Check out all the on-demand sessions from the Intelligent Security Summit here.


>>Don’t miss our special issue: How Data Privacy Is Transforming Marketing.<<

Few risks are as difficult to manage as human risk. How do you measure how likely an employee is to click on a link or attachment in a phishing email or share the wrong piece of information with an unauthorized third party? According to behavioral risk platform, Cybsafe which launched today, the answer, is behavioral science. 

Cybsafe’s new platform uses behavioral science and data taken from security behavior database SebDB to provide enterprises with human risk quantification. The platform can measure over 70 security behaviors including whether users implement strong passwords or deploy multi-factor authentication (MFA). 

For enterprises, this behavioral risk platform-based approach has the potential to offer an alternative to security awareness training programs, to calculate the precise level of risk employees pose to an enterprise’s security standing. 

Event

Intelligent Security Summit On-Demand

Learn the critical role of AI & ML in cybersecurity and industry specific case studies. Watch on-demand sessions today.

Watch Here

Addressing human risk with behavioral science 

The announcement comes as concerns over human risk continue to grow, with Verizon research finding that 82% of data breaches involved the human element, including social attacks, errors, and misuse. 

An unfortunate reality of the current threat landscape is any mistake an employee makes, from selecting a weak password to failing to update a personal device or clicking on a link in a phishing email, can leave sensitive information exposed. 

While many enterprises turn to security awareness training to highlight the importance of best practices and eliminating high risk behavior, these approaches are often limited in focus. 

“The status quo is unsafe, untenable and unacceptable. It gives organizations a false sense of security. Traditional security awareness training doesn’t consider the range of security behaviors. It doesn’t target those security behaviors. It is not built to change security behaviors,” said CEO and founder of CybSafe, Oz Alashe. 

“It also lacks the scientific rigor of behavioral and data science and is lacking in the tracking and measurement that organizations need to reduce people related security risk,” Alashe said. 

Instead, Alashe believes that digitizing human risk quantification with data-driven insights is the key to addressing the natural gaps provided by traditional security awareness training. 

Competing against the security awareness training market 

CybSafe is primarily competing against companies within the security awareness training market, which researchers estimated at $1,854.9 million in 2022 to reach $12,140 million by 2027. 

One of the main legacy security awareness training providers is KnowBe4, which Vista Equity Partners recently acquired for $4.6 billion. 

KnowBe4 offers a platform for providing users with automated simulated phishing attacks, as well as a digital library of training content including learning modules, videos, games, posters, and newsletters. It also offers risk scoring so that security teams can identify high risk users. 

Another competitor is Proofpoint, which offers a platform with phishing and smishing simulations, knowledge assessments and enables users to identify Very Attacked People and employees that have clicked on phishing links. Thoma Bravo acquired ProofPoint for $12.3 billion in 2021. 

According to Alashe, Cybsafe’s key differentiators are its comprehensive analytical engine and use of SebDB. 

“CybSafe is the only human risk quantification system powered by the Security Behaviour Database, or SebDB. SebDB is the world’s most comprehensive cybersecurity behavior database. It’s maintained by industry professionals and academics, and maps over 70 security behaviors to risk-related outcomes,” Alashe said. 

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.