Proofpoint. As you'll read at the company's website, it offers you "protection and visibility for your greatest security risk — your people", promising to "provide the most effective security and compliance solutions to respond to cyber attacks in every channel including email, the web, the cloud, and social media".
One of Proofpoint's services is also personalised cybersecurity awareness training based on its "industry-leading threat intelligence, so that you are engaging your end users and arming them against real-world cyber attacks".
After all, your people are only your weakest link if you let them be, and given it is possible to protection against this, why let it be a threat?
Proofpoint proudly boasts that its "SaaS-based solutions and Continuous Training Methodology were developed by Wombat Security Technologies (acquired in March 2018) and born from research at the world-renowned Carnegie Mellon University", and that "using them, customers have reduced successful phishing attacks and malware infections by up to 90%".
Now, before we look at some extra info on Proofpoint’s Security Awareness training, we were offered an interview with Andrew Warren-Nicholls, one of the company's top Specialists in Security Awareness training.
In the video interview above, Andrew told us about Proofpoint in 2019, and his role in cybersecurity awareness training, as well as a bit about his background in the field.
We looked at the mistakes companies are still making today, as well as what they're doing right, while delving deeper into the benefits that continuous training brings - including interesting stories and anecdotes about adventures in cyber security!
So, what's more detail on Proofpoint's Security Awareness Training’s Security Education Platform?
Well, we're told that it is "a SaaS-based learning management system purpose-built for infosec professionals to manage and deliver a full suite of products for their security awareness and training program."
The platform allows program administrators to effectively teach employees secure behaviours and gather valuable business intelligence with the following tools:
ThreatSim Phishing Simulations: Deliver simulated phishing emails and customisable Teachable Moments which display targeted "just-in-time teaching" messages to individuals who fall for a phishing test; the customisable email templates address three key testing factors: attachments, embedded links and requests for personal data.
ThreatSim Smishing and USB Simulations: Gauge employees’ understanding of the dangers associated with SMS/text phishing (smishing) and USB-based attacks through simulations and training; these assessments can protect corporate systems from malware, spyware and other dangerous software.
CyberStrength Knowledge Assessments: Create, administer and analyse the results of organisation-wide and targeted knowledge evaluations; identify areas of susceptibility related to email-based social engineering and evaluate knowledge beyond the phish.
Security Awareness Training Modules: Helps employees make the right decisions when faced with security threats with over 35 interactive training modules; gamification techniques and interactive elements engage users through hands-on decision-making, improving knowledge retention and facilitating longer-term behaviour change.
Security Awareness Materials: Create a culture of security awareness by using ongoing awareness and reinforcement techniques. Portfolio of materials includes a wide selection of videos, posters, images and articles, all designed to make cybersecurity an ongoing topic of conversation.
PhishAlarm and PhishAlarm Analyzer: PhishAlarm allows end users to report phishing emails and other suspicious messages with a single mouse click and can dramatically reduce the duration and impact of an active phishing attack. PhishAlarm Analyzer helps organisations identify and target the most pressing threats.
Security Dashboards: Allow administrators to benchmark, track and trend user knowledge; evaluate progress and gauge ROI. Download and export data to share business intelligence with other stakeholders, perform more detailed analysis and evaluate metrics alongside other security events.
More information is here.