Cisco Investments invests in Elevate Security to advance enterprise user risk management
Elevate is rapidly expanding its cyber risk identification and analysis capabilities to integrate with established security safeguards such as Cisco’s Duo Security solutions, enhancing these offerings with the ability to dynamically adapt to the risk characteristics of individual users.
“We’re beyond thrilled that Cisco Investments has chosen to invest in Elevate Security as we continue to educate and grow the market for risk-adjusted security solutions,” said Robert Fly, CEO and co-founder of Elevate. “We look forward to working closely with the Cisco team as we further empower organizations to combat advanced cybersecurity attacks aimed at employees and contractors throughout the supply chain.”
“User risk management remains a key area of cyber risk for ransomware, phishing, and lateral attacker movement. By having additional visibility into high-risk users and employees, enterprises can implement another dimension of security controls and tailored security training,” said Janey Hoe, vice president, Corporate Development and Investments, Cisco. “We are excited to see Elevate Security accelerate their efforts to advance enterprise user risk management.”
According to Verizon’s 2022 Data Breach Investigations Report, “82% of breaches involved the human element. Whether it is the use of stolen credentials, phishing, misuse or simply an error, people continue to play a very large role in incidents and breaches alike.”
Elevate addresses the human element of cyber risk by integrating data feeds across the organization and beyond to create an individual risk score, much like a credit score, for each worker. Risk factors such as susceptibility to phishing, sensitive data handling, safe browsing, and password management are combined with demographics and other characteristics to form a constantly updated Human Risk Score.
Powerful insights from this analysis are then fed back to existing safeguards such as zero trust, identity and access management, email security, data loss prevention, and web filtering systems, driving continuously adapting levels of personalized protection in the face of evolving threats.