and Ponemon Institute.

People can be your greatest strength

Our Human Risk Service (HRS) helps you to plug the “people chink” in your cyber armour, through individualised security awareness training programs, periodic phishing simulation campaigns, simplified policy management and ongoing dark web monitoring – all completely managed for you.

For little more than the price of a cup of coffee per month per person, you can sit back and relax while we turn your team from cyber zeroes to cyber heroes, making them your first line of defence against the bad guys.

Free trial

You can try out the Human Risk Service for cost and obligation free for up to 3 people for 14 days.

For each person participating in the trial you’ll get:

  • Dark web scan for stolen information.
  • Gap analysis quiz and results.
  • One training course module.

Demonstration of the phishing and policy management modules can be additionally arranged upon request.

Arrange a free trial

Human Risk Service modules

Security awareness training

Assess each person’s security knowledge gaps and automate regular training courses that tackle their unique risk areas.

  • Individual-tailored training.
  • Covers all essential topics.
  • Automated reminders.
  • Track user progress.

Simulated phishing

Periodic phishing simulations that assess your teams’ ongoing risk to a range of attack techniques.

  • Identify at-risk team members.
  • Educate users on threats.
  • Tailored simulations.
  • Instantly train at-risk team members.

Dark web monitoring

Continual dark web scanning for stolen credentials belonging to any of your team.

  • Helps avoid targeted attacks.
  • Details on who was breached.
  • Details on what data was stolen.
  • Enables pro-active action.

Policy management

Keep team members well-versed on security processes with easy policy management and trackable eSignatures.

  • Standard or tailored templates.
  • Tracks confirmation signatures.
  • Automated reminders.
  • Centralises your cyber policies.

How it works

Security awareness training

Click to zoom
Each person is asked to complete an online gap analysis questionnaire to establish their strengths and weaknesses in cybersecurity awareness. It should only take about 20 minutes to complete. Automatic reminders are sent if someone fails to complete the questionnaire. Completion reports are available to managers.
Click to zoom
The results of each gap analysis is used to generate a training programme specific to that person. Any areas of particular weakness are addressed first. As well as 12 topic areas, the system has 3 levels of training to select from; beginner, intermediate, and advanced.
Click to zoom
Each person will receive a monthly invitation to a new course module. Each module should take about 5 minutes to complete. Automatic reminders are sent if someone fails to start a course. Completion reports are available to managers.
Click to zoom
At the end of each course module a brief questionnaire verifies how well the person understood the content. The results are fed into the scheduling engine, allowing the system to, for example, repeat a course topic at a less advanced level if the person scores poorly on the questionnaire. Score reports are available to managers.

Simulated phishing

Click to zoom

NB: requires the cooperation of your IT team and/or Managed Service Provider.

Simulated phishing messages can be sent to selected or all team members. A wide range of designs are available, or we can build one specifically for your organisation. The system records who opens the message, who clicks any links in it, and anyone who enters credentials.

Click to zoom
Links in phishing messages lead to simulated landing pages. The system records whether or not team members are fooled enough to enter their credentials (NB: credentials are not saved by the system). A summary report of each recipient's actions is available to managers.