Skip to main content

Navigation

Catalogue

Security Awareness Privacy & Compliance AI & LLM Security Real-World Incidents
Application Security Soon
API Security Soon
Cloud Security Soon

Features

Human Risk Management Interactive 3D Training SCORM Cloud LMS Human Risk Score Risk-Based Automation Integrations All features

Simulations

Phishing Simulations Smishing Simulations
Vishing Simulations Soon

Company

Partners About Us Blog Data Sheet PDF

Legal

Security & Compliance Privacy Policy Terms of Service
English Українська
Book a Demo
The human risk loop

Human Risk Management

Most breaches start with a person, not a server. Human risk management is how you measure that risk for every employee and bring it down on purpose: run real phishing simulations, score who is actually at risk, and automate the training that fixes it.

Human risk management loop: phishing simulations feed a per-person human risk score, the score triggers risk-based automation, automation assigns interactive training, and the loop repeats as measured risk falls over time

How human risk management works at RansomLeak

One closed loop: surface real behavior, measure it, act on it, and watch risk fall.

01

Simulate

Run phishing and smishing simulations that put employees inside a realistic attacker pretext. Their decisions, not a questionnaire, become the raw signal.

02

Measure

Every person gets an explainable 0 to 100 human risk score built from how they behaved, whether they reported the lure, and whether their training is current.

03

Automate

No-code rules act on the score: auto-enroll a high-risk person in remediation the moment they fail a simulation, with dry-run, an audit log, and a kill switch.

04

Reduce

Interactive 3D exercises build the instinct, the next simulation re-tests it, and the score moves. You manage a trend line, not a one-off training event.

Measure risk you can explain

A risk number nobody can defend is a number nobody acts on. Every score traces back to the behavior behind it.

Human risk score dashboard: a 0 to 100 gauge banded Low, Moderate, High, and Critical, fed by weighted sub-scores for susceptibility, remediation, and training, with a recency-weighted trend line

A score per person, grounded in behavior

The human risk score rates each employee from 0 to 100 using real simulation outcomes, phish reports, and training status. Higher means riskier.

Bands, confidence, and Limited data

People fall into Low, Moderate, High, or Critical bands, each score carries a confidence rating, and a quiet new hire is labeled Limited data rather than guessed at.

No black box, no profiling

Scores are built only from behavior inside your own program. There is no dark-web scraping and no OSINT, so every point is explainable for works-council and privacy review.

Act on risk automatically

Knowing who is at risk only helps if something happens next. Governed automation turns the score into the right intervention.

A risk-based automation rule: a band-and-threshold trigger that auto-enrolls a high-risk employee into remediation, with dry-run, audit log, blast cap, and kill-switch safeguards shown alongside

No-code rules on band or score

Risk-based automation watches the score and acts: when someone crosses a threshold or fails a simulation, it auto-enrolls them in the right remediation just in time.

Safe by design

Every rule runs dry-run first, writes to an audit log, and respects a blast cap, a cooldown, and a kill switch. Managers get a daily escalation digest, not a firehose of alerts.

Less busywork for the program lead

The handful of people who actually move the number get handled automatically, so a one-person security team is not chasing enrollments by hand.

Build the human firewall

Measurement and automation only pay off if the training changes behavior. That is where the loop closes.

An interactive 3D training scene where an employee inspects a suspicious email at a simulated Windows desktop inside a rendered office, performing the action rather than watching a slideshow

Interactive 3D exercises

Remediation routes into interactive 3D training where people perform the action under a real lure instead of watching a slideshow, so the instinct sticks.

A full security awareness program

Human risk management wraps your whole security awareness training catalogue: phishing, ransomware, social engineering, privacy, and AI security.

Re-tested, not assumed

After training, the next simulation re-tests the same person, and a falling score is your proof that the behavior actually changed.

Frequently Asked Questions

What is human risk management?

Human risk management (HRM) is a security program that measures how likely each employee is to fall for an attack, then reduces that risk with targeted training and automation. It treats human risk as something you can quantify and manage, not just train against once a year.

It matters because risk is not spread evenly. A small group of repeat clickers carries most of the exposure, and the Verizon 2024 Data Breach Investigations Report found a human element in 68% of breaches.

RansomLeak runs HRM as one loop: phishing simulations surface real behavior, a human risk score measures it per person, and risk-based automation assigns the training that brings the score down.

How is human risk management different from security awareness training?

Security awareness training is the content that teaches employees to spot attacks. Human risk management is the program around it: it measures who is at risk, decides who needs which training, and shows whether risk actually fell.

Put simply, training is one input. HRM adds measurement through the score, behavior through simulations, and action through automation, so you target effort instead of assigning the same module to everyone.

How do you measure human risk?

RansomLeak gives every person a 0 to 100 human risk score built from three behavioral inputs: how they act in phishing simulations, whether they report suspicious messages, and whether their training and remediation are current.

Recent behavior counts most, so each signal fades on a roughly 90-day half-life and people who improve watch their score fall. Higher means riskier, and everyone lands in a Low, Moderate, High, or Critical band.

How does RansomLeak reduce human risk?

The score drives action through risk-based automation. No-code rules auto-enroll a high-risk person in remediation the moment they fail a simulation, with dry-run, an audit log, and a kill switch so nothing fires by surprise.

Remediation routes into interactive 3D exercises, and the next simulation re-tests the same person. A falling score is the proof the behavior changed.

Do I need phishing simulations for human risk management?

Yes. The program runs on real behavior, and phishing simulations are the primary source. Without them there is nothing to measure, so the human risk score and its automation are part of the simulation add-on rather than basic training alone.

Is human risk management just another dashboard?

No. A dashboard shows you a number. RansomLeak closes the loop: it measures risk, acts on it automatically, and re-tests the result, so the score is tied to interventions rather than just reported.

It is also built to be defensible. Scores are behavior-based and explainable, automation is governed with dry-run and audit logs, and individual scores stay private by default in line with GDPR and works-council expectations.

See RansomLeak in Action

Try the free exercises or book a demo to see analytics, SCORM export, SSO, and custom content in your environment.

Request Demo Try Free Exercises