Understanding your Risks Page

Navigating and using your Risks Page

When you log in to your CultureAI admin dashboard, your homepage is your Risks page. Here you will see an overview of all your current open risks, broken down into nine separate sections.

In this guide, we'll look through how to navigate this page, and get the data you need from it.

What is a Risk?

Risks are security events that CultureAI has detected within your company. What you see on this page will depend on the risks you've configured to monitor

Your Risks are split into categories, with further separate sections for each different Risk within those categories.

You've detected a Risk, what now?

Click into the risk you'd like to view, in this example, we'll look at the Email Phishing Reports.

Here you can see all the reported emails listed out, with a high level overview of each case.

Click on the 'View' button to look into the details of one of the reported emails.

You can click through the tabs at the top of the case to view the contents of the email, a screenshot of the email and other details to help to review and decide how you want to mark this report.

At the bottom of the case page, you will see a "Mark as" section, clicking one of the options will allow you choose how to mark off this report. 

Auto-closing cases

Some cases will close off automatically. 

If someone reports an email as 'spam', CultureAI will automatically close this case off.

Spam emails (while annoying), don't pose an active risk to your companies security. This prevents your case load getting clogged with spam emails, making the process of investigating phishing emails smoother.

When you close off a case, or a case auto closes, an email will be sent out to the employee that reported the email to inform them of the case outcome.

If you'd prefer not to send these, you can disable this setting here in your dashboard.

Any simulated phishing emails that are reported, won't open a case in your Risks dashboard. Simulated Phishing emails don't need to be investigated, as we already know that these are safe and don't pose any threat to your business.

I've closed off a Risk, what do I do now?

Depending on the risk, you may have extra steps you want to take outside of CultureAI.

For example, if an employee is using a weak password, you would need to follow up with them to ensure they change this.

You should have internal processes in place to deal with situations like breached data, or an employee clicking on real phishing links. 

CultureAI can help you manage your case load, by listing out outstanding cases for you to review and take any steps outside of CultureAI to manage those risks.