The human factor remains a favorite target among cybercriminals. General trainings and phishing simulations are not enough to measure and mitigate the real risk.

This paper will present an innovative approach to managing human cyber risk through precise metrics that combine the probability of occurrence of a breach and the impact on each workstation, identifying actual exposure and applying strategic actions such as individualized awareness, detection of exposed credentials and advanced simulations.

A powerful Human Risk Management model that transforms the assessment into concrete actions to better protect organizations, and in which Enagás will share how they currently manage human risk, what visibility they have in this area and how Kymatio accompanies them in this process.