Pervasive Phishing Attack Pattern
The phishing attack pattern ultimately drives the majority of cybersecurity and remediation spending for most organizations.
From the Verizon Data Breach Investigation Report
Percentage of Breaches included Phishing
Percentage of Phishing Incidents detected by Antivirus
Percentage of Phishing Incidents detected by Outsiders
Bottom Line: Training Users to Handle Phishing Attacks Slashes Costs
Interactive Training with Regular Phishing Tests & Reporting Yields Tangible Results
Based on Results from over 300,000 users!
Our Solution: Employee Security Awareness Training
How it Works
This one-year program can either be fully outsourced where it's administered by our specialists, or clients can login to the portal to administer the tests and reporting themselves. Similarly, users can access training materials via our portal, or clients can import and run content with their existing Learning Management System.
Each burst of phishing emails is considered a campaign, typically executed weekly or monthly. Campaigns employ email and landing page templates from our library that resemble what cybercriminals use. Clients can customize the templates. Customization is mandatory for spear phishing tests.
Reporting on training and test results is automated. Numerous templates slice and dice this information in varied ways to appeal to different audiences. Automated reports tend to be monthly, coinciding with phishing campaigns. Clients can generate additional, customized reports.
Hackers and other criminals primarily target an organization’s personnel for phishing attacks. We offer additional training modules that help clients mitigate risks via other attack vectors. As with phishing, our system automates enrollment, reminders, tracking, and reporting.
We help transform your employees from unwitting targets to human firewalls. They become obstacles to hackers rather than conduits. The initial testing, training, and ongoing testing combine to not only elevate your users’ preparedness but sustain and institutionalize it.
Security maturity and cyber readiness require excellence in people, policy, processes, procedures, and technology. Executives find this program helps them affect the cultural change necessary among personnel. This lowers operations costs and barriers to further improvements in policy, process, and technology.
And, the success pervasively perceived by employees increases their willingness and motivation to hone training in other cybersecurity areas.
Robust Employee Phishing Testing
- Customizable library of successful phishing templates
- Clients can create/customize templates
- Customizable landing pages
- Targeted spear phishing campaigns with personalized data
- Ongoing, year-round testing
- Scheduled testing campaigns
- (optional) Randomized campaigns with randomized templates
- (optional) Skip weekends
- (optional) More frequent testing for phished users
- Email link clicks
- Links clicked on landing pages
- Data entered into landing pages
- Opened MS Office or PDF attachments
- Phishing Attack Surface: what employee emails are published on Internet (included)
- Voice-phishing attacks (separate charge)
- Domain spoof test (one-time)
- Capture user compliance “Read and Attest” affirmations
More User Training
- On-demand, browser based training
- Auto-enrollment and follow-up emails for users
- Point-of-failure training auto-enrollment
- Available as SaaS (fully or self-managed) or can be run from client’s Learning Management System
Reports: Phishing Testing & Training
- Automated reports to client following each phishing campaign
- Filter/sort results by campaign date/time, campaign user-response (opened, link-click, attachment-open), email bounce, and more
- Trends and user group comparisons
- Top 50 and Individual user reports
- Open and click history/rates by Browser/device
- Who started, completed, never finished training
Mitigate Other People Risk Vectors
- Training APT/Ransomware
- Basics of Credit Card Security
- Handling Sensitive Information Securely
- Top 50 and Individual user reports
- Mobile Device Security
- Strong Passwords