Skip to main content
All CollectionsHRM
HRM On-boarding User Guide
HRM On-boarding User Guide
Shailanchal Uniyal avatar
Written by Shailanchal Uniyal
Updated this week

  1. Understanding Key components in HRM portal

    1. Introduction

    2. Glossary

    3. Key Components in HRM Portal

      1. HRM Menu and Access

      2. Dashboard

      3. Security Vendors (Integrations)

      4. User Attribution

      5. Delivery Mediums

  2. Enabling HRM Integrations and configuring events data for ingestion

    1. Right-Hand HRM Platform: Integrations and Configuration

  3. Enabling the events for Real-time Nudges and Targeting

  4. Setting up delivery mediums and sending nudges

    1. Disabling a delivery medium

Understanding Key components in HRM portal

Introduction

Human Risk Management (HRM) is a crucial approach to cybersecurity that addresses the significant role human error plays in security breaches. With 74% of cybersecurity breaches attributed to human error, traditional security measures and awareness training are no longer sufficient. HRM aims to reduce cybersecurity risks by measuring and quantifying real-life human risk, triggering learning interventions, educating the workforce, fostering behavior change, and building a solid security culture. This comprehensive strategy integrates with existing security technologies to identify potential challenges and develop targeted policies, training programs, and monitoring systems.

Glossary

  1. HRM( Human Risk Management): Human Risk Management (HRM) is a comprehensive security strategy that addresses the human element of cybersecurity. It involves systematically identifying, measuring, and actively mitigating risks associated with human behavior. By focusing on outcomes and understanding behavioral motivations, HRM aims to cultivate a robust security culture where safe practices become instinctive for employees. This approach ultimately leads to a significant reduction in human-related security risks within an organization.

  2. Security Integrations: These are the security products that you use including but no limited to, EDR, Email security, CASB, Web Security, DLP etc. An HRM platform integrates with these solutions to get an understanding of actual behavior of your employees in the real environment via alerts generated from security products.

  3. Nudges: In the moment and real-time direct messages sent to your employees via Slack/Email/MS Teams based on the security incidents associated with them.

  4. Mapped events: Alerts that are understood by our system as a security event and have a valid email mapped to them. Visit each integration page to understand what all events are supported by Right-hand integrations and what is the logic that we use to consider an alert as an event in our system.

  5. Unmapped events: Alerts that are understood by our parser but do not have a valid email mapped to them. Security alerts come in all shapes and sizes and many a times(especially with EDR solutions) the email of the user of interest is not available in such cases we either need help from you to map the attributes such as (UserPrincipalName, UserName, DeviceID to email). Until we cannot identify an event with a valid email address it is classified as unmapped. To map the User Identifiers/attributes such as described above follow the help article.

Key Components in HRM Portal

HRM Menu and Access

Notice the menu option on the left-pane menu. You will find the Human Risk Management portal there. If it is not enabled for you contact your Account Executive or Customer Success manager to help you with the same.

Dashboard

  • The dashboard contains the following metrics:

    • Integration Types and alert frequency associated with them

    • Alert Types and their frequency of occurence

    • Alert Trends show the alerts in last 12 months as a line chart

    • Alert Type Breakdown fives the breakdown of the alerts divided into months

    • Nudge Effectiveness provides the count of nudges sent and the ones that were acknowledged by your users

Security Vendors(Integrations)

In the Integrations page various security integrations that are available in HRM portal are added. Refer each integration help article

User Attribution

Security alerts come in all shapes and sizes and many a times(especially with EDR solutions) the email of the user of interest is not available. In such cases we either need help from you to map the attributes such as (UserPrincipalName, UserName, DeviceID to email). Until we cannot identify an event with a valid email address it is classified as unmapped. To map the User Identifiers/attributes such as described above follow the help article.

Delivery Medium

In this area we set up the delivery mediums for sending nudges to the users. The configurations are required for Slack, MS Teams and Email.

Email configuration are available by default based on the settings in Right-hand Cyberready portal.

Targeting capability is also available if you want to nudge only specific users and not all organizations.

Enabling HRM integrations and Configuring Events for Data Ingestion

Right-Hand HRM Platform: Integrations and Configuration

The Right-Hand Human Risk Management (HRM) platform offers powerful integrations with leading security solutions to enhance your organization's cybersecurity posture. This article outlines the supported integrations and provides guidance on configuring the platform for optimal performance.

