Cybersecurity Risk Framework to build security-first organizations

The Mercer | Mettl Cybersecurity Risk Framework offers comprehensive features to strengthen organizations' cybersecurity defences. It identifies competencies and personality traits that can be used to understand and assess cybersecurity risk-taking behaviour in an organizational context. It includes evaluating individual risk predisposition and behavioural patterns related to cybersecurity.

Personality and cybersecurity behaviour

Personality traits are vital in identifying a person's cybersecurity risk behaviour. One's personality influences an individual's perception of cybersecurity threats and their response and adherence to security practices. The Cybersecurity Risk Framework helps understand these traits in an individual and work towards preventing cybercrime. The framework has also been validated using the Mercer | Mettl Personality Map and a well-balanced and representative global sample of working professionals from diverse industries.

Applications of the Cybersecurity Risk Framework

• Individual development- This framework assists individuals in gaining insights into their cybersecurity practices and recognizes areas where they may have knowledge gaps or non-compliance with cybersecurity protocols. These findings can help identify training and development that aligns with their cybersecurity requirements.  
• Group development- This framework assists organizations in assessing the overall cybersecurity postures of their teams, identifying vulnerabilities and addressing gaps. It is a valuable tool for group development that helps organizations assess, enhance, and monitor collective cybersecurity capabilities.

What is inside this Cybersecurity Risk Framework?

The test contains fifty-one questions to be answered in thirty-five minutes. The questions are of a moderate difficulty level applicable to candidates with all experience levels.

What skills does this Cybersecurity Risk Framework cover?

• Compliance and process: It refers to an individual's ability to adhere to cybersecurity rules, regulations, and protocols and understand the processes involved in maintaining a secure environment with proactivity, self-efficacy and ethics.  
• Taking responsibility: It refers to an individual's sense of ownership, assertiveness, ability to take charge, and effective planning in cybersecurity.  
• Interpersonal relationships: It refers to an individual's ability to build and continue positive relationships with other people in the context of cybersecurity, fostering collaboration, empathy, effective communication, openness and diversity, sociability and altruism. 
• Positive attitude: It refers to an individual's mindset and outlook towards cybersecurity, encompassing resilience, positivity, openness to change, and persistence in overcoming challenges.

What roles can you assess using this Cybersecurity Risk Framework? 

This test applies to all roles across levels.

How can a Cybersecurity Risk Framework help recruiters hire?

The Mercer | Mettl Cybersecurity Risk Framework helps recruiters adopt a structured approach to identify, assess, and mitigate potential risks and vulnerabilities and evaluate candidates' awareness of cybersecurity best practices and risk-taking behaviour. It helps protect individuals and companies from cyber threats and attacks. By administering this test, one can identify skilled professionals across diverse roles.