Cyber risk management with straightforward reporting
December 6, 2022
Providing you with actionable data in your training program
While positively changing employee behaviors
A successful security awareness program helps reduce the number of security events and positively changes learners’ behaviors at your organization — but how do you track it? How do you show stakeholders the return on their investment? This is typically done by analyzing and interpreting the campaign data (which can sometimes be a full-time job in itself).
Infosec IQ’s reporting tool, My Dashboards, automatically surfaces your most impactful data through visualizations — so you can spend less time gathering, analyzing and interpreting data and more time addressing your greatest vulnerabilities.
Five valuable reports you can’t live without
Last year, we launched five system dashboards to support our customers’ reporting needs by surfacing:
- Executive-level metrics curated for your leadership team to provide updates, prove the success of your training efforts and highlight potential risks.
- Simulated phishing and awareness training metrics to show progress and compare performance against industry benchmarks in a single view.
- Employee behavior metrics to gain a deeper understanding of your workforce’s strengths and vulnerabilities.
These dashboards make it easy to track the overall impact of their security awareness and training program.
Four new reports for monitoring and compliance
Today, we’ve launched four new system dashboards that are based on common use cases, and metrics customers have built (and scheduled) inside My Dashboards:
- Learner and department risk reports and dashboards to help monitor and respond to security events
- Security awareness and training data for compliance/audit needs
- Incomplete training reports for department head and/or Human Resources
- New dashboards and reports that are formatted to be easily exported and shared in the appropriate format.
We also updated the existing dashboards to make it even easier to digest and share the data.
Enhanced visibility into human risk and behaviors
According to the 2022 Verizon Business Data Investigation Breach report, the human element accounts for 82% of data breaches.
Our goal is to help organizations like yours assess how and where their employees are most vulnerable. This will ultimately help you build a security awareness and training program that is effective and engaging.
How it works
Infosec IQ makes it easy to estimate the cyber risk of every employee by tracking each interaction with our training and phishing simulations. Employees are assigned a learner grade based on their security risk derived from 22 behaviors and customizable grading criteria.
Positive security behaviors, such as reporting suspicious emails and completing training courses, improve the learner’s grade. In contrast, risky behavior such as clicking or responding to simulated phishing emails decreases their grade.
Two new dashboards for risk management
We’ve surfaced these learner grades to help you assess risk management in cybersecurity into two new dashboards:
- Risk dashboard: This allows you to view the breakdown of how many learners fall within each letter grade, as well as see what department is most vulnerable. You can also track your progress quarter over quarter in specific events and behaviors that impact a learner’s grade (positively or negatively).
- Risk Report: This gives you a more granular picture of each learner’s performance and overall grade. It also organizes learners into different risk levels based on how many risky events they have taken on our simulated phishing templates.
With these two dashboards, you can personalize the learner’s training experience based on the risk assessment and/or see if action needs to be taken at the organizational level.
Surface the right metrics to the right audience
As someone who is running the security awareness program, it is easy to see how things are progressing and where the trends are — but how do you share that data with other teams in your organization?
Having access to the entire platform can be overwhelming. Different teams within your organization, such as an individual in HR, may be interested in different reports than your CISO. Regardless of who’s consuming the data, Infosec IQ has the right reports and dashboards for you to easily share with the right audience.
Common use cases to integrate into your reporting process
Here are common use cases we’ve seen implemented (outside of what’s already available):
- Showing that your organization offers, and learners actively participate in, a security awareness program — typically due to a state-wide/industry requirement, compliance audit, etc.
- Training completion data is sent consistently to the department head and/or Human Resources to track employee performance.
We’ve built out two new dashboards that surface the learner metrics that are commonly asked for in these two scenarios — making it easy to either download or automatically send the report to the correct individual.
These reports partner well with our existing Executive Dashboard that features data curated for your executive leadership team to share updates, prove the success of your training efforts and highlight potential risks.
Enhancements and updates: What’s new in My Dashboards
For those that are familiar with My Dashboards, we introduced more styling options to make your downloaded and shared reports even more professional and on-brand to your end recipient. For example, you can now change the background color and adjust the spacing to make each dashboard section more visible and easier to digest.
We’ve made it easier to select the correct file type based on the information in the dashboard you’re attempting to share.
If you plan on sharing a dashboard that contains multiple tables and table types, you are now able to include all of those in a combined excel file for the end recipient – giving them the ability to assess and analyze the data in one screen.
Lastly, we’ve increased the number of times the data refreshes during the day! Giving you access to recent and relevant data that you can act on sooner.
Choose your own cybersecurity adventure: Your next adventure awaits!
Transform traditional employee training into a world of fun and fantasy where your learners face security scenarios and make decisions that shape their training experience.
We’ve partnered with the team behind the Choose Your Own Adventure brand to bring the excitement and intrigue of the popular gamebook series to your security awareness and training program – Play Today!
Product Marketing Manager