Kymatio Isotype
Why Kymatio
Partners
Book a demo
Book a demo
EN
Kymatio Isotype
Why Kymatio
Partners
Book a demo
This website uses cookies

We use cookies to personalise content and ads, to provide social media features and to analyse our traffic. We also share information about your use of our site with our social media, advertising and analytics partners who may combine it with other information that you’ve provided to them or that they’ve collected from your use of their services.

I acceptSettings
Cookie settings
Kymatio uses cookies to make your experience better. Check our Privacy Policy to learn more.
Strictly necessary (always active)
Cookies required to enable basic website functionality.
Accept all cookiesSave settings
Close
articles
Risk Management. What lessons can we learn from the COVID-19 situation?
Cyberattacks
Cybersecurity Prevention

Risk Management. What lessons can we learn from the COVID-19 situation?

by
César González Lobo
|
May 21, 2020

COVID-19 shows why detailed, individual-level risk assessment is crucial. Learn how applying this approach to cybersecurity helps protect critical assets and strengthen organizational resilience.

IN THIS article
Text Link
Book a demo

Risk Management Lessons from COVID-19: Why the Human Factor Matters

The COVID-19 pandemic offers a clear, real-world example of how risk management—when applied early and in detail—can make a decisive difference in outcomes.

Early Risk Assessment: A Preventive Advantage

If we assess the probability of a new, highly contagious virus emerging and the impact it could have (e.g., high mortality), we can estimate whether there’s a real risk to society.

  • Mapping exposure areas, identifying most vulnerable groups, and knowing where resources are scarce enables targeted prevention and mitigation actions.
  • A risk map helps determine where measures are in place and where urgent action is needed.

The Problem of Treating “People” as a Single Asset

In traditional organizational risk analysis, “people” are often treated as a single collective asset, associated with general vulnerabilities like:

  • Age
  • Health conditions
  • Work exposure
  • Lifestyle habits

This approach: ❌ Estimates only the general risk. ❌ Produces generic mitigation measures. ❌ Fails to pinpoint high-risk individuals or groups.

Why Detailed, Individual-Level Risk Assessment Is Essential

Just as IT assets are classified in detail—not just “servers” but “web servers” or “financial applications”people should also be analyzed individually:

  • Exposure level: e.g., healthcare workers, police officers.
  • Impact potential: e.g., elderly employees, those with pre-existing conditions.
  • Combined factors: e.g., a 70-year-old with diabetes working in a hospital faces exponentially higher risk than a healthy 25-year-old working from home.

Outcome:

  • Tailored protection measures for different individuals.
  • Efficient resource allocation where it matters most.

Applying This Thinking to Cybersecurity & Internal Risk

In cybersecurity, we often categorize staff broadly as “administrators” or “users.” This is like calling all servers the same—it misses critical differences.

Kymatio applies granular, human-focused risk assessment:

  • Evaluates each person’s unique vulnerabilities and exposure to threats.
  • Determines impact level if an incident occurs.
  • Designs personalized strengthening plans to reduce internal risk.

The Takeaway

COVID-19 reminds us: Risk management works best when it’s specific, preventive, and human-centered. By understanding each person’s unique context, organizations can:

  • Reduce risk.
  • Protect critical assets.
  • Increase resilience in times of crisis.

📌 It’s more necessary than ever to focus on the human factor. Contact Kymatio to start preventing.

related articles

Explore more articles

Why an AI-Phishing Benchmark is Critical for Your 2025 Strategy
Cyberattacks
Cybersecurity Prevention
Why an AI-Phishing Benchmark is Critical for Your 2025 Strategy
by
Kymatio
|
August 19, 2025
NIS2 vs. DORA comparison — what applies to your organization
Cyberattacks
Cybersecurity Glossary
NIS2 vs. DORA comparison — what applies to your organization
by
Kymatio
|
August 1, 2025
Annual Campaign Calendar: Phishing, Smishing, Vishing and QRishing
Cyberattacks
Cybersecurity Prevention
Annual Campaign Calendar: Phishing, Smishing, Vishing and QRishing
by
Kymatio
|
July 29, 2025
ACTIVATE YOUR HUMAN FIREWALLS

Ready to uncover the real risk within your organization

Book a demo
Know the real risk
4.8 in Capterra

Join the Kymatio® newsletter and get the latest insights, research, and practical tips on cybersecurity awareness prevention straight to your inbox.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Services
HRMAssessment  & AwarenessAttack SimulationsBreach ScanDigital Wellbeing
Use cases
Public SectorFinancial SectorHealthcare SectorLarge enterprises
About us
Why KymatioKnow KymatioOur valuesSuccess Stories
Resources
BlogWebinarsWhitepapersNews
Get in touch
ContactLinkedInXFacebookYoutube
© 2025 Kymatio. All Rights reserved.
Privacy policy
·
Compliance
·
Cookies Policy
·
Legal Notice
·
AI Policy