“An awareness and training program is crucial in that it is the vehicle for disseminating information that users, including managers, need in order to do their jobs. In the case of an IT security program, it is the vehicle to be used to communicate security requirements across the enterprise.” NIST 800-50
Over the last number of months we have been slowly testing and rolling out a Cybersecurity “Security Awareness Training” program to our business customers. It is available now for wider adoption. The system we use to deliver the service is compromised mostly of two notable functions.
Phishing Simulation Platform & Capabilities
The first half is an email system whereby we can send end-users simulated “Phishing” e-mails. Simulated email “phishing” is a fast and effective way to train and increase end-user cognizance of cyber-attacks including “business email compromise” (BEC), officer fraud, malware, and ransomware. Our phishing simulation platform will enhance user detection skills and foster best practices for cyber security within organizations.
- Include All of Your People with a Scalable Phishing Solution
Our cloud-based Security Awareness Training solution is scalable and designed to support any number of users. Whether your organization has 10 people or 1,000 the system will instantly scale to meet your needs; and can help transform the cyber-security preparedness level of your business.
- Reporting System Allows Us to Identify High-Risk Employees
Overtime we can identify and even further target specific users that are failing the simulations. Based upon system reporting a “focus list” can be created of higher risk end-users. It is also possible to request that high risk end-users repeat certain training modules if necessary.
- Simulate Legitimate Vendors
We can utilize a wide selection of pre-configured templates to easily send phony emails from seemingly legitimate vendors like Microsoft, large banking institutions, and others.
- Analytics and reporting
We can generate detailed reports to inform us as to which end-users are failing the email simulations. Our reports can give us granular data on user actions such as: who opened a simulation mail, who clicked links, etc.
- New Templates Added Regularly
We can create new simulation templates based upon the latest phishing scenarios and vendors.
- Redirect Simulation Failures to Educational Info-graphic
In addition to reporting, we can instantly redirect users to an educational info-graphic should they fail a simulation.
Learning Management System
The second primary function of the Security Awareness Training system is a Learning Management System (LMS) that allows us to deliver and track end-user completion of small video based training courses. The brief video courses are available on a wide variety of subjects including those you would immediately imagine such as the basic of cybersecurity and ransomware.
A few of the more notable features:
- SAT training ensures that a standardized security message is delivered to all employees.
- The system is easily scalable for as few or as many people as required.
- Users can complete training on their own schedule or in groups.
- Reporting engine lets managers know which end-users have completed the assigned modules.