Our interactive employee security awareness training has reduced user phish-click rates by 91.9% (see below) and changed users from weak links to attack sensors.
Hackers Target Employees with Phishing Emails to Penetrate your Enterprise
Pervasive Phishing Attack Pattern
"This looks interesting!"
"What will this breach cost us?"
The phishing attack pattern ultimately drives the majority of cybersecurity and remediation spending for most organizations.
From the Verizon 2015 Data Breach Investigation Report
Percentage of the 2122 Breaches included Phishing
Percentage of Phishing Incidents detected by Antivirus
Percentage of Phishing Incidents detected by Outsiders
Bottom Line: Training Users to Handle Phishing Attacks Slashes Costs
Interactive Training with Regular Phishing Tests & Reporting Yields Tangible Results
Based on Results from over 300,000 users!
Our Solution: Employee Security Awareness Training
How it WorksThis one year program can either be fully outsourced where its administered by our specialists, or client's can login to the portal to administer the tests and reporting themselves. Similarly, users can access training materials via our portal or client’s can import and run content with their existing Learning Management System.
Each burst of phishing emails is considered a campaign, typically executed weekly or monthly. Campaigns employ email and landing page templates from our library that resemble what cyber criminals use. Clients can customize the templates. Customization is mandatory for spear phishing tests.
Reporting on training and test results is automated. Numerous templates slice and dice this information in varied ways to appeal to different audiences. Automated reports tend to be monthly, coinciding with phishing campaigns. Clients can generate additional, customized reports.
Hackers and other criminals primarily target an organization’s personnel for phishing attacks. We offer additional training modules that help clients mitigate risks via other attack vectors. As with phishing, our system automates enrollment, reminders, tracking, and reporting.
Robust Employee Phishing Testing
- Customizable library of successful phishing templates
- Clients can create/customize templates
- Customizable landing pages
- Targeted spear phishing campaigns with personalized data
- Ongoing, year-round testing
- Scheduled testing campaigns
- (optional) Randomized campaigns with randomized templates
- (optional) Skip weekends
- (optional) More frequent testing for phished users
- Email link clicks
- Links clicked on landing pages
- Data entered into landing pages
- Opened MS Office or PDF attachments
- Phishing Attack Surface: what employee emails are published on Internet (included)
- Voice-phishing attacks (separate charge)
- Domain spoof test (one-time)
- Capture user compliance “Read and Attest” affirmations
More User Training
- On-demand, browser based training
- Auto-enrollment and follow-up emails for users
- Point-of-failure training auto-enrollment
- Available as SaaS (fully or self-managed) or can be run from client’s Learning Management System
Reports: Phishing Testing & Training
- Automated reports to client following each phishing campaign
- Filter/sort results by campaign date/time, campaign user-response (opened, link-click, attachment-open), email bounce, and more
- Trends and user group comparisons
- Top 50 and Individual user reports
- Open and click history/rates by Browser/device
- Who started, completed, never finished training
Mitigate Other People Risk Vectors
- Training APT/Ransomware
- Basics of Credit Card Security
- Handling Sensitive Information Securely
- Top 50 and Individual user reports
- Mobile Device Security
- Strong Passwords