VentureBeat presents: AI Unleashed - An exclusive executive event for enterprise data leaders. Network and learn with industry peers. Learn More
>>Don’t miss our special issue: How Data Privacy Is Transforming Marketing.<<
Few risks are as difficult to manage as human risk. How do you measure how likely an employee is to click on a link or attachment in a phishing email or share the wrong piece of information with an unauthorized third party? According to behavioral risk platform, Cybsafe which launched today, the answer, is behavioral science.
Cybsafe’s new platform uses behavioral science and data taken from security behavior database SebDB to provide enterprises with human risk quantification. The platform can measure over 70 security behaviors including whether users implement strong passwords or deploy multi-factor authentication (MFA).
For enterprises, this behavioral risk platform-based approach has the potential to offer an alternative to security awareness training programs, to calculate the precise level of risk employees pose to an enterprise’s security standing.
An exclusive invite-only evening of insights and networking, designed for senior enterprise executives overseeing data stacks and strategies.
Addressing human risk with behavioral science
The announcement comes as concerns over human risk continue to grow, with Verizon research finding that 82% of data breaches involved the human element, including social attacks, errors, and misuse.
An unfortunate reality of the current threat landscape is any mistake an employee makes, from selecting a weak password to failing to update a personal device or clicking on a link in a phishing email, can leave sensitive information exposed.
While many enterprises turn to security awareness training to highlight the importance of best practices and eliminating high risk behavior, these approaches are often limited in focus.
“The status quo is unsafe, untenable and unacceptable. It gives organizations a false sense of security. Traditional security awareness training doesn’t consider the range of security behaviors. It doesn’t target those security behaviors. It is not built to change security behaviors,” said CEO and founder of CybSafe, Oz Alashe.
“It also lacks the scientific rigor of behavioral and data science and is lacking in the tracking and measurement that organizations need to reduce people related security risk,” Alashe said.
Instead, Alashe believes that digitizing human risk quantification with data-driven insights is the key to addressing the natural gaps provided by traditional security awareness training.
Competing against the security awareness training market
CybSafe is primarily competing against companies within the security awareness training market, which researchers estimated at $1,854.9 million in 2022 to reach $12,140 million by 2027.
KnowBe4 offers a platform for providing users with automated simulated phishing attacks, as well as a digital library of training content including learning modules, videos, games, posters, and newsletters. It also offers risk scoring so that security teams can identify high risk users.
Another competitor is Proofpoint, which offers a platform with phishing and smishing simulations, knowledge assessments and enables users to identify Very Attacked People and employees that have clicked on phishing links. Thoma Bravo acquired ProofPoint for $12.3 billion in 2021.
According to Alashe, Cybsafe’s key differentiators are its comprehensive analytical engine and use of SebDB.
“CybSafe is the only human risk quantification system powered by the Security Behaviour Database, or SebDB. SebDB is the world’s most comprehensive cybersecurity behavior database. It’s maintained by industry professionals and academics, and maps over 70 security behaviors to risk-related outcomes,” Alashe said.
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.