KnowBe4 has released its whitepaper “A Strategic Framework for Human Risk Management”, which outlines the core principles of a modern human risk management (HRM) approach.
In addition, the whitepaper explores and how organisations can apply the framework to strengthen security culture and drive measurable change in employee behaviour.
Separate from a HRM platform, the HRM framework is defined as a strategic, people-centric approach to cybersecurity that measures, manages and reduces the security risks created by human behaviour. The new framework comes as a direct response to the escalating cyber landscape where human behaviour continues to be a primary attack vector. Moving beyond traditional security awareness programs, the paper calls for a fundamental shift in how organisations perceive and manage the human element of security.
KnowBe4 identifies several core principles that build an effective HRM approach:
– Measure and Benchmark: Understand current human risk levels within an organisation using a baseline assessment.
– Engage and Empower: Create a culture where security is a shared responsibility, not just an IT concern.
– Adapt and Personalise: Deliver tailored training and coaching based on individual risk profiles.
– Artificial Intelligence (AI) and Automation: Use intelligent AI-driven technology to provide real-time feedback, personalised insights and automated interventions.
– Demonstrate Value: Show the measurable impact of the program on the organisation’s overall security culture.
“While security training remains a vital component of any defence strategy, it is time we shift towards human risk management as a holistic approach,” said Javvad Malik, lead CISO advisor at KnowBe4. “This means putting people at the heart of every security decision, using processes that work with them rather than against them and continuously adapting strategies based on real-world behaviour.
“Instead of creating static rules, a HRM approach seeks to understand the motivations and daily pressures that guide employee decisions, empowering them to make safer choices and contribute to a modern security culture.”
You can dwnload a copy of the whitepaper, “A Strategic Framework for Human Risk Management”, here.
To read more Eskenzi news, click here.
