Skip to main content
How to Calculate User Risk Score?
K
Written by Karthek S
Updated over 10 months ago

Table of contents

The user risk score is calculated based on various factors. Every user starts with a risk score of 100, and it depends on two criteria.

  1. By Default (All the users added to the company's account will have a Risk score of 100%).

  2. Challenged Users (Only those users start with 100% if either they received a campaign or if they've started their Ally journey).

Company Goal

This risk score further depends on the company goal and also the features that are active for the particular company. The company goal consists of both Phishing goals and Training goals.

For example -

Let's assume company ABC has a company goal of 4. Then a user who is a part of company ABC has to pass 4 campaigns to get his/her risk score reduced to 0.

The company goal is set by logging into our RH portal and then Settings -> Company -> Basic.

Under the Basic section, the Phishing Goal and Training Goal can be set by entering a value and then by clicking on Update.

For company ABC the Phishing Goal is set to 2 and Training Goal is set to 2.

Now let's assume company ABC has enabled Phishing, Training, and Ally on their account. Then the user's risk score of 100 is divided among Phishing, Training, and Ally in the following manner.

  1. Phishing- 33%

  2. Training- 33%

  3. Ally- 33%

Phishing Risk Score

Since the phishing goal is set to 2 each of the phishing campaign contributes to 50% of the phishing risk score.

Formula- 100/Number of phishing goals

100/2= 50%

For example -

So let's assume when a phishing campaign is launched, The user John receives the phishing simulation and John's phishing risk score will be calculated through his behavior based on the following attributes.

  1. John opened the email

    Risk score increases by 10% out of 50 - Current risk score- 55% (50 + 5 )

  2. John downloads an attachment and opens it

    Risk score increases by 90% out of 50- Current risk score- 95% (50 + 45)

  3. John clicks on a link

    Risk score increases by 40% out of 50- Current risk score- 70% (50 + 20)

  4. John has submitted some data

    Risk score increases by 50% out of 50- Current risk score- 75% (50 + 25)

  5. John has replied to the email

    Risk score increases by 90% out of 50- Current risk score- 95% (50 + 45)

  6. John has reported the email

    In this case, the 10% risk score which increased after John opened the email is nullified, and since he reported the email, his current risk score falls back to 50%.

In this scenario, let's assume John just opened the email and reported it immediately, so his current Phishing risk score is reduced to 50%.

Training Risk Score

Since the training goal is set to 2 each of the training campaign contributes to 50% of the phishing risk score.

Formula- 100/Number of training goals

100/2= 50%

For example:

So let's assume that John received a training email from his organization, his risk score will reduce from 100 to 50 and John's training risk score will be calculated based on the result.

  1. If John passes the training his risk score will be reduced to 50%.

  2. If John fails the training his risk score will revert to 100%.

    In this scenario, let's assume John has passed the training, and his Training risk score is reduced to 50%.

Ally Risk Score

For Ally, the scenarios are divided into Easy, Medium, and Hard. And the Ally score depends on the number of scenarios the user has passed based on the level of difficulty.

Easy scenarios have a score of 1

Medium scenarios have a score of 2

Hard scenarios have a score of 3

For example:

So let's assume John has passed-

  1. One Easy scenario - John scores a readiness score of 1

  2. One Medium scenario- John scores a readiness score of 2

  3. One Hard scenario - John scores a readiness score of 3

    So in this case John's Ally readiness score is (1+2+3) = 6

    In this scenario, John's Ally risk score is (100-6)= 94.

    User risk score calculation

    Now let's calculate the user risk score based on the 3 scenarios in John's case.

    (Phishing risk score + Training risk score + Ally risk score) /Number of active products = User risk score.

    (50+50+94) / 3 = 64.66

    John's user risk score is 64.66%

Did this answer your question?