Behaviour IQ

Behaviour-IQ is a new way to manage human cyber risk. It works by analysing human cyber related data and articulating it in the context of Security Behaviours, which can be mapped to risk, and thus used to identify the likelihood of future risk, caused by people.

Behaviour-IQ is built upon SebDB, the world's most comprehensive cyber security behaviour database.

You can find out more information in the platform by visiting the associated science page.

Interpreting the scores

Behaviour-IQ uses industry averages to provide scores on two key aspects of behaviour.

Security Behaviour Score:

This is how well your users are performing in the behaviours you are measuring

CybSafe’s Behaviour-IQ engine provides a Security Behaviour Score. This shows the extent to which people engage in security behaviours. The Security Behaviour Score is ranked from 1 through 10, 1 being the worst score and 10 being the perfect score.

The Security Behaviour Score is directly tied to cyber risk. As a result of the SebDB open source research project, Behaviour-IQ can say that a score is good because the behaviours in question are having a direct impact on the risk-related outcomes.

To take a simple example, a score of 10 for using strong passwords significantly reduces the risk of account compromise.

This addresses a core challenge when it comes to measuring the human aspect of cyber security, i.e. how can we say that improvement in behaviour metrics correlates to a reduction in risk.

Scoring guide:

  • 8 and higher: Excellent

  • Between 5 and 7: Good

  • 4 and lower: Poor

Coverage is the percentage of users we see who are having their behaviours measured. A broad coverage of locations and types of users gives more accurate data.

Risk-related outcome score:

This is the likelihood of a risk-related outcome occurring based on the measurements we see.

CybSafe’s Behaviour-IQ engine provides a risk-related outcome score. This shows the likelihood of a risk-related outcome occurring, such as account compromise. The risk-related outcome score rates from 1 through 10, 1 being the best score and 10 being the worst score.

This spider diagram shows where your risk sits. It also shows the likelihood of a risk-related outcome occurring. You can navigate further into the risk-related outcomes and find out more information.

Scoring guide:

  • 6 and higher: Poor

  • Between 3 and 5: Good

  • 2 and lower: Excellent

Interpreting Behaviour-IQ data

Behaviours List

This is a list of behaviour’s you are measuring and their associated Security Behaviour Score. You can filter the behaviours in the top right drop down box. You can filter by priorities. These could be your own, the NCSC's or even the SebDB tier 1 behaviours. Tier 1 behaviours will contribute more score to risk-related outcomes.

Individual behaviour overviews

Behaviour-IQ allows you to combine SebDB with the data CybSafe has collected. You can look into the analysis of behaviours, such as your organisation’s score over time. This is a great way to track improvements of behaviour within your organisation. You can also compare your scores with industry benchmarks.

You can dive deep into Insights & Recommendations, which suggests both how to improve behaviours and further reading. We can also see the likelihood of change of behaviour, helping you to make an informed decision on what behaviours to target next.

Score snapshots

When inside a behaviour, you can look at a snapshot of your Security Behaviour Score. You can compare two dates and look at the distribution of scores across the organisation.

Below you can see that, when comparing two dates, the percentage of 10/10 scores went up from less than 5% to over 30%. This is a great way to see the progress your organisation is making in regards to changing behaviour.

Risk-related outcomes

You can select a risk-related outcome from the spider diagram, on the overview page, to dive into more detail. Within this screen, you can understand your risk over time. The lower it goes, the better. You can also see top contributors to risk, by group, and if needed, by user.

You can also see all the behaviours that tie to this specific risk-related outcome.

Behaviour-IQ Alpha Release

The alpha version of Behaviour-IQ uses a single data source to generate behavioural information, CybSafe’s Protect.

Protect allows organisations to set and track behavioural goals for individuals. For a more detailed explanation of what Protect is and how it works, check out this article.

Setting up CybSafe Protect is relatively straight forward. If you are not using Protect already, navigate Settings > Protect Setup > Protect settings and enable it.

After enabling Protect, select a few cards that resonate with you and your organisation’s priorities.

Once complete, users will be assigned the cards, asking them to declare their own view on their security behaviours, feeding Behaviour-IQ with valuable data.

Still have questions?

If you still have questions, you can contact the CybSafe team via We’re on hand to help resolve any further issues!

Did this answer your question?