The organizations they spend a lot of time and money on the security of their networks, trying to prevent possible cyberattacks. However, it is not enough just to control security technology, but the human factor must also be taken into account. In particular, users are more likely to make mistakes, either by clicking on a malicious link or an attachment, or by accidentally downloading malware, even using products that are not safe. Thus, the security company "Bitdefender" aims to control the errors caused by the human factor, revealing a new mode. The function released yesterday under the name “Human Risk Analytics”, will be part of the product GravityZone of Bitdefender. Designed to complement GravityZone's antivware technologies and central security management, Human Risk Analytics (HRA) will target protection of organisms from internal threats as well as other risks to which humans are exposed.
In particular, the HRA will examine users' actions and identify behaviors and errors that could "pave the way" for cyberattacks targeting both the organization and its employees. The built-in data risk rating will allow security professionals to locate systems and users with higher risk levels and take steps to address them.
Bogdan Carlescu, Bitdefender's senior marketing director for business security solutions, said that unlike other user tracking practices, the HRA does not track sites a user visits or if a user uses a USB drive. Instead, the HRA records user behavior and potential risks in order to create a risk profile. For example, if Human Risk Analytics detects that a user is visiting malicious sites, is infected via a USB drive, uses unencrypted web pages to log in, or clicks on Phishing URLs included in e-mail or other high-risk actions, these actions will modify the user's risk profile and affect the overall overall risk score of the organization against possible cyber attacks.
All information from the HRA will be part of the "Risk Control Panel" on the GravityZone console, so there will be no need for additional action by the security administrators using the product. Carlescu noted that HRA is currently available to all GravityZone users as a feature beta, so that all customers can interact and try the new function at no extra cost for the coming months.
In addition to Human Risk Analytics, GravityZone enhances its security controls with a Ransomware Mitigation section, which aims to help organizations better handle advanced attacks. ransomware through backup files in real time. GravityZone's future versions will add human risk mitigation features, such as Adaptive Security Awareness Training (ASAT) and Adaptive Security Controls (ASC). All the news characteristics will be integrated into GravityZone's human error handling capabilities.
Carlescu stressed that in order to improve resilience and strengthen the cyber security of an organization, there must first be full awareness and understanding of its risk profile. He added that risk analysis or risk assessment allows organizations to identify and quantify their exposure to potential risks. This should be a continuous effort and at the same time the focus of any proper cyber security strategy. Finally, Carlescu explained that it is important to have a clear picture and understanding of the risk to which an organization is exposed, in order to make the right decision about what are the risks to which mitigation should be given priority and what are the appropriate security controls. to be used.