Employee Security Awareness Training

Our interactive employee security awareness training has reduced user phish-click rates by 91.9% (see below) and changed users from weak links to attack sensors.

Hackers Target Employees with Phishing Emails to Penetrate your Enterprise

Pervasive Phishing Attack Pattern

user clicks phishing email

"This looks interesting!"

executive contemplate data breach impact

"What will this breach cost us?"

phishing attack pattern click on phish malware installed credentials stolen lateral movement enterprise owned

The phishing attack pattern ultimately drives the majority of cybersecurity and remediation spending for most organizations.

From the Verizon 2015 Data Breach Investigation Report

Percentage of the 2122 Breaches included Phishing

Percentage of Phishing Incidents detected by Antivirus

Percentage of Phishing Incidents detected by Outsiders

Bottom Line: Training Users to Handle Phishing Attacks Slashes Costs

Interactive Training with Regular Phishing Tests & Reporting Yields Tangible Results

92 percent phish click rate reduction

Based on Results from over 300,000 users!

Our Solution: Employee Security Awareness Training

Methodology

methodology for employee security awareness training

How it Works

This one year program can either be fully outsourced where its administered by our specialists, or client's can login to the portal to administer the tests and reporting themselves. Similarly, users can access training materials via our portal or client’s can import and run content with their existing Learning Management System.

Each burst of phishing emails is considered a campaign, typically executed weekly or monthly. Campaigns employ email and landing page templates from our library that resemble what cyber criminals use. Clients can customize the templates. Customization is mandatory for spear phishing tests.

Reporting on training and test results is automated. Numerous templates slice and dice this information in varied ways to appeal to different audiences. Automated reports tend to be monthly, coinciding with phishing campaigns. Clients can generate additional, customized reports.

Hackers and other criminals primarily target an organization’s personnel for phishing attacks. We offer additional training modules that help clients mitigate risks via other attack vectors. As with phishing, our system automates enrollment, reminders, tracking, and reporting.

Benefits

We help transform your employees from unwitting targets to human firewalls. They become obstacles to hackers rather than conduits. The initial testing, training, and ongoing testing combine to not only elevate your users’ preparedness but sustain and institutionalize it.
Security maturity and cyber readiness requires excellence in people, policy, processes, procedures, and technology. Executives find this program helps them affect the cultural change necessary among personnel. This lowers operations costs and barriers to further improvements in policy, process, and technology.
And, the success pervasively perceived by employees increases their willingness and motivation to hone training in other cybersecurity areas.

Robust Employee Phishing Testing

Content

  • Customizable library of successful phishing templates
  • Clients can create/customize templates
  • Customizable landing pages
  • Targeted spear phishing campaigns with personalized data

Distribution

  • Ongoing, year-round testing
  • Scheduled testing campaigns
  • (optional) Randomized campaigns with randomized templates
  • (optional) Skip weekends
  • (optional) More frequent testing for phished users

Test Responses

  • Email link clicks
  • Links clicked on landing pages
  • Data entered into landing pages
  • Opened MS Office or PDF attachments

Related Extras

  • Phishing Attack Surface: what employee emails are published on Internet (included)
  • Voice-phishing attacks (separate charge)
  • Domain spoof test (one-time)
  • Capture user compliance “Read and Attest” affirmations

Phishing Training
and Reporting

More User Training

Phishing Training

  • On-demand, browser based training
  • Auto-enrollment and follow-up emails for users
  • Point-of-failure training auto-enrollment
  • Available as SaaS (fully or self-managed) or can be run from client’s Learning Management System

Reports: Phishing Testing & Training

  • Automated reports to client following each phishing campaign
  • Filter/sort results by campaign date/time, campaign user-response (opened, link-click, attachment-open), email bounce, and more
  • Trends and user group comparisons
  • Top 50 and Individual user reports
  • Open and click history/rates by Browser/device
  • Who started, completed, never finished training

Mitigate Other People Risk Vectors

  • Training APT/Ransomware
  • Basics of Credit Card Security
  • Handling Sensitive Information Securely
  • Top 50 and Individual user reports
  • Mobile Device Security
  • Strong Passwords