The audit leverages AwareGo’s Human Risk Assessment so that its clients can quickly identify vulnerabilities among their employees and address them right away. The audit is conducted by AwareGO experts who work with clients through the entire process, the company said in a prepared statement.
Gaining A Clearer Picture of Employee Security Behaviors
The first step, says AwareGO, is to work with the client to determine the scope and priorities for the audit, based on company structure, risk profile, security stance and more. Then, the employees will be assessed across six different threat areas:
- Sensitive data handling
- Device handling
- Physical security
- Remote work
Once completed, AwareGO delivers a detailed report on the results. Their experts also consult with the client to identify potential next steps to reduce vulnerabilities, as well as to develop an informed, data-support cybersecurity strategy.
AwareGO CEO Ari Jonsson explained the need for and advantages to the Employee Cybersecurity Risk Audit service:
“Today, around 90% of all successful cybersecurity attacks involve employees enabling the break-in. It is therefore critical for anyone responsible for an organization's cybersecurity to have a clear picture of what employees know and how they behave in the face of potential threats. Only then is it possible to effectively respond with training or other risk-reducing approaches.
“AwareGO's Human Risk Assessment software is the first of its kind when it comes to measuring both the knowledge and the behavior of employees for a broad range of cybersecurity threats, going far beyond just phishing. This capability is allowing us to now launch our full-service Employee Cybersecurity Risk Audit for organizations. In this audit, our cybersecurity experts work directly with individual organizations to set up the appropriate assessment, execute it, evaluate the outcome and map that to effective risk-reducing decisions.”
The Human Side of Cyber Risk
Created by cybersecurity experts, behavioral scientists and interaction designers, the Human Risk Assessment uses interactive scenarios to assess employees across a wide range of threat areas and key behaviors, AwareGO explained. The resulting dashboards and reports help identify vulnerable departments and roles. Actionable insights subsequently inform security strategies to improve any organization’s overall cyber defense and reduce cybersecurity risks.
In June 2022, AwareGO conducted a Human Risk Assessment study, asking 100 cybersecurity professionals five questions about how much their cybersecurity knowledge differs from their personal behavior. The questions focused on critical threat areas, such as phishing, sensitive data, remote work and password handling.
Ninety-five percent respondents said that they “understood what sensitive data is and that they would not share anything sensitive on social media.” Also, 90% said that “they would not use unsecured Wi-Fi.” The same number said that they “can recognize a phishing email.” However, only 30% said “they would not report a phishing email.”
Wondering how you stack up against other cybersecurity professionals? AwareGO offers its Mini Human Risk Assessment.