Overview of the CyberThreat Level KPI
Learn more about how your CyberThreat Level is determined
Your CyberThreat Level is an indicator of how likely your organisation is to experience a cyber-attack based on real-time data from your cyber security tools and cyber intelligence data about trending attacks, or lack thereof.
Think of it like the terrorist threat level, indicating how likely intelligence services think an attack is about to happen. Like a terrorist threat level, your CyberThreat Level is designed to ensure you remain vigilant, ready to respond, and pay more attention to your cyber security when data suggests you need to.
As a mutli-dimensional KPI, your CyberThreat Level is powered by a cross section of data – for example, a simultaneous increase in malicious email traffic, quarantined malware on your devices and communication from your devices to suspicious websites or IP addresses, would be an indicator that your likelihood of experiencing a cyber-attack is higher than normal, and thus would contribute to a higher CyberThreat Level.
We believe transparency is essential, so we provide you with the drilldown so you can understand how your CyberScore has been derived.
How do I read my CyberThreat Level
Quantitative – your actual score represented as a single number between 0 and 138, you know exactly what your score is – no fluffy stuff for you to learn before understanding what your CyberThreat Level is.
Qualitative – having a number attributed to your cyber security is helpful, but it doesn’t mean much without a reference point. We provide qualitative values to help you understand if this is good, bad or indifferent with values of None, Low, Moderate, High and Critical.
Click on 'Threat Details' to see more:
Clicking on Threat Details will open a detailed breakdown of your CyberThreat composition. You can also see an overview of the data retrieved from each technology by clicking on the arrow to the right to expand that field:
How do I Drive my CyberThreat Level?
By connecting your cyber security tools.
HighGround is designed to synchronize the security data from your various cyber security tools in real-time. From here, data is aggregated from the various tools and scored continually to give you the most up-to-date data as possible.
If you are missing tools or technologies, you can always visit our Pricing Calculator to get an idea of what it will cost to address the shortfall.
What effects my CyberThreat Level?
There are many elements that can impact your CyberThreat Level. These are the main ones:
- Poor health or dangerous activity in your current security tools - for example, your endpoint protection identifying that you have malware on a computer which could not be cleaned or a significant increase in activity from your email filtering service.

- Missing Tools/technology – if you don’t have a technology at all you will receive the maximum increase for this on your CyberThreat Level to reflect a gap in your cyber security – if you don’t have it, you can’t see it, and this increases the threat to your business due to a blindspot you shouldn’t have.

- Data Correlation – threat data from a single tool is bad enough, but threat data from multiple tools in the same time period is much more serious, and a leading indicator that there is a higher likelihood of a cyber-attack occurring.

How do I maintain awareness of my CyberThreat Level?
It is essential that you are continually aware of your CyberThreat Level and any changes to it. That’s why we make it easy for you to get on with your many other priorities safe in the knowledge that when something changes, we will let you know.
You have 4 options for staying up to date of your CyberThreat Level:
-
WebApp – you can login to highground.io and check your cyber security at any time.
-
Mobile App – you can open the HighGround app on your phone or tablet at any time
-
Push Notifications – when your CyberThreat Level changes, you will be notified in alignment with your notification preferences, defined by your both your organisations global administrator and yourself
- Cyber Reports – configure email reports on a regular basis or login to the WebApp and send them manually. Note: only accounts with a Pro subscription can schedule their cyber reports – Freemium users must login to at highground.io and send these manually.