 |
New Human Risk Management (HRM) solution provides a unified picture of internal workforce risk
MOUNTAIN VIEW, Calif., Nov. 18, 2025 /PRNewswire/ — UpGuard, a leader in cybersecurity and risk management, today announced the general availability of UpGuard User Risk, its innovative Human Risk Management solution. User Risk strengthens UpGuard’s unified cyber risk posture management (CRPM) platform by combining internal workforce risk with established data on vendor and attack surface risk to deliver the industry’s first true 360-degree view of an organization’s security posture.
Following a highly successful beta program of more than 100,000 users, User Risk is now available to augment existing security programs. Traditional approaches leave risk data trapped in silos and rely on infrequent training simulations. User Risk gives security leaders visibility by discovering hidden risks like Shadow SaaS and compromised credentials. It provides an AI Analyst to unify and prioritize the most critical risks, and offers real-time behavioral nudges to build secure habits across the workforce, transforming employees into a proactive line of defense.
With 82% of breaches involving a human factor, managing employee risk is paramount. However, even organizations with robust training programs struggle with critical blind spots. This “Shadow SaaS” sprawl, combined with risky permissions, leaves organizations exposed. UpGuard’s new “State of Shadow AI” report highlights this significant security gap – 8 out of 10 employees use unauthorized AI tools, and 70% know of sensitive data shared with AI tools at their workplace.
“Our customers have successfully managed their external cyber risk with UpGuard’s Vendor Risk and Breach Risk products for years, but have consistently asked for a way to solve for the human element inside their organization,” said Jess Hooper, vice president, Product at UpGuard. “User Risk addresses this by giving security teams a measurable, real-time solution. We are not just training people; we are transforming awareness into secure, habitual behavior.”
UpGuard User Risk augments existing security programs through three core pillars:
- Unified Visibility: Eliminates blind spots by discovering an organization’s true SaaS and AI footprint (including Shadow IT used with personal credentials), uncovering risky application permissions, and correlating identity breach data to active employees—consolidating everything into a single, comprehensive view.
- AI-Powered Prioritization & Governance: Turns noise into an actionable plan using an AI Analyst to automatically score and rank risks. Custom rules allow organizations to define and enforce their security policies, moving from reactive firefighting to proactive governance.
- Measurable Behavior Change: Augments traditional training with real-time, in-workflow “nudges” that act as an automated coach. This creates lasting habits by guiding employees toward safer decisions at the exact moment of risk.
User Risk is now available to all UpGuard customers. User Risk will be showcased at UpGuard Summit November 18 and 20, the premiere virtual conference for global security leaders to focus on the future of cyber risk. To learn more about User Risk’s capabilities and to get started, visit: https://www.upguard.com/product/user-risk.
About UpGuard
Founded in 2012, UpGuard is a leader in cybersecurity and risk management. The company’s AI-powered platform for cyber risk posture management (CRPM) provides a centralized, actionable view of cyber risk across an organization’s vendors, attack surface, and workforce. Trusted by thousands of companies, UpGuard’s platform is designed to help security teams manage cyber risk with confidence and efficiency. To learn more, visit www.upguard.com.