Our unique Assess, Educate, Reinforce, Measure training methodology combines the four key components of successful cyber security awareness and training programs.
Customers using our cyclical approach have experienced up to a 90% reduction in successful external phishing attacks and malware infections.
Get Our 14-Day Free TrialAn important first step in comprehensive cyber security awareness and training for employees is to assess your employees’ knowledge and your organization’s areas of susceptibility.
Learn More
Use our scenario-based CyberStrength® Knowledge Assessments to gauge your staff’s understanding of a variety of cyber security topics.
Learn MoreChoose our customizable ThreatSim®, SmishGuru®, and USBGuru® simulated attacks to identify vulnerabilities to pervasive threat vectors without exposing your organization to an actual attack.
Learn MoreOur interactive training modules are the key to educating your employees about security threats in the workplace and beyond. These 10- to 15-minute modules allow users to learn by doing, engaging them through hands-on decision-making.
Our educational approach improves knowledge retention, creating longer-term behavior change. It’s also flexible: You can add customized content to highlight known issues, communicate policies, and more.
Learn MoreIt’s important to reinforce best practices learned in order to keep cyber security top-of-mind for your employees.
Our PhishAlarm® email reporting add-in enables employees to put their knowledge to use and report suspected phishing emails with the click of a button.
In addition, our portfolio of Security Awareness Materials allows you to highlight key messages and reward positive behaviors within your workplace.
Learn More
The most effective training programs are flexible enough to adapt and change according to your needs. Our reporting tools allow you to gather powerful analytics about your organization’s strengths and weaknesses, calculate results, and plan future training accordingly.
Not sure which assessment and education components to select for your cyber security training programs? Our suggested plans identify the Wombat products that will help you target specific threat vectors.
The Anti-Phishing Training Suite combines simulated phishing attacks, our unique Auto-Enrollment feature, and three interactive training modules to help you reduce phishing risks. Learn More
Use our CyberStrength assessments and simulated attacks to evaluate susceptibility, and follow with training modules that help your users identify social engineering scams and react appropriately. Learn More
Healthcare settings provide their own unique challenges. Use our healthcare-focused assessments and short, interactive training to build an effective program. Learn More
“We’ve been using Wombat’s PhishAlarm product for some time and can already see the positive impact it’s having on our organization. PhishAlarm easily replaced antiquated suspicious email reporting with a consistent and user friendly process that positively affected employee behavior.”
“We selected Wombat because they offer a comprehensive cyber security preparedness platform. Wombat’s platform enables us to assess internal risk and target training to employees who need it most, thereby strengthening our security profile.”
The recently published 2017 Cost of Cyber Crime Study from Ponemon Institute and Accenture delivered some sobering statistics:
You’re setting up a new online account and need to create a new password, so you think of a word you can remember, capitalize the first letter, add some digits and end with an exclamation point. The password is 12 characters long, and includes numerals, symbols, and upper- and lowercase letters. It’s probably a strong password, right?
New research suggests that some steps people use to strengthen passwords actually make them more vulnerable to attackers, and that its time to rethink the standard advice about passwords and consider new approaches to security awareness training.
With that in mind, we explore the crossroads of science and password policies, usability and security education, and share three tips for creating stronger passwords.
As pioneers in the development of simulated phishing attacks, we naturally recommend using these assessment tools as foundational components of security awareness training programs. But just as we believe there is more to successful security education than phishing tests, we feel there is more to measuring program success than tracking end-user click rates. And that’s for one simple reason: these metrics don’t provide a full view into your organization’s susceptibility.
There has been a lot of talk about pending GDPR requirements and the penalties associated with non-compliance, but GDPR is not the only EU cybersecurity legislation that will be affecting organizations in the near future. Alan Levine, a former Fortune 500 CISO and current Security Advisor to Wombat, spoke to Wombat Wisdom Conference attendees last month about the GDPR and two other regulations — PSD2 and the NIS Directive — and discussed the role he believes employee security awareness training will play with regard to organizational compliance with these laws.
Following, we offer quick overviews about the GDPR, PSD2, and the NIS Directive; Levine’s take on these pieces of legislation; and links to additional resources.
