Educating Users to Improve Awareness, Change Behaviors, and Reduce Risk

At Wombat, we think education is about more than sharing facts and figures. We think it’s about using knowledge to drive action. Our suite of interactive training modules have two equally important aims: to help your employees understand security threats and implement the best practices needed to reduce risk to your organization.

 

Education: Bridging Awareness and Understanding

Our interactive training modules are designed to change behaviors within your organization, to help your employees make the right decisions when they are face-to-face with security threats.

Simply telling your employees that issues such as phishing, smishing, and social engineering exist is not going to reduce data breaches and malware infections. To truly bring about change, your employees must understand how security threats present themselves in day-to-day situations and recognize the role they play in protecting your network, data, and assets.

Our modules are part of our Security Education Platform and are a key component in our Assess, Educate, Reinforce, Measure methodology. Though we recommend all four steps as part of a continuous education approach, the training modules can be used independently and serve as the centerpiece of your security education program.

Download Interactive Training Modules Data Sheet

 

Engaging Employees Through Interactive Training

Each of our modules offers 10 to 15 minutes of interactive training about a specific security topic. Our development and design processes use key Learning Science Principles and employ methods that have been proven to be more effective than once-a-year training presentations and videos that do not allow for interaction.

Our modules engage users through hands-on decision-making, improving knowledge retention and facilitating longer-term behavior change. In addition, our comprehensive reporting functions allow you to gather the intelligence you need to effectively manage and tailor your training efforts. We provide a variety of reports that give you both high-level and granular looks at your employees’ results.

 

Currently Available Modules

email security training module
Email Security or Anti-Phishing Phyllis

We teach your employees to recognize bait and traps commonly found in phishing emails and spear phishing attacks. Users will learn to identify and avoid manipulative content, malicious and disguised links, dangerous attachments, inappropriate data requests, and other threats. We offer two styles of education on this subject, an interactive training module and a character-driven training game. Both present examples of phishing emails and ask users to identify potential traps.

 data protection and destruction security training module
Data Protection and Destruction

We teach your employees about how to safely use portable storage devices and media. They will also learn techniques for properly disposing of and destroying confidential data and files.

 physical security training module
Physical Security

This module introduces key components of physical security and helps your employees understand their role in maintaining a safe and secure work environment. They will also learn how they can prevent and correct physical security breaches and best practices that will help them keep your people, areas, and assets secure.

 safer web browsing security training module
Safer Web Browsing

This training teaches your employees how to avoid many of the common pitfalls and dangers associated with web browsing. They will learn how to identify potentially dangerous URLs, avoid malware and virus downloads, and spot Internet scams.

 security beyond the office training module
Security Beyond the Office

Employees will learn best practices for keeping your data, network, and equipment safe when working outside the office. Topics include safe use of WiFi networks, the dangers of public computers, and practical physical security measures.

 smartphone security training module
Smartphone Security

Whether you issue mobile devices to your employees or you are a Bring Your Own Device (BYOD) organization, your employees can benefit from our interactive training and suggested best practices for smartphone safety. They will learn the importance of physical and technical safeguards as well as how to securely use their devices and related applications.

 social engineering security training module
Social Engineering

Social engineers build relationships and take advantage of the human tendency to be open and helpful, all in an effort to steal data, access confidential networks, and run other scams. We teach your employees how to recognize and avoid common social engineering techniques and keep your people, areas, and assets secure.

 
URL Training and Anti-Phishing Phil security training module
URL Training or Anti-Phishing Phil

Your employees will learn how URLs are constructed, URL warning signs, and how to identify and avoid malicious links. The training covers manipulated domains, shortened URLs, and other common tricks. We offer two styles of education on this subject, an interactive training module and a character-driven training game. Both options ask users to determine malicious links from legitimate links.

 password security training module
Password Security

We teach your employees the difference between strong and weak passwords, show and test two methods for creating strong passwords, and explain best practices for keeping passwords safe. Employees will also learn about password families and get hands-on practice creating them.

  safe social networking training module
Safe Social Networking

Your employees will learn how to safely share and interact with others on social networking sites. We explain common traps and scams to avoid on these very public platforms. This interactive training will help employees understand what they should and should not share on social media, helping to keep your company information more secure.

  

Compliance Training

Governance, risk management, and compliance (GRC) officers are always looking to ramp up their employees’ understanding of compliance and security requirements. We have several modules that introduce the primary concepts of industry standards and explain your employees’ roles in maintaining these standards:

 PHI security training module
Protected Health Information (PHI)

We teach your employees how they should safeguard PHI to meet the HIPAA Omnibus rules, which includes new regulations in addition to former HIPAA and HITECH standards. Employees will learn about PHI identifiers and receive practical guidance for using, disclosing, transmitting, and storing PHI.

 PCI Dss security training module
PCI DSS

This module helps your staff better manage credit card data; understand PCI DSS requirements; securely manage records and accounts; and recognize and act upon security breaches. Manager-level and employee-level training is available.

 PII security training module
Personally Identifiable Information (PII)

Employees will learn how to identify PII; best practices for handling, storing, and sharing PII; and the fundamental actions to take in the event of a PII breach.

 

Try the Software