Infosec Cloud provides a targeted and trackable security awareness testing and training (SATT) managed service. Employees are tested at their desks, with full management reporting and focussed training for those who are vulnerable. High quality, web-based interactive training combined with frequent simulated phishing attacks, case studies, live demonstration videos and short tests is aimed at making sure employees understand the mechanisms of spam, phishing, spear phishing, malware and social engineering.
The service is cost-effective, requires a relatively short amount of employee time, and is suited to organisations of all sizes.
2. Security Awareness Testing & Training
Overview
Infosec Cloud provides a cloud-based security awareness testing and training
(SATT) managed service to combat against phishing, social engineering and
ransomware attacks. Employees are tested at their desks, with full management
reporting and focussed training for those who are vulnerable.
High quality, web-based interactive training combined with frequent simulated
phishing attacks, using case studies, live demonstration videos and short tests is
aimed at making sure employees understand the mechanisms of spam, phishing,
spear phishing, malware and social engineering.
The service is cost-effective, requires a relatively short amount of employee
time, and is suited to organisations of all sizes.
Keeping you secure.
3. Security Awareness Testing & Training
WhyInfosec Cloud?
Like a real cybercriminal, we know email security and how to bypass it. We
have over 250 email security customers protecting around 90,000 mailboxes.
We use this knowledge to successfully test your employees.
Our video on-demand (VOD) is sourced from the largest security awareness
provider globally ensuring the material is always up-to-date.
The material is available 24x7 and can be paused/restarted anytime.
Our courses are used by over 1,500 enterprises worldwide.
Bespoke templates are created. We base these on what interests your users.
For example;- the Finance Team can be targeted with finance or bank type
bespoke phishing emails whereas the marketing team can receive shiny
creative offers…
4. Security Awareness Testing & Training
WhyUseaManagedService?
Reduce Costs – Benefit from accessing an established and proven testing and
training program.
Access to Talent - Security Awareness Training is highly specialised.
Geographic Reach & Scalability – Train all employees worldwide via distance
learning on the same security processes and procedures.
Compliance – Many organisations are required to comply with a multitude of
regulations, such as PCI, which we have already planned for.
Training is not Core to the Business (or IT Department) - Training is a necessity,
but the development, management and delivery of training would be a
distraction.
Access the Latest Technology – Infosec Cloud provides automated Phishing
Security Tests and trackable, targeted video-on-demand training.
5. Security Awareness Testing & Training
ValueProposition
Reduced malware infections
Reduced data loss
Reduced potential cyber-theft
Users have security top of mind
Reduced help desk calls
Reduced cleaning and re-imagingof machines
Reduced down time, increased user productivity
Real ROI
6. Security Awareness Testing & Training
ServiceOverview
Phishing Security Test
How phish-prone are your employees?
91% of successful data breaches started with a spear phishing attack – and they’re getting more
sophisticated.
Infosec Cloud provides a Phishing Security Test which will show you what percentage of your users are
Phish-prone.
Security Awareness Training
Keeping your employees security aware.
High quality, web-based interactive training combined with frequent simulated phishing attacks, using
case studies, live demonstration videos and short tests.
It is aimed at making sure employees understand the mechanisms of spam, phishing, spear phishing,
malware and social engineering.
After the training, Infosec Cloud’s highly effective scheduled Phishing Security Tests keeps employees on
their toes. There are several correction options for employees who fall for the attacks, including instant
remedial online training.
7. Security Awareness Testing & Training
Serviceset-up
Ascertain testing criteria
Campaign start & end
Number of employees
User data (email, first name, last name, title, department)
Type of phishing campaigns
Customer phishing exposure expectations & future targets
Frequency of tests
Report destinations
Evaluate which VOD courses are required (after testing)
Account Provisioning
Import users
Map campaigns to users
Create bespoke phishing rules & templates
Create phishing campaign & frequency
Create relevant whitelists and bypasses in customers for the Infosec source IP’s
Test pilot
8. Security Awareness Testing & Training
Testing &Training Timeline–first6months
Q1
Report on phish prone organisational percentage baseline
Introduction to SATT template to send to users
Enrol all users in training
Monitor and report on training completion
Mandatory training reminders
Perform additional phishing test/s
Report on new phish-prone baseline
Q2
Create new bespoke phishing templates
Additional phishing test/s, report on new baseline
Additional training for all employees that fail
Report on risk areas
Failure report provided to relevant personnel
9. Security Awareness Testing & Training
Testing &Training Timeline–next6months
Q3
Create new bespoke phishing templates
Additional phishing test/s, report on new baseline
Additional training for all employees that fail
Report on risk areas
Failure report provided to relevant personnel
Q4
Create new bespoke phishing templates
Additional phishing test/s, report on new baseline
Additional training for all employees that fail
Report on risk areas
Failure report provided to relevant personnel
Assess organisational baseline
Confirm testing/training requirements for next 12 months
Plus an inclusive Email Security Health Check
(1 every 12 months)
12. Security Awareness Testing & Training
KeyPoints
Phishing Security Tests - unlimited and on-demand when needed
Security Hints & Tips
Training videos on Security Awareness
Individual user reports
Customised emails targeted at individuals and teams
Scheduled and randomised emails to users
Email reports/statistics on user phishing tests
Full management reporting
Email security health check (1 every 12 months)
All from Industry experts in anti-phishing and training.
13. Security Awareness Testing & Training
KeyBenefits
Measure and reduce employee susceptibility to real-world phishing attacks
Gather hard data by testing and tracking employee security awareness and behaviour
Deliver focussed training to increase security awareness and improve behaviour
Understand your organisation’s real-world security posture
Regular targeted testing raises awareness and understanding of sophisticated social
engineering security threats.
Combined with focussed, automated training delivered at the employee’s desk, our
service enables and empowers your employees to apply this knowledge in the real-world
to measurably reduce the risk to your organisation.
14. Security Awareness Testing & Training
Recommendation
• Run Regular Testing & Training
• Review Corporate Policies – Acceptable User Behaviour
• Deploy Layered Security Solution
When you subscribe to the SATT service, with a managed email security service and
Sophos cloud endpoint, we will provide a guarantee up to the value of £2,000 towards
the clean-up of a Cryptolocker virus
15. Security Awareness Testing & Training
FAQs
Regarding the phishing security tests, the data we store consists only of email
addresses, and what this address has clicked on. No other data gets stored.
As the phishing tests only use standard email/web protocols, and do not include
any actual malware, Infosec Cloud phishing tests will not introduce any
vulnerabilities into your systems.
Infosec Cloud has done everything to be secure, scalable and reliable.
Note: the infrastructure we use runs on the Amazon Web Services (AWS) cloud which has
the following certifications:
“AWS has achieved ISO 27001 certification and has successfully completed multiple SAS70
Type II audits. We will continue to obtain the appropriate security certifications and
conduct audits to demonstrate the security of our infrastructure and services.”
16. Infosec Cloud
ManagedServices
Infosec Cloud provides a range of integrated Managed Services designed to meet
key IT security needs:
• Email Security
• Web Security
• Strong Authentication
Contact us for more information and no obligation, impartial advice.
T: 01256 379970
E: sales@infosec-cloud.com
W: www.infosec-cloud.com