Your Personal Risk Score is calculated by several factors, including how likely you are to be targeted by cybercriminals, how well prepared you are to handle a cyberattack, and how severe the consequences would be if you became a victim. It is normal—and acceptable—for Personal Risk Scores to vary amongst users.
For example, the Personal Risk Score for an Accountant may be higher than that of a Graphic Designer, because Accountants have access to sensitive financial data.
This article outlines the primary factors that impact your Personal Risk Score and provides guidance on what you can do to lower your risk. Use the links below to navigate to a specific risk factor.
What are My Phishing Test Results?
Your Phishing Test Results show how you have handled simulated phishing emails. Any negative interaction with a simulated phishing email, such as replying, downloading attachments, or clicking a link within the email will raise your Personal Risk Score. When you report a simulated phishing email, without also failing the test, this helps to lower your Personal Risk Score. We use these results to estimate how likely you are to fall victim to a real phishing attack.
Can I Improve My Phishing Test Results?
You may need to be more careful with incoming emails. Here are some tips to help you out:
- Never click on a link within an email that you weren’t expecting.
- If an email asks you to log in to an account or online service, go directly to the website using your browser instead of clicking the link in the email.
- If something seems out of the ordinary, reach out to the sender another way—like by phone—instead of trusting the email.
What is a Security Awareness Training Status?
Your Security Awareness Training Status is based on the type of training modules you have completed and how much time you have spent in training. The more educated you are on known threats, the less likely you are to fall victim to them.
Can I Improve My Security Awareness Training Status?
You may not have a say on which training modules you are enrolled in or how often you are trained but you do have control over your completion status. Keep an eye on your inbox for training notifications and be sure to complete your training in a timely manner.
How is My Job Function a Factor?
Your Job Function is based on the level of responsibility you have in your organization. We calculate this factor based on your job title in relation to other job titles. For example, a manager who is responsible for their assistant manager, team leads, and other team members has a higher risk score associated with that job function than anyone on their team.
Can I Change the Risk Associated with My Job Function?
Being in a position of responsibility is a risk in itself. While you can’t adjust this factor of your score, you can lead by example. Remember to complete your training on time, encourage good security practices, and share your knowledge with others.
What is a Data Breach?
A Data Breach is when secure information is released, or “leaked”, to an untrusted environment. In other words, the data is no longer secure. If your information has been found in one or more data breaches, it will impact your Personal Risk Score.
Can I Remove a Data Breach from My Personal Risk Score?
Unfortunately, once your data has been leaked in a breach, there is no removing this factor from your Personal Risk Score. What you can do is help protect yourself and your organization from future data breach attempts. Always follow the security measures outlined in your training and be sure you understand your organization’s specific security policies.