Human Risk Management

Human risk management for MSPs, across every client at once

Human risk management isn’t just a score — it’s a loop. INFIMA scores every user across all your clients, then drives that score down with targeted training and phishing built on behavioral science. Measure, improve, re-measure — one system, not separate modules.

Human risk

Every client’s users, ranked by risk on one screen.

Portfolio risk score
C · 698
across 22 clients
Users monitored
2,418
all tenants
High-risk users
312
of 2,418 · score below 600
Users at risk
UserScore
Chris Vogel
Meridian Dental
F330
Dana Powell
Northwind Trading
F360
Robin Tran
Lakeside Logistics
D430
Marcus Webb
Northwind Trading
D470
Alex Reyes
Brightway Clinic
D510

The shift

A completion rate doesn’t tell you who’s risky

For years, security awareness training answered one question: did the user do the training? That’s a fine number for a report. It’s a poor answer to the question your clients keep asking: how exposed are we?

Two users can both be “100% complete” and be nowhere near the same risk. One reports every phishing email he gets. The other clicked the last three and reuses a password that’s already been breached. A risk score separates them. So instead of telling a client “everyone did their training,” you can show them who’s exposed and what you’re doing about it. That’s a much better QBR.

How the score works

Every signal that predicts risk, in one score per user

Each user gets one risk score, built from the signals that predict exposure. The weighting follows how risk really works: a sensitive role counts for more, a pattern of clicks counts for more than a one-off, and recent behavior counts for more than something from a year ago. INFIMA computes it and keeps it current as new activity comes in.

Training they’ve completed.
What a user actually learned, and how recently. Not just whether a course got checked off.
Phishing simulation results.
Whether they clicked, ignored, or reported the phishing tests you sent.
Real phishing they’ve reported.
A user who reports real phishing is helping defend the place, so that counts in their favor.
Credential and dark-web exposure.
Whether the user’s credentials turned up in a known breach, with severity and whether a password was exposed.
Their role.
A finance admin and a warehouse user don’t carry the same risk, so admins, execs, HR, and finance weigh heavier.

No black box

Watch a risk score get built

A score isn’t a verdict handed down from nowhere. It’s the sum of what a user actually does. Here’s the same user, scored signal by signal.

DPDana PowellFinancedana.powell@northwind.example · Northwind Trading
Finance roleSensitive role — weighed heavierWeighted heavier
Completed required trainingRecent, on timeImproves score
Clicked 3 recent phishing testsA pattern, not a one-offRaises risk
Password found in a known breachExposed credentials, still in useRaises risk
Risk scoreHigh risk
F360/ 1000

Why: Recent phishing clicks and a breached password, in a finance role that raises the stakes.

Illustrative demo data. The score scale and the direction of each signal follow the product; exact weighting is computed in the platform.

How it works in practice

From signal to action, automatically

You don’t maintain the score. The platform does. Here’s the loop it runs for every user, in every client.

    1

    Signals come in

    Training, phishing simulations, reported real phish, credential/breach exposure, and role flow in as users go about their work.

    2

    A score is computed

    Those signals roll up into one score per user. Nothing to tally by hand.

    3

    It’s kept current

    As new activity lands, the score updates. It reflects where someone stands now, not last quarter.

    4

    It’s surfaced for action

    Scores rank across all your clients, so the riskiest users surface first.

Built for many clients

See risk across every client from one screen

Most human-risk tools assume you’re a single company watching yourself. You’re not. You run dozens of clients, each with their own users, and you answer for all of them. INFIMA scores risk per user and rolls it up across every client, so it’s one screen instead of a stack of logins.

Compare clients side by side.
See every client’s risk in one place and tell at a glance which ones need attention.
Spot the client that’s behind.
Find the client carrying the most high-risk users before it turns into an incident or an awkward QBR.
No tenant-hopping.
It’s all in one place, not something you rebuild by logging into each client.

Clients

Risk across every client, side by side.

ClientAvg scoreHigh risk
Meridian DentalD54014
Northwind TradingC61229
Lakeside LogisticsC6409
Brightway ClinicC66811
Cedar & CoB7243

Put it to work

Turn risk into action, and a conversation clients value

A score is only useful if you act on it. From the risk view you can assign training, flag a client, or pull the numbers for a meeting without digging.

Target the training that matters
Point training at the users the score flags instead of blasting one campaign to everyone. The people who need it get it.
Walk into the QBR with the answer
Show a client where their risk sits, who’s driving it, and how it’s moved since last quarter. The review writes itself.
Turn it into a service you can sell
A real risk number gives the “you should invest more in security” conversation teeth. It’s also a service line you can charge for.
Spend your time where the risk is
Across hundreds of users and dozens of clients, the score points you at the handful that matter, so your time goes where it counts.

See it

The risk dashboard, up close

DPDana PowellFinancedana.powell@northwind.example · Northwind Trading
High riskF360 / 1000

What’s driving this score

Finance roleSensitive role — weighed heavierWeighted heavier
Completed required trainingRecent, on timeImproves score
Clicked 3 recent phishing testsA pattern, not a one-offRaises risk
Password found in a known breachExposed credentials, still in useRaises risk
Why: Recent phishing clicks and a breached password, in a finance role that raises the stakes.

Btw, we love the new Risk scores. We saw almost instant improvement just by sharing some of this data with our clients.

Sean Place · Interplay IT

See human risk across all your clients.

Book a walkthrough and we’ll show you your clients’ risk the way you’d actually use it. Or watch the tour first.

Already a partner? Visit the knowledge base