Infosec CloudManaged Services

Security Awareness Testing & Training

Security Awareness Testing & TrainingOverview

Infosec Cloud provides a cloud-based security awareness testing and training (SATT) managed service to combat against phishing, social engineering and ransomware attacks. Employees are tested at their desks, with full management reporting and focussed training for those who are vulnerable.

High quality, web-based interactive training combined with frequent simulated phishing attacks, using case studies, live demonstration videos and short tests is aimed at making sure employees understand the mechanisms of spam, phishing, spear phishing, malware and social engineering.

The service is cost-effective, requires a relatively short amount of employee time, and is suited to organisations of all sizes.

Keeping you secure.

Security Awareness Testing & TrainingWhy Infosec Cloud?

Like a real cybercriminal, we know email security and how to bypass it. We have over 250 email security customers protecting around 90,000 mailboxes. We use this knowledge to successfully test your employees.

Our video on-demand (VOD) is sourced from the largest security awareness provider globally ensuring the material is always up-to-date.

The material is available 24x7 and can be paused/restarted anytime.

Our courses are used by over 1,500 enterprises worldwide.

Bespoke templates are created. We base these on what interests your users. For example;- the Finance Team can be targeted with finance or bank type bespoke phishing emails whereas the marketing team can receive shiny creative offers…

Security Awareness Testing & TrainingWhy Use a Managed Service?

Reduce Costs – Benefit from accessing an established and proven testing and training program.

Access to Talent - Security Awareness Training is highly specialised.

Geographic Reach & Scalability – Train all employees worldwide via distance learning on the same security processes and procedures.

Compliance – Many organisations are required to comply with a multitude of regulations, such as PCI, which we have already planned for.

Training is not Core to the Business (or IT Department) - Training is a necessity, but the development, management and delivery of training would be a distraction.

Access the Latest Technology – Infosec Cloud provides automated Phishing Security Tests and trackable, targeted video-on-demand training.

Security Awareness Testing & TrainingValue Proposition

Reduced malware infections

Reduced data loss

Reduced potential cyber-theft

Users have security top of mind

Reduced help desk calls

Reduced cleaning and re-imagingof machines

Reduced down time, increased user productivity

Real ROI

Security Awareness Testing & TrainingService Overview

Phishing Security TestHow phish-prone are your employees?

91% of successful data breaches started with a spear phishing attack – and they’re getting more sophisticated.

Infosec Cloud provides a Phishing Security Test which will show you what percentage of your users are Phish-prone.

Security Awareness TrainingKeeping your employees security aware.

High quality, web-based interactive training combined with frequent simulated phishing attacks, using case studies, live demonstration videos and short tests.

It is aimed at making sure employees understand the mechanisms of spam, phishing, spear phishing, malware and social engineering.

After the training, Infosec Cloud’s highly effective scheduled Phishing Security Tests keeps employees on their toes. There are several correction options for employees who fall for the attacks, including instant remedial online training.

Security Awareness Testing & TrainingService set-up

Ascertain testing criteriaCampaign start & endNumber of employeesUser data (email, first name, last name, title, department)Type of phishing campaignsCustomer phishing exposure expectations & future targetsFrequency of testsReport destinationsEvaluate which VOD courses are required (after testing)

Account ProvisioningImport usersMap campaigns to usersCreate bespoke phishing rules & templatesCreate phishing campaign & frequencyCreate relevant whitelists and bypasses in customers for the Infosec source IP’sTest pilot

Security Awareness Testing & TrainingTesting & Training Timeline – first 6 months

Q1 Report on phish prone organisational percentage baselineIntroduction to SATT template to send to usersEnrol all users in trainingMonitor and report on training completionMandatory training remindersPerform additional phishing test/sReport on new phish-prone baseline

Q2Create new bespoke phishing templatesAdditional phishing test/s, report on new baselineAdditional training for all employees that failReport on risk areasFailure report provided to relevant personnel

Security Awareness Testing & TrainingTesting & Training Timeline – next 6 monthsQ3

Create new bespoke phishing templatesAdditional phishing test/s, report on new baselineAdditional training for all employees that failReport on risk areasFailure report provided to relevant personnel

Q4Create new bespoke phishing templatesAdditional phishing test/s, report on new baselineAdditional training for all employees that failReport on risk areasFailure report provided to relevant personnelAssess organisational baselineConfirm testing/training requirements for next 12 months

Plus an inclusive Email Security Health Check(1 every 12 months)

Video on Demand Training Menu

Video on Demand Training

Security Awareness Testing & TrainingKey Points

Phishing Security Tests - unlimited and on-demand when needed

Security Hints & Tips

Training videos on Security Awareness

Individual user reports

Customised emails targeted at individuals and teamsScheduled and randomised emails to users

Email reports/statistics on user phishing tests

Full management reporting

Email security health check (1 every 12 months)

All from Industry experts in anti-phishing and training.

Security Awareness Testing & TrainingKey Benefits

Measure and reduce employee susceptibility to real-world phishing attacks

Gather hard data by testing and tracking employee security awareness and behaviour

Deliver focussed training to increase security awareness and improve behaviour

Understand your organisation’s real-world security posture

Regular targeted testing raises awareness and understanding of sophisticated social engineering security threats.

Combined with focussed, automated training delivered at the employee’s desk, our service enables and empowers your employees to apply this knowledge in the real-world to measurably reduce the risk to your organisation.

Security Awareness Testing & TrainingRecommendation

• Run Regular Testing & Training

• Review Corporate Policies – Acceptable User Behaviour

• Deploy Layered Security Solution

When you subscribe to the SATT service, with a managed email security service and Sophos cloud endpoint, we will provide a guarantee up to the value of £2,000 towards the clean-up of a Cryptolocker virus

Security Awareness Testing & TrainingFAQs

Regarding the phishing security tests, the data we store consists only of email addresses, and what this address has clicked on. No other data gets stored.

As the phishing tests only use standard email/web protocols, and do not include any actual malware, Infosec Cloud phishing tests will not introduce any vulnerabilities into your systems.

Infosec Cloud has done everything to be secure, scalable and reliable.

Note: the infrastructure we use runs on the Amazon Web Services (AWS) cloud which has the following certifications:“AWS has achieved ISO 27001 certification and has successfully completed multiple SAS70 Type II audits. We will continue to obtain the appropriate security certifications and conduct audits to demonstrate the security of our infrastructure and services.”

Infosec CloudManaged Services

Infosec Cloud provides a range of integrated Managed Services designed to meetkey IT security needs:

• Email Security

• Web Security

• Strong Authentication

Contact us for more information and no obligation, impartial advice.

T: 01256 379970

E: sales@infosec-cloud.com

W: www.infosec-cloud.com