Skopos takes a holistic approach to cyber security.
What does that mean?
Companies can be attacked via two ways: directly on employees, via a phishing email for example or technology: for example logging in to a portal with breached credentials. Usually it is a combination of the two: an employee opening a malicious attachment that gives the attacker access to the organisation. "The process" is what you do to defend against risks by organizing security.
Skopos continuously assesses risks on these three categories: for people, process and technology. Skopos captures the risk levels for these categories for all our users. This gives two ways to report your unique risk:
1) How does a user perform againt the baseline of Skopos average user. This helps you to assess whether you outperform or underperform compared to the baseline
2) What are objective risks that attackers see? This is captured in the SKopos Exploit Score or SKES.
Let´s have a look at the categories:
For people we make a unique risk assessment, based on key risks. With Skopos you can test cyber awareness, phishing risk and breaches. This gives a good indication of the approach you can take to secure your organisation on the human level.
Skopos measures how quickly you are able to solve issues on for example laptops and websites.
Skopos continuously monitors risks on devices like smartphones, laptops but also servers, websites and the internal network.
We look for vulnerabilities that can be exploited by attackers. Some tools Skopos employs are similar to the ones used by hackers. This gives a clear perspective of how an attackers sees your organisation.