Improving the user experience with Artificial Intelligence (Practical case, medium level)

Applying Machine Learning to Employee Cyber Risk Management

Kymatio, as the leading global platform in employee cyber risk management, responds to multiple organizational needs. One of its key goals is to determine the strengthening and cyber awareness needs of employees, adding the human factor to the cybersecurity equation.

Just like other advanced AI-powered platforms that process vast data lakes to find correlations, Kymatio’s challenge is to determine the probability that a user belongs to a specific Internal Risk Group (IRG). Each IRG has unique potential information security issues, requiring personalized support, training, and awareness measures.

Data and Personalization

To build accurate profiles, Kymatio collects:

• Employee role information
• Behavioral patterns
• Work habits and characteristics

The richer the data, the more precise and personalized the recommendations and actions.

Machine Learning for Cyber Awareness

Machine Learning (ML) allows systems to recognize patterns and make fast, accurate decisions. In Kymatio’s case, this means narrowing down the questions needed to identify an employee’s strengthening needs.

For example:

• Chatbot interviews use ML to adapt dynamically, asking fewer but more relevant questions.
• Some questions can be skipped because the system detects direct correlations with previously answered ones.

Association Rule Mining in Action

One effective ML approach for finding correlations is Association Rule Mining (e.g., APRIORI or FP-growth).

A classic retail example:

{onions, potatoes} → {burger} (confidence: X%)


If customers buy onions and potatoes, they often also buy minced meat.
Applied to cybersecurity, the principle is the same—predicting answers and needs based on patterns in previous responses.

Example in Python

df['item'] = df['questionKey'] + '_' + df['questionValue']

records = []
for surveyId in df['surveyId'].unique():
   records.append(df[df['surveyId'] == surveyId]['item'].tolist())

itemsets, rules = apriori(records)


This generates rules like:

{s09_A} → {s56_A} (confidence: 0.949)


If a user answers A to question s09, they will likely answer A to s56.

From Insight to Action

With these rules, Kymatio can:

• Pre-fill probable answers (autocomplete engine)
• Predict strengthening needs earlier in the process
• Deliver tailored awareness recommendations faster

Implementation Roadmap

1. Persist rules in a cache system (e.g., Redis) in a format usable by the backend.
2. Send recommended values to the frontend in real time.
3. Store both the recommended and actual user responses in the database.
4. Automate the periodic regeneration of rules to keep them relevant.

If you’re passionate about technology, AI, and ML applications in cybersecurity, contact Kymatio here.

Article by David Caballero (CIO, Kymatio) and Fernando Mateus (CEO, Kymatio)

Related information:

• New Kymatio module prepares employees for social engineering techniques
• Kymatio launches a module to manage the risks of employee's digital exposure