Right-Hand HRM currently supports the following integrations:

1. Splunk

2. Mimecast

3. Microsoft Defender for Cloud Apps, O365

4. Crowdstrike

5. Abnormal Security

Click on each integration name to access detailed documentation on setting up and configuring the integration.

Once the integrations are configured the events are automatically ingested into the system. In case there are certain types of data you prefer to not share with Right-hand, you can disable those events. Right hand will not take in any data for ingested events.

Enabling Events for Data Ingestion

After completing the integrations, it's crucial to configure the Right-Hand HRM platform correctly. This section explains key concepts and settings to optimise your experience.

Alert Ingestion and Processing

The Right-Hand HRM platform uses a sophisticated pipeline to ingest and process security events from integrated solutions. Here are some important concepts to understand:

Mapped vs. Unmapped Events

Mapped events: Alerts that are understood by our system as a security event and have a valid email mapped to them. Visit each integration page to understand what all events are supported by Right-hand integrations and what is the logic that we use to consider an alert as an event in our system.

Unmapped events: Alerts that are understood by our parser but do not have a valid email mapped to them. Security alerts come in all shapes and sizes and many a times(especially with EDR solutions) the email of the user of interest is not available in such cases we either need help from you to map the attributes such as (UserPrincipalName, UserName, DeviceID to email). Until we cannot identify an event with a valid email address it is classified as unmapped. To map the User Identifiers/attributes such as described above follow the help article.

Enable Event (Enabling for data ingestion)

This setting allows you to control which events are ingested into the platform. By default, all events are enabled for ingestion, but you can customise this as needed. Please note that enabling an event for ingestion does not send nudges to your employees or target them for campaigns. These are additional settings that you have to perform. The objective of enabling an event is to make sure that our system will take those events in and display them to you as mapped or unmapped events. Using these visualizations and drilling down on the events from dashboard enables you to understand the areas where your employees need most training or micro trainings in for of nudges.

Once the integration is successful and shows as connected, you can disable or enable any of the events for ingestion as shown in the screenshot below:

Enabling the events for Real-time Nudges and Targeting

Nudge (Enabling an event for Nudge)

This option determines whether nudges (targeted communications via email/slack or MS teams) will be sent based on specific events to yoru employees. You can enable or disable nudging for each event type by clicking on checkboxes against the event.

After the event has been enabled for Nudges there are still certain things that need to qualify for the nudge to be sent to users:

  • There should be a delivery medium configured

  • The alert received must be a a mapped event, and the email should be of an active employee in your company that is on-boarded into the Right-Hand portal

  • The throttle limits for that delivery medium per user should not have been exceeded

Enable for Targeting

This setting makes events available for use in campaign risk event types, allowing you to run targeted campaigns based on specific security events.

Setting up delivery mediums and sending nudges

You can set up one or more than one delivery mediums to nudge your workforce. Email is integrated by default as it is the primary medium of communication in Cyberready platform. In order to do the integration via slack or MS teams follow the initial sections of the following documentation. Follow the steps mentioned below after the integration is completed:

Slack

MS Teams

MS Teams

  • After the integration is completed set the target criteria

    • All Active users - will send nudges to all users users in Cyberready

    • Selected - You can filter by office location and user groups

  • After the above go to delivery mediums and click on View Configurations in MS teams

  • In the pop-up modal ensure that MS Teams is enabled for the teams which contain the users for who you want to enable HRM nudges <Refer this link to see how to enable MS teams for specific teams via Teams Admin Center>

  • Once the above is confirmed and validated based on your requirements change the throttle limit for nudges. Examples:

    • 2 times 1 days(illustration) means that maximum number of nudges that will be sent to a user in a day is 2.

    • 1 times in 7 days would mean that an employee will get maximum one nudge per week or 7 days

  • After this is done click on Save and the HRM nudges will be active

The following conditions have to be satisfied for the nudges to be delivered:

  • The event should be enabled for Nudges

  • There should be a delivery medium configured

  • The email should be of an active employee in your company that is on-boarded into the Right-Hand portal and not archived

  • The throttle limits for that delivery medium per user should not have been exceeded

Disabling a delivery medium

There might be cases that you have integrated a delivery medium but want to choose only specific ones for HRM communication. This can be achieved by disabling specific delivery mediums.

Disabling Email Nudges

  • Click on View Configurations(Email) --> The click on Disable in the modal

Disabling MS Teams Nudges

  • Click on View Configurations(MS Teams) --> Click on Disable

Did this answer your question?