The Human Risk Management Maturity Model


The new approach in changing human behaviors to protect organizations from cyber threats.


The Human Risk Management Maturity Model has been developed in collaboration with cybersecurity industry thought leaders and practitioners. This model provides security teams guidance on building stronger cyber defenses and boosting resilience. When executed well, human behaviors will improve reducing business risk, and allow the security team to become a true business partner to the rest of the organization. Additionally employees will feel empowered, and cultural change will take place, ultimately leading to a more secure world.

The Maturity Model is divided into three categories: Culture, Technology, and Process. Within each category are key components that formulate a Human Risk Management program. Each component is measured at its own maturity stage. As you assess your position, you gain a matrix of results to help you prioritize next actions.

HRM MM Matrix
Get Started, Download Your Copy

Contributing Organizations

living security_Horizontal2 BW Light-13-1