Human Risk Management (HRM)

Reduce user-related security incidents caused by human error and drive resilience to phishing attacks through personalised staff training programmes.  

Humans are targets – 36% of data breaches involve phishing. 

Humans make mistakes – 90% of data breaches involve human error. 

Compliance is essential – Key standards like ISO 27001 require regular staff training. 

Extech Cloud can now offer your staff training to increase your businesses security! 

Extech Cyber Security Sussex

Transform your employees into your first line of defence

Whether it’s sharing passwords with colleagues, emailing sensitive data to the wrong recipient or falling victim to a phishing attack, employees are seen as the ‘weakest link’ in your cyber security. That’s why it’s vital to understand where the human vulnerabilities exist within your business and to train staff regularly to reduce the risk of a data breach, fines or damage to your business’s reputation. Human Risk Management (HRM) is the new class of user-focused security that enables you to do just that through personalised security awareness training programs, periodic phishing simulation campaigns, simplified policy management and ongoing dark web monitoring – completely managed for you.


  • Drive user resilience to sophisticated phishing attacks
  • Reduce user-related security incidents caused by human error
  • Demonstrate compliance with key standards like ISO 27001 and GDPR
  • Understand your business’s employee security posture with a human risk score
  • Dig deep into ongoing human risk with training, phishing and policy reporting
  • Save time with readily made courses, phishing campaigns and policy templates
  • Simple setup, fast deployment and automated staff training reminders

Key Features

Our HRM service offers a full-circle solution for assessing, reducing and monitoring human cyber risk, without hindering staff productivity.

Security Awareness Training

Assess each user’s security knowledge gaps and automate regular training courses that tackle their unique risk areas.

  • User-tailored training
  • Cover essential topics
  • Automate reminders
  • Track user progress

Simulated Phishing

Automate periodic phishing simulations that assess your employees’ ongoing risk to a range of attack techniques.

  • Identify at-risk users
  • Educate users on threats
  • Automate simulations
  • Instantly train at-risk users

Dark Web Monitoring

Detect when stolen user credentials are found on the dark web that could be used to launch targeted phishing attacks.

  • Detect data breaches
  • Find the source of breach
  • Learn what’s exposed
  • Identify early-stage threats

Policy Management

Keep users well-versed on security processes with easy policy management and trackable eSignatures (available with USecure Advance).

  • Readily made templates
  • Track signatures
  • Automate reminders
  • All in one accessible place

How it works

  • Evaluate – Assess your employees’ existing cyber risk areas through a quick 15-minute gap analysis assessment.
  • Educate – Strengthen user resilience with tailored training programs that prioritise courses to tackle each users’ high risk areas first.
  • Calculate – Understand ongoing human risk and measure the impact of the training through real-time reporting.
  • Demonstrate – Showcase your human risk and data protection efforts in audits and demonstrate compliance standards.

Extech Cloud works with small to medium businesses in Burgess Hill, Crawley, Brighton, and across Sussex and Surrey. Take a look at our case studies to find out more about the clients we work with. We can support your cybersecurity requirements with our bespoke solutions. Contact the Extech Cloud team and speak with a specialist today to learn more about our training programmes and cybersecurity.