Understanding Events

When the employee portal is enabled, employees can view the security events that have affected their score. This transparency helps employees understand their risk profile and take corrective action.

Viewing Your Events

From the Employee Portal, navigate to My Events to see a chronological list of security events attributed to your account.

Each event displays:

Event type: Category of the security event
Date and time: When the event occurred
Score impact: How many points the event added or removed
Current decay: How much the impact has decayed over time
Status: Active, decayed, or disputed

Event Detail Level

Depending on your organization's configuration, events may show specific details (e.g., "Clicked phishing simulation link") or general categories (e.g., "Email security event").

Event Categories

Negative Events (Score Decrease)

Email security: Clicking suspicious links, opening flagged attachments
Authentication: Disabling MFA, repeated login failures
Device security: Malware detections, outdated software
Policy violations: Non-compliance with security policies
Training: Overdue or incomplete training assignments

Positive Events (Score Increase)

Phishing reports: Reporting suspicious emails
Training completion: Completing security training modules
MFA enrollment: Enabling multi-factor authentication
Clean streak: Extended periods with no negative events

Time Decay

Events lose their impact over time. Your event list shows the current impact after decay, not the original impact. This means older events contribute less to your current score.

With the default 90-day half-life, an event that originally removed 30 points will only account for 15 points after 90 days and approximately 7 points after 180 days.

Disputing an Event

If you believe an event was attributed to you in error, you can submit a dispute. See Submitting Disputes for details.