Enterprise security firm Tessian Ltd., which sells tools that enable companies to assess the risk posed to their data and systems by their employees, is adding a new Human Layer Risk Hub to its platform.

Tessian debuted its Human Layer Security Intelligence platform last year. It’s tools are designed to reduce the risk of accidental data loss, data exfiltration and advanced impersonation phishing attacks. In addition, it enables security teams to investigate any incidents that do take place and mitigate them quickly, while improving employee’s security behavior.

The company said today that its new Human Layer Risk Hub provides full visibility into each employee’s risk level and will enable team leaders within an organization to adopt a more tailored approach to employee security.

It works by creating individual risk profiles for each employee generated by insights it gains from their email usage patterns, relationship graphs and security decisions on historic and real-time emails. It can identify which employees are targeted by phishing attacks, whether or not they are careful or careless with company data when sending emails, and who is most likely to handle sensitive information, Tessian said.

This information is used to create a Behavioral Intelligence Model for each person at the company, with individual risk scores applied to five categories: accidental data loss, data exfiltration, social engineering, sensitive data handling and security awareness.

Tessian said these scores will be updated dynamically, increasing whenever an employee does something risky, such as clicking on a phishing email or sending data to a personal email account, and decreasing when they make correct security decisions. Should any risky or anomalous behavior be detected, Tessian’s software will send an alert to that person in real time with advice on what they should do next. This feedback will help to “continuously educate” employees about threats and help to foster safer behavior, the company said.

Meanwhile, company executives will get clearer picture of what is driving risk within their organization and be able to identify which specific departments or users are disproportionately contributing to that risk, Tessian said. Using these insights, management will then be able to identify any employees or groups of employees that need additional training, tighter access controls or a refresh of the company’s security policies.

Tessian co-founder and Chief Technology Officer Ed Bishop said existing customers have requested the ability to lower security risks continuously over time.

“We believe that to properly understand your company’s overall risk, you need to understand the behavior of each of your employees,” Bishop said. “We’ve created a solution that gives security and risk managers full visibility into human layer risks plus the tools they need to mitigate threats and nudge employees toward adopting safer security practices on email.”

Image: PixelCreatures/Pixabay