Human Behavior. Your Biggest Cyber Security Risk?

Data breaches, theft, and corruption are an unfortunate reality of the digital world. However, have you ever thought about human behavior? Could it possibly be your biggest cyber security risk? In this era, cyber criminals have created a perfect environment to access sensitive data and assets. They use many different techniques, such as social engineering and phishing, to gain information from unsuspecting people. In order to fight this, businesses need to take a person-centric approach to cyber security. In addition to technical measures for protection, they also need to have a process-based approach to security by educating their employees on the dangers of giving up private information too easily.

At Elasticito, we believe employees are your biggest asset in preventing these crimes, but you do need to know how your employees handle data in order to minimise security risks. Understanding employees’ data handling can give insight into potential security risks, as well as allow you to provide targeted awareness training, such as data-related security risks or intellectual property training, to employees who need it.

The SANS Security Awareness Behavioral Risk Assessment™ helps pinpoint these training needs, eliminating the cost and wasted time associated with unneeded training. “Risk Measured is Risk Managed™” accurately assesses your organisation’s security awareness level and builds an actionable plan to measure and manage your risk.

Let’s take a closer look at the assessment:

What is a Behavioral Risk Assessment™?

So your organisation is handling sensitive data? That’s a big responsibility. While no one wants to think about risks and their consequences, someone has to.

The SANS Behavioral Risk Assessment™ is a tool that will help you uncover information handling risks in your organisation. It is tailored to your organisation’s individual data type and lifecycle tools, and will illuminate who is handling sensitive data, what departments are accessing it, and where it is located.

Image courtesy of SANS Security Awareness.


The SANS Behavioral Risk Assessment™ is an affordable, easy-to-use tool that will help you identify the information handling risks in your organisation. It eliminates costly training and inefficient security programs by quantifying where high-risk data handling practices exist by department. By doing this, targeted compliance training and risk-based training can be provided where it will have the most impact to your organisation.

How Does it Work?

The Assessment is a tool that a company can use to find out what information employees have access to and where they store it. The Assessment can be taken by anyone in the company and takes less than 5 minutes to answer. Once completed, the dashboard displays high-risk handling practices and training recommendations.

With the Behavioral Risk Assessment™, an organisation can…

  • Discover where your information lives.
  • Understand who accesses what data using what tools.
  • Measure risk and risk occurrence.
  • Understand compliance training needs by organisational unit.
  • Tailor training to your needs and your risk tolerances.
  • Track your information risk across the myriad of systems and workers throughout your organisation.
  • Summarise by person, organisational unit, or enterprise.

What To Do Next?

Being a little more security conscious will pay off in the long term. Instead of being complacent, organisations need to combine software-based security with employee education and vigilance. Software alone will never be enough for an effective cyber security program. It is important to have a holistic approach to security, which includes educating your employees about the risks they face.

We want to make it easy for you to start managing your information risks: