Risk Score

Overview

Lightbeam’s Risk Score feature is a calculated score assigned to objects and data sources that translates complex data security and privacy risk into a simple visual score. The risk score is based on the volume and sensitivity of data. It helps users quickly identify and prioritize areas that require attention from a security or compliance standpoint.

How Risk Score Helps in Risk Management:

1. Helps prioritize which data sources or objects need immediate attention based on their risk level.

2. Gives clear visibility into where sensitive or high-risk data is concentrated.

3. Enables better decision-making by highlighting areas with the most potential exposure.

Risk score enables proactive and informed data risk management by highlighting, prioritizing, and tracking risk levels across your environment.

Terminology

• Risk Weight- Risk weight is a numeric value assigned to an attribute based on its sensitivity level - High, Medium and Low. It is the importance or severity assigned to a specific attribute when calculating the overall risk score of a file or data source. To see how to set up risk weights click here.

• Risk Score of an Object - The risk score of an object is a calculated value that quantifies how risky the object (file, document, or email) is based on the sensitive data it contains. To see how the risk score is calculated click here.

• Risk Density of a Data Source- It represents the percentage of files within a data source that have a risk score greater than zero. It indicates how concentrated the sensitive data is in that specific data source.

Note- Currently, only unstructured data sources are supported—SMB, SharePoint, OneDrive, Google Drive, and Amazon S3.

Risk Score Dashboard Views

Main Dashboard

• Available on the Home Page Dashboard.

• Shows a graph of Risk Density (Y-axis) vs Risk Score (X-axis)

• Risk Score = aggregate risk score of objects in a data source

• Risk Density = % of files in that source with sensitive data.

• Top-right corner = highest priority (high risk and high density).

• Color bands indicate risk levels (Low, Medium, High).

• Helps users quickly identify which data sources need attention first.

Datasource Dashboard

Click on any data source in the graph to view the Datasource dashboard, Risk Score Distribution Chart will be visible on the screen

Understanding the Risk Score Distribution

It provides a visual overview of how sensitive data is spread across a data source in terms of risk level.

1. Risk Density Gauge

• The Risk Density indicator shows the percentage of scanned files that have a non-zero risk score.

• In the above image, the density is 83%, which means 83% of the scanned files contain sensitive data and pose some level of risk.

• The color gradient (green to red) reflects how high or low the density is. Red indicates a high concentration of risk, guiding users to prioritize that data source.

2. Risk Score by Sensitive Objects (Bar Chart)

• The above bar chart breaks down the distribution of sensitive files based on their assigned risk scores.

• The x-axis shows risk score ranges (e.g., 1–20, 21–40, etc.).

• The y-axis shows the percentage of sensitive objects (files) that fall within each range.

• For instance, in the example:

  • The largest group of sensitive files has scores between 21–40.

  • A smaller percentage of files score very high (81–100), but these may represent critical risk and should be reviewed with urgency.

• You can click on any bar in the Risk Score Distribution chart to filter and view only the files that fall within that specific risk score range.

• Clicking on a bar range filter will display all files within that risk score range for the selected data source.

Risk Score & Density on List Views

1. Click on the DataSources Tab from the top menu bar.

1. Risk Density for all data sources is present as a column here. Select a specific data source (e.g., Google Drive).

1. On the left side of the screen, an index menu will appear — click on Files.

1. The list of files within that data source will be displayed, along with their associated Risk Score, helping users assess priority at a glance.

By default, files are sorted in descending order of Risk Score, allowing users to immediately focus on the most sensitive and high-risk files first, streamlining investigation and remediation efforts.

Risk Score Policy

Policies are a set of rules that help you identify objects / raise alerts / take actions based on a combination of criteria.

Creating a Risk Score Policy

To create a policy for alerts based on risk score:

2. Hover over Access Policies to reveal the Create New option, then click on it to start setting up a new policy.

1. In the Details section, select the Policy Type and assign a name to your new rule set.

1. Scroll down to the Rule Set Criteria section and select the Document Classification tab.

   • From the dropdown menu, choose Risk Score as the condition.
2. Set the minimum threshold—this is the risk score value above which you want the system to trigger an alert.

1. Complete the policy setup by selecting Data Sources, configuring Alerts & Automation, and clicking Save.

Risk Score Setup

Navigating to the Risk Score Setup page

Here are the steps for navigating to the Risk Score Setup page:

1. Navigate to the top-right corner of the LightBeam interface.

2. Click on the Settings icon (gear icon) highlighted in the image below

1. The Settings page will open. On the left-side panel, click on the Risk Score tab highlighted in the image below
2. This will open the Risk Score Setup page

Risk Weights

Risk weight is a numeric value assigned to an attribute based on each sensitivity level- High, Medium and Low.

• All attributes classified as High sensitivity (e.g., Social Security Numbers, Passport Numbers) have a default risk weight of 10.

• Attributes classified as Medium sensitivity (e.g., Email Addresses) have a default risk weight of 2.

• Attributes with Low sensitivity (e.g., City or Country) have a default risk weight of 0.

These default values ensure that highly sensitive data is treated with appropriate risk emphasis from the start. However, users can customize these values based on their organization’s risk policies.

To modify the risk weights at a sensitivity level:

1. Navigate to the Risk Score Setup page.

2. Click on the risk weight bar next to the desired sensitivity level (High, Medium, or Low).

Note: The risk weight should fill into the criteria- Low should be lesser than medium and high. Medium should be lesser than High.

1. Enter the new risk weight value.

2. Click the Save button and save the updated risk weight of sensitivities.

To modify risk weights at an attribute level

1. Locate the specific attribute you want to customize.

2. Click on the Risk Weight field next to that attribute.

1. Enter the desired weight value based on the level of sensitivity or importance.

2. Click the blue Save button to apply and save your changes.

3. A confirmation pop-up will appear.

1. Click Yes/OK to finalize and apply all the changes.

This flexibility allows organizations to align the risk scoring logic with their internal risk management strategy.

To reset custom risk weights to the sensitivity level defaults

1. Click on the Reset Weights button

2. Click on the blue Save button to apply and save your changes.

How is Risk Score Calculated

The Risk Score is calculated by multiplying:

1. The number of unique occurrences of each attribute,

2. With its risk weight

Formula for Risk Score

Risk Score = (Number of unique instances of attribute 1 × risk weight of attribute 1) + (Number of unique instances of attribute 2 × risk weight of attribute 2) + (Number of unique instances of attribute 3 × risk weight of attribute 3)

The total risk score is capped at 100, which represents the maximum possible risk value for any object.

Example:

• If an object has 2 high-sensitivity attributes and the assigned risk weight for each is 10, the contribution is: 2 × 10 = 20

• If the object has 1 medium-sensitivity attribute and the risk weight for each is 2, the contribution is: 1 × 2 = 2

• Total Risk Score = 20 + 2 = 22

This calculated value helps quantify the level of data sensitivity and potential risk associated with the object.

LightBeam’s Risk Score feature enables users to effectively identify, assess, and prioritize sensitive data risks across their unstructured data sources. By assigning weighted scores based on data sensitivity and volume, it provides a clear, quantifiable way to understand which files or sources pose the highest risk. With intuitive visualizations, customizable policies, and real-time alerts, users can make informed decisions and take prompt action to safeguard their most critical data.

About LightBeam

LightBeam automates Privacy, Security, and AI Governance, so businesses can accelerate their growth in new markets. Leveraging generative AI, LightBeam has rapidly gained customers’ trust by pioneering a unique privacy-centric and automation-first approach to security. Unlike siloed solutions, LightBeam ties together sensitive data cataloging, control, and compliance across structured and unstructured data applications providing 360-visibility, redaction, self-service DSRs, and automated ROPA reporting ensuring ultimate protection against ransomware and accidental exposures while meeting data privacy obligations efficiently.

LightBeam is on a mission to create a secure privacy-first world helping customers automate compliance against a patchwork of existing and emerging regulations.

For any questions or suggestions, please get in touch with us at: support@lightbeam.ai