Robert Fly, Co-Founder and CEO
According to the Verizon Data Breach Incident Report (an annual industry benchmark), end users continue to be the root cause of almost all cyber incidents. In fact, 90 percent of breaches are due to human error. The tactics used by attackers haven’t changed over the last ten years, even though security spend has increased by 10 times. Information security teams have relied on one-size-fits-all technology to solve the problem when, in reality, every member of an organization’s workforce introduces significantly divergent levels of risk based on their individual actions, access, and frequency of attack.
“Employee mistakes are unavoidable. As an industry we have no idea who our riskiest employees are, nor do we know what to do with them,” says Robert Fly, co-founder and CEO of Elevate Security. “By building a deep understanding of workforce security using individual measures of human risk, Elevate Security proactively prevents such mistakes and creates tailored protection and feedback to prevent the next account compromise, data loss, or ransomware attack.” Elevate Security, the leader in human attack surface management, was founded in 2017 by two long-time security executives to address one of cybersecurity’s biggest unsolved problems—human error.
Touching upon the challenges, Fly stresses that organizations often focus their energies on reactive technology to find bad outcomes. “In reality, we need to think of the NIST Cybersecurity Framework as a continuous loop where each phase (NIST defined stages include Identify, Protect, Detect, Respond, Recover) is complementing and informing the others to better protect our enterprises,” he adds. In the same vein, enterprises must realize that “security awareness” training is a solution that has little to no lasting impact on reducing the human attack surface. This is where Elevate Security comes into play.
How Elevate Security Delivers Visibility & Control
Elevate Security Platform is a Human Attack Surface Management solution that delivers two unique value propositions: Visibility & Control. Visibility starts with understanding an end user’s individual risk level using existing incident data from popular cybersecurity tools and systems that most organizations already have. Risk = Impact * Likelihood, so Elevate ingests, normalizes and sanitizes a wide and diverse range of user data on past actions, access privileges, and attack history.
The security actions that each end-user takes, good and bad, give Elevate a baseline of their security posture. For example, the propensity of an employee to click on phishing links, mishandle sensitive data, or download malware. Existing security user data from tools such as Email Security Gateways, Web Proxies, Endpoints, Endpoint Management, CASB, DLP, IAM, and other systems is ingested and analyzed by the Elevate Platform. Elevate integrates with over 100 systems and collects data on hundreds of events.
The access privileges of each user provide Elevate Security with an idea of their “blast radius” on the organization’s human attack surface, i.e., what would be the damage caused if that particular employee were to be hacked or attacked. The frequency with which that employee is attacked is the final part of that equation. With this, Elevate gathers insight into who in an organization is getting targeted more in real-world attacks such as phishing and malware.
“Elevate Security Platform combines this data across dozens of systems to create a contextual mapping of the customer’s human attack surface. It also allows us to create two key insights—a Human Risk Score and a Business Risk Score,” notes Fly. The Human Risk Score is a combination of the scores above, weighted appropriately given the customer’s configuration. The Business Risk Score is a combined score based on risks such as account compromise, ransomware, and data loss. All scores are available in both Elevate’s dashboards or via API for third-party integrations.
Elevate has created an extremely powerful user interface that gives security teams visibility to identify—“Who are my riskiest users and why?”, “Have investments in new technology or policy changes had an impact on reducing my incidents?”, or “How am I doing compared to others like me?” This allows security posture to be tightened around problem users, while reducing business friction for the best performers.
Elevate Security Platform combines this data across dozens of systems to create a contextual mapping of the human attack surface. It also allows the company to create two key outputs of its solution—a Human Risk Score and Business Risk Score
With this unprecedented visibility, Elevate Security manages the security of the entire workforce to reduce an organization’s human attack surface. By personalizing employee feedback and tailoring individual security controls, the company proactively prevents the next big incident. Feedback to employees, managers, and executives in the Elevate platform is personalized based on real-world data collected by the platform. Besides, Elevate employs many different behavioral science techniques built into its platform to help the riskiest employees to make better security decisions.
Visibility from the Elevate Security Platform is available through its APIs that make it easy to plug into other systems. Enterprises commonly pull Elevate’s risk scores into both manual and automated decision points such as the SOC or IT helpdesk. Examples of this include decision support around software download or access grant approvals, integration into incident response tools, and more. Additionally, several enterprises are using Elevate as part of their Zero Trust initiatives to make more intelligent decisions around employee risk.
Elevate Security Platform additionally supports a powerful new capability called Tailored Security Controls for end users based on their risk levels. “This is done through outbound integrations controlled by intelligent automation and workflows to affect policies in tools and tech that enterprises already have. We reduce the risks of key attack vectors such as ransomware, data loss, or account compromise,” Fly comments. A kill chain analysis is completed to assess each business risk, and then tailored policies are created and assigned to help reduce that risk across the technology stack meant to prevent it.
Finally, because Elevate Security pulls workforce-centric incident data across dozens of an organization’s systems, it obtains deep insights on the efficacy of those approaches in reducing the human attack surface. These insights, combined with the corresponding controls and automation run through the platform, allow Elevate to make data-driven recommendations to customers on the next steps from an investment and resource allocation perspective, customized to their environment.
Elevate in Action: Financial Services
Elevate Security’s capabilities can be best exemplified with a success story.
A large credit agency utilized Elevate to provide organizational visibility up and across the company. Elevate’s dashboards were used to communicate business risks to their C-Suite, and executives saw improvements in department level metrics over time. Additionally, outbound workflows were created to communicate feedback to employees on decisions they’ve made, which led to a 50 percent reduction in user-generated incidents. Further, these insights uncovered which parts of their organization were at the highest risk and allowed them to deploy targeted technology to reduce their overall human attack surface.
While most User and Entity Behavior Analytics (UEBA) vendors have some understanding of employees’ malicious activities (if any), there are no comparable solutions on the market that proactively protect employees against business risks like ransomware, account takeover, and data loss based on a historical understanding of individual risk. As such, Elevate Security’s approach of deep visibility into employee risk and actionable automation to tailor controls and feedback across a company’s cyber defense technology stack is unique in the industry.
As the enterprise cybersecurity landscape evolves, Elevate Security will continue to deepen its unique ability to deliver trusted visibility of the human attack surface with tailored controls and feedback. Elevate’s vision is to proactively prevent the next account compromise, data loss or ransomware attack by securing the customer’s workforce… before the next incident happens.