Navigating and using your Risks Page
When you log in to your CultureAI admin dashboard, your homepage is your Risks page. Here you will see an overview of all your current open risks, broken down into nine separate sections.
In this guide, we'll look through how to navigate this page, and get the data you need from it.
What is a Risk?
Risks are security events that CultureAI has detected within your company. What you see on this page will depend on the risks you've configured to monitor.
Your Risks are split into categories, with further separate sections for each different Risk within those categories.
You've detected a Risk, what now?
Click into the risk you'd like to view, in this example, we'll look at the Email Phishing Reports.
Here you can see all the reported emails listed out, with a high level overview of each case.
Click on the 'View' button to look into the details of one of the reported emails.
You can click through the tabs at the top of the case to view the contents of the email, a screenshot of the email and other details to help to review and decide how you want to mark this report.
At the bottom of the case page, you will see a "Mark as" section, clicking one of the options will allow you choose how to mark off this report.
Auto-closing cases
You can choose to automatically close off some cases.
If someone reports a case as spam, you can choose to close off those risks automatically without an admin needing to action this.
Spam emails (while annoying), don't pose an active risk to your companies security. This prevents your case load getting clogged with spam emails, making the process of investigating phishing emails smoother.
You can also choose to have cases that have been previously reported and triaged, automatically close off with the same triage settings.
If a case comes in that's already been reported and triaged, this will then automatically close with the same settings you previously triaged it as.
Please click here to view these settings.
When you close off a case, or a case auto closes, an email will be sent out to the employee that reported the email to inform them of the case outcome.
If you'd prefer not to send these, you can disable this setting here in your dashboard.
Any simulated phishing emails that are reported, won't open a case in your Risks dashboard. Simulated Phishing emails don't need to be investigated, as we already know that these are safe and don't pose any threat to your business.
I've closed off a Risk, what do I do now?
Depending on the risk, you may have extra steps you want to take outside of CultureAI.
For example, if an employee is using a weak password, you would need to follow up with them to ensure they change this.
You should have internal processes in place to deal with situations like breached data, or an employee clicking on real phishing links.
CultureAI can help you manage your case load, by listing out outstanding cases for you to review and take any steps outside of CultureAI to manage those risks.