CyberPosture
Menu
Take HVI AssessmentRequest Demo
CyberPosture HVI · Human Vulnerability Index

Measure the human side of cyber risk.

HVI gives people and organizations a simple, measurable score for behavior-driven cyber risk.

A privacy-first human-risk intelligence platform using a 300–850 score to help you understand human cyber vulnerability, identify the behaviors and controls that matter most, and track improvement over time.

Take HVI AssessmentRequest HVI Demo
Human Vulnerability Index

What HVI Does

The Human Vulnerability Index (HVI) translates human cybersecurity behaviors into a clear, measurable score. Instead of focusing only on systems and technology, HVI helps identify the human factors that contribute to cyber risk.

Through assessments, behavioral insights, and risk analysis, HVI helps individuals and organizations understand their current exposure, prioritize improvement efforts, and track progress over time. The result is a consistent framework for measuring, communicating, and improving human cyber resilience.

Platform architecture

How the HVI platform works.

A continuous loop — from assessment to score to action — running on a shared, privacy-first, security-first platform foundation.

01
Live Assessment
Behavior, knowledge, scenario, and context inputs.
02
HVI Score
A 300–850 score with a clear risk tier.
03
Recommendations
Personalized, prioritized actions.
04
Continuous Improvement
Track progress and reduce risk over time.
Shared CyberPosture platform foundation
Signal & Evidence Ingestion
Identity & Context
Risk Intelligence Engine
AI Reasoning Layer
Governance & Review
Reporting & Evidence
Security, Privacy & Governance — built into every layer
Role-based access · Encryption · Data minimization · Consent · Retention · Audit logs · Privacy by design

Understand both exposure and improvement.

HVI distinguishes between inherent human risk — exposure before controls, training, and behavior improvements — and residual human risk, the exposure that remains after protective controls, awareness, and improved habits are taken into account.

For organizations, this distinction shows whether interventions are actually reducing human cyber risk over time.

Inherent human riskHigh
Residual human riskReduced
HVI for organizations

More than training completion.

Measure workforce human-risk patterns, understand where exposure is concentrated, prioritize interventions, and track improvement over time — with reporting for security, risk, HR, and leadership.

Request HVI Demo
Workforce HVI DashboardQ2 · 1,240 people
694
Avg HVI
+11
QoQ change
18%
High risk
Engineering
761
+12
Support
705
+8
Finance
688
+5
Sales
642
-3
HR
724
+9
Executive
598
+21

A score built on structured signals.

HVI combines assessment responses with behavioral, exposure, and control-adoption signals — designed to update as new signals become available, and to explain the reasons behind the score in plain language.

300–850 scoreMulti-signal risk modelInherent & residual riskBehavioral signalsControl-adoption signalsTime-based trackingRecommendation enginePrivacy-first design

Built for trust from the beginning.

HVI is designed around privacy, consent, data minimization, and clear boundaries on how human-risk information is used. It should help people improve resilience — not unfairly penalize individuals or drive fully automated decisions without human review.

Consent-awareData minimizationPseudonymized dataRole-based accessHuman reviewResponsible useEvidence & auditability

Want to understand how HVI works?

A structured methodology explains the risk dimensions, scoring model, privacy principles, and responsible-use guidelines behind the Human Vulnerability Index.

Read the HVI Methodology