Human Risk OS

Introducing SoSafe’s Human Risk OS™ & Key Features: May 2024 Release

30 May 2024 · 7 min read

We’re beyond excited to lift the curtain on something we’ve been brewing for quite some time now – The Human Risk OS™ and other key innovations. This release marks a significant evolution of our vision, building on our ongoing commitment to change how businesses manage human-related security risks. At our product premiere on May 23rd, we proudly showcased the Human Risk OS™ alongside a host of groundbreaking enhancements across our entire product suite, reflecting our dedication to pushing the boundaries of what our technology can achieve. This isn’t just a continuation of our journey; it’s a leap forward and we’re here to give you a rundown of what we are bringing to the table!

What is Human Risk OS™?

Human Risk OS™ is your go-to platform for managing human risk, integrating all SoSafe’s security offerings into one comprehensive system. This platform does more than just detect threats – it really gets to know your team’s behavior. Loaded with essential tools for proactive real-time threat detection, ongoing analysis, and insightful behavioral analytics, Human Risk OS™ is all about building a proactive security culture that enhances your organization’s resilience and tunes your defenses with smart, targeted interventions.

Dive into the Three Core Elements of Human Risk OS™

At the core of Human Risk OS™ is our Human Risk Management Dashboard, which integrates three essential elements to provide a complete view of your organization’s cyber security health:

Human Behavior Sensors

The foundation of Human Risk OS™ consists of our Human Behavior Sensors. These sensors track digital activities, behaviors, and the overall security culture of an organization, utilizing both first-party components within our SoSafe CSAT (Cyber Security Awareness Training) product and third-party systems like Microsoft Entra. This integration enables the creation of detailed, individualized, and group-level profiles, offering a granular view of events and behaviors across the organization.

Human Security Index

A crucial component of Human Risk OS™, the Human Security Index compiles data from our Behavior Sensors and additional contextual information to create a singular index tracking cyber security performance across groups and the entire organization. This index is vital for organizations to swiftly pinpoint vulnerabilities, monitor progress over time, and evaluate the impact of different security interventions.

Intervention Hub

The intervention Hub is where strategy turns into action. This feature centralizes all interventions, both within the SoSafe platform and externally. For any given group of end users, the Intervention Hub suggests tailored strategies to mitigate risks. These interventions can range from automated adjustments to learning paths, phishing campaigns or targeted nudges by Sofie, our Co-Pilot, to semi-automated actions such as initiating a change management program. By targeting specific behaviors, these interventions aim to bring about positive changes and significantly enhance the Human Security Index over time. 

Meet Sofie Level Zero Support: More Than Just Your First Line of Support for Security Questions

Sofie Level Zero Support is far more than just a conversational AI; she is a full-fledged AI-powered agent dedicated to automating mundane security interactions into dynamic, behavior-changing conversations. Supporting both security professionals and everyday users, Sofie delivers rapid threat awareness, situational awareness, and foundational support for security and compliance.

Evolving beyond the typical chatbot role, Sofie has become a standalone product that represents a significant advancement in our security technology. Built on advanced Large Language Models and featuring an engaging interface, Sofie provides around-the-clock answers to support questions, sends urgent security alerts, and educates users on security best practices – all customized to specific organizational needs and policies. Security leaders can now seamlessly incorporate organizational policies into Sofie’s responses, ensuring that each interaction is not only informative but also perfectly aligned with the company’s security frameworks.

Looking ahead, we’re excited to expand Sofie’s capabilities even further. We’re gearing up to roll out more use cases and additional channels for Sofie, improving her versatility and reach. Keep an eye out for these updates as we continue to push the boundaries of what Sofie can do to protect and educate across an expanding array of platforms.

Elevate Learning with Personalized Learning

Say goodbye to the traditional one-size-fits-all approach. Our Personalized Learning Core adapts to individual user profiles and environments, stripping away the unnecessary and focusing on what really matters. By integrating gaming elements, we make learning not just effective but also enjoyable. Less time, more impact – that’s our motto.

