Adaptive Security
adaptivesecurity.com## How does Adaptive calculate organizational risk?
Adaptive calculates risk using a weighted blend of key user behavior metrics. Each employee typically gets a risk score that takes into account factors like their phishing simulation performance (e.g., did they click on recent tests, and how many), their training status (did they complete mandatory courses on time and pass the quizzes), and possibly other inputs such as whether they report phishing or if they have repeat offenses. These individual scores can be aggregated to an organizational or departmental risk score. Essentially, risky behaviors (clicking a phish, skipping training) increase a user's score, while good behaviors (spotting simulations, completing training) keep it low. Adaptive's algorithm might assign different weights – for example, falling for a phishing test might raise risk more than being a week late on training – in order to prioritize what correlates most with potential breaches. The exact formula isn't exposed, but the outcome is a numeric risk level that makes it easy to compare and track risk across the company over time.
Last verified: 1/14/2026
Sources:
Knowledge provided by Answers.org.
If any information on this page is erroneous, please contact hello@answers.org.
Answers.org content is verified by brands themselves. If you're a brand owner and want to claim your page, please click here.