The latest enterprise risk management news from around the world

Human Risk Management Maturity Model developed to help measure human impacts on cyber risks

Details
Published: Thursday, 10 November 2022 10:14

Living Security and CybSafe have jointly developed a new Human Risk Management Maturity Model, which aims to help organizations measure the impact of human activity on cyber risks.

While several frameworks and maturity models exist to measure cyber security risk, including the National Institutes of Standard and Technology (NIST), the Cyber Defense Matrix and the FAIR methodology for IT frameworks, none are specifically designated to quantify the specific risk that human activity creates inside organizations. The proposed Human Risk Management Maturity Model will give practitioners guidance on how to evolve into the next phase of cyber security to measure and change human behaviors / behaviours. In doing so, organizations are able to both reduce cyber risk and empower employees, creating lasting cultural change inside organizations and across industries.

"The human factor is the last frontier of cyber security. We've focused for decades on technologies and systems, but have consistently siloed our approach to the single most important element of any enterprise security plan, the people themselves. We at Living Security believe it is time for a paradigm shift," said Ashley Rose, CEO and co-founder of Living Security. "Launching this model is our way to start a ripple that grows. This is a collective journey to continue the disruption and leverage behavioral data to effectively manage and mitigate human cybersecurity risk and create a safer world."

"There is no doubt that now, more than ever, society needs the security community to take an even more intelligent approach to managing human risk," said Oz Alashe, CEO and Founder of CybSafe. "And so, as security professionals, we need to come together to continue to fuel curiosity and understanding that helps us be more effective at managing the risk within our organizations. This can't be done by any one team, vendor, or group unilaterally. It's a collective effort and at CybSafe we're excited to play our part."

Read and add comments on the Human Risk Management Risk Maturity Model



Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

Cyber Response Guide
The Impact Tolerance Guide

Additional Resources

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.