Concept: US cybersecurity startup Elevate Security (Elevate) has launched an attack surface management platform that uses a customised and automated response to employee risk throughout an organisation to overcome the unaddressed problems caused due to human errors. The Elevate Security platform provides CISOs (Chief Information Security Officer) with access and control over how people, departments, regions, and groups inside an organisation score for cyber threats, allowing businesses to improve their overall cybersecurity strategy.

Nature of Disruption: Human attack surface management platform takes a holistic approach to human risk, aggregating data from across an organization’s technology to create a Human Risk Score for each employee and assess the organisation’s security strength and inherent risk. This risk score helps the security teams to adjust real-time security controls for the non-credible individuals, providing feedback on how they may improve. This new approach can turn existing security data into a detailed understanding of employee risk, including access levels, security decisions, and attack frequency. The Elevate Security platform provides benchmarked visibility to CISOs with insights on human risk across the enterprises as well as analytics that allow them to compare their risk score to peers, competitors, and industries. Security teams can limit or increase access to important company data, loosen or restrict internet browsing regulations, implement suitable authentication standards, and govern other activities based on the employee’s risk profile with proactive personalised security controls.

Outlook: Cyberattack causes substantial production loss, financial loss, reputation damage while leading towards legal consequences of a cyber breach. On the contrary, with the use of cybersecurity one can help prevent cyberattacks, data breaches, and identity theft and can aid in risk management. Elevate Security platform aims to help businesses become more aware of the ways they could be affected. It combines real-world attack and access data to provide businesses a back-to-basics insight and visibility into human error. This could allow CISOs to convert security initiatives into business risk language. The platform tailors security controls and weaves safety nets for risky employees.

This article was originally published in