Phishing Simulations Redefined

Basic Phishing: Simplicity at Its Best

With our new feature, setting up phishing campaigns is straightforward and efficient. Quickly launch campaigns that target all users, enhancing your ability to respond swiftly to emerging challenges. This ensures a more consistent and rapid defense across your organization. 

Targeted Phishing: Because Relevance Matters

Our Phishing Simulations aren’t just random; they’re carefully crafted to suit specific organizational roles from IT admins to HR. By focusing on the unique threats each role faces, we ensure that our training hits close to home, maximizing its effectiveness, and fulfilling compliance requirements for role-based training.

Behavior-based Phishing: Smart, Adaptive, Personalized

Our most sophisticated feature adapts phishing simulations based on individual behaviors and risk profiles, identified through our HRM dashboard. This adaptive strategy ensures that each user receives training that is not only relevant to their role but also aligned with their behavior patterns, significantly improving engagement and efficacy. 

Closing the Loop with Phishing Feedback

Let’s talk about Phishing Feedback – it’s all about keeping everyone in the loop. When one of your team members spots something fishy and reports a suspicious email using our SoSafe Phishing Report Button, what happens next is crucial. They won’t be left in the dark. Instead, our automated system shares the analysis result directly with the person who reported it. This isn’t just about keeping your users informed; it’s about empowering them to make smarter security decisions every day, reinforcing the good habit of reporting. Additionally, for customers that already having an existing ticketing system in place, we offer integrations with ServiceNow and Jira to enhance convenience for those with existing ticketing solutions.

Key Reporting Metrics

Alongside Phishing Feedback, we’re big on data that drives decisions. That’s why we’ve equipped your SOC team with some key reporting metrics to help sharpen their edge against threats. These metrics include false-positive reporting rate and the mean time to threat discovery. By having access to these insights, your team can optimize processes, save time, and better protect your organization. 

Role-Based Training

We understand that effective cyber security training isn’t a one-size-fits-all solution. Different roles within an organization face unique challenges and risks, which is why we’ve developed specialized training that cater specifically to the needs of diverse workforce groups, such as blue-collar workers and developers, in addition to our existing training for IT professionals and managers.

Training That Works for Blue-Collar Workers

Let’s face it, not everyone is glued to a computer all day, especially in the manufacturing sector. That’s why we have crafted our blue-collar worker training to fit into the reality of their day-to-day work. This delivers key cyber security knowledge through printed materials, designed specifically for easy access. These resources focus on critical security practices that are vital for maintaining operational security. By making these lessons tangible and directly applicable, we ensure that cyber security awareness is integrated across all levels of the organization. 

Developer Training: Theoretical Meets Practical

Developers are on the frontline of technological innovation, which means they also need to be well-versed in protecting it. Recognizing the unique demands of this role, our developer training combines theoretical lessons with practical, hands-on coding exercises. This approach not only covers key cyber security and secure coding concepts but also allows developers to apply what they’ve learned in real-world scenarios. To make this possible, we’ve partnered with a leading organization, SecureFlag that specializes in developer training, ensuring that the training is not only relevant but also of the highest quality. 

Seamless Integration Across Your Tech Stack

With integration across platforms like Microsoft, Google, Jira, and SAP, we ensure that your IT ecosystem will connect flawlessly with SoSafe, enabling better management of your human risk.

  • Security Operations: Integration with tools like Jira & ServiceNow automates feedback on phishing reports, directly enhancing SOC operations. 
  • User Provisioning: By integrating with platforms like Google Workspace, Okta and Microsoft Entra, Human Risk OS™ automates user management, ensuring that only relevant users are engaged in specific security training and campaigns. 
  • Analytics: Data export capabilities and integrations with business intelligence tools like PowerBI enable sophisticated data analysis and visualization, helping organizations transform raw data into actionable cyber security insights.

Ready to Get Started?

Human Risk OS™ launched on May 23rd, and we can’t wait for you to experience its benefits! If you’re curious to learn more about how Human Risk OS™, along with all the features mentioned can make your organization safer, please reach out to our friendly sales team! Let’s make security a seamless part of your business culture together.

Do you want to stay ahead of the cyber game?

Sign up for our newsletter to receive the latest cyber security articles, events, and resources. No spam, only content that truly matters.

Newsletter visual