Communicate Feedback to Every Employee and Executive
Proactively inform employees about their individual security performance
& executives about security effectiveness
Foster a dialogue between security teams & employees
Some employees are targeted more frequently by attacks than others. These riskier front-line workers need to know to remain more vigilant. The security team can communicate what a threat looks like, what actions to take, and other tips on how to keep the organization more secure.
Communicate to employees in a personalized, trusted context about their security decisions and the repercussions. Help them understand how their actions compare to those of their peers. Explain the rationale behind changes in security policy, such as adjustment to access levels, permissions, and other controls.
Build executive support for new methods of reducing human risk
Security controls are regarded by many managers as creating unnecessary friction in the organization. Avoid workarounds by building support for a new way to approach cybersecurity. Human Risk Scores for managers can help them understand how their team, department, or region is performing and where the real issues are.
More important than communicating where employees are falling short, managers want to know where they are improving and doing well. Executives want to know what security tools are working and which aren't. Security shouldn't be punitive, and no enterprise should rely on awareness training alone to turn the tide.
"Elevate Security platform is a critical part of how we gain visibility into and report on the trends around employee risk. We share these metrics that show effectiveness of our activities and improvement to our security posture over time with the board on a regular basis"
CISO, Large Healthcare Insurance Provider
"Elevate Security provides a level of actionable insight that is extremely valuable in assessing security risk and defining corporate awareness strategy."
Yinka Badmus, VP, Global Security Risk Operations, Equifax
"Availability of Security Reputation Score from Elevate Security has been a game changer for us. It allows us to exempt employees who exceed a certain threshold from taking Security Awareness Training and still remain compliant with the regulators. In our business that contributes to both the bottom line savings and top line growth."
CISO, Large Professional Services Company