From Risk to Fix in a Single Click: How CultureAI Are Redefining Nudges in Cyber Security

Improving security behaviours
Lexie Taylor-East
April 16, 2024
Security Professionals

Contributed by:

⚡ TL;DR ⚡

Redefining the 'nudge'

The term 'nudge' has become a buzzword in cyber security over recent years, often being mistakenly equated with 'notifications'. CultureAI aims to shift this perception by leveraging Nudge Theory principles to implement actionable Nudges.

Instead of overwhelming employees with dismissible reminders and notifications for security awareness training, the CultureAI platform intelligently delivers Nudges - targeted, timely prompts that are only sent when there's a specific, actionable step an employee can take to mitigate risk.

“Human behaviour is the biggest cyber risk for companies and yet we know most employees inherently want to do the right thing,” says James Moore, Founder and CEO at CultureAI. “By nudging employees to stop and reconsider their actions in real time, they are empowered to make the right choice at the right time.”

Nudges are an essential tool in enhancing cyber security and managing human risk and have multiple use cases. For instance, preventing unintentional sharing of sensitive information on public channels such as Slack or Teams, and ensuring that sensitive documents stored on cloud services like Google Drive or OneDrive are not mistakenly shared with incorrect users.

Mistakes are inevitable, and even the most security-conscious employees can slip up. However, these risks are manageable. Through the strategic use of security Nudges, CultureAI not only helps in identifying risks that might have gone unnoticed but also significantly reduces the time needed to resolve incidents - from days to minutes, or even seconds.

Advantages of CultureAI’s Nudges

  • Reduced mean time to resolution: By allowing  for the immediate identification and fixing of risks without the need for SOC intervention, incident resolution time is drastically decreased.
  • Empowered employees: Security teams can use Nudges to set guardrails and guide employees to use SaaS and GenAI apps securely. Only nudging them when they engage in risky behaviours such as sharing confidential information in a public channel.
  • Behavioural change: Busier individuals tend  to fall into automatic, error-prone Type 1 thinking. A timely Nudge can shift them to logical, safer Type 2 thinking when it is appropriate to do so.
  • Meet people where they are: Nudges are delivered precisely when and where the risk occurs, which increases employee engagement.
  • Auto-resolution: If employees ignore a Nudge, it can be configured to remediate automatically after a predetermined period

"I envisage a future where Nudges and Automated Interventions will fix 100% of human-related security risks," says Frederick Coulton, Head of Product at CultureAI. “By allowing employees to make informed security decisions at the precise point of risky behaviour, within the applications they're using, this enables risks to be resolved instantly without requiring security team involvement.”

For more information, book a demo with one of our team.

It's time for a change

Speak to us today to find out how you can change cyber security behaviour in your organisation.
Click here