For us, 2018 was a year full of innovation, evolution, and product development, and we’re feeling energized and excited about continuing our leadership into 2019 and beyond. We celebrated our tenth anniversary this year, and as we look back at 2018’s significant milestone moments and portfolio enhancements, we are thankful for the continued support and championing of our customers, industry partners, and leading infosec organizations.
Our biggest news of the year was our acquisition by Proofpoint, a leading next-generation security and compliance company, in March 2018. The synergies between our missions are undeniable, and the blend of our product lines uniquely positions us to help organizations take a more people-centric view of cybersecurity and deliver the right training to the right people at the right time.
As Joe Ferrara — former Wombat Security Technologies CEO and now General Manager of Wombat Security, a division of Proofpoint — said of the acquisition, “The combination of our two companies will give you access to the most accurate insights into your employees’ vulnerability to the real-world attacks and threats you are facing every day, as well as the education solutions you need to more effectively manage and reduce end-user risk.”
As we announced last month, for the fifth consecutive year, Gartner named us a Leader in its 2018 Magic Quadrant for Security Awareness Computer-Based Training (CBT). We were again recognized for our Completeness of Vision and Ability to Execute — and we were positioned highest in the latter metric.
Access to Proofpoint threat intelligence is one of the major advantages of this year’s acquisition, as is the ability to integrate our products with those in the Proofpoint portfolio to deliver a more robust, automated response to email threats.
In September, we announced Closed-Loop Email Analysis and Response (CLEAR), a complete closed-loop approach to enable instant end-user email reporting, analysis, and remediation. This innovative Wombat-Proofpoint solution helps organizations more effectively target a soft spot in their defense-in-depth security strategies: malicious emails that pass through perimeter defenses. Those who implement this solution can reduce the typical threat triage time for reported emails from hours to minutes.
Our new Attack Spotlight series is another collaboration with Proofpoint that helps infosec teams better address emerging email threats. This free resource blends Proofpoint threat intelligence with our security awareness expertise, allowing organizations to deliver timely, actionable advice to end users about trending malicious content and phishing lures that are being distributed at critical mass (like the recently identified Emotet trojan).
Our ThreatSim® Phishing Simulations give organizations a way to quickly and effectively assess their end users’ susceptibility to a variety of phishing methods, and to automatically integrate follow-up training for their most vulnerable users.
In 2018, we made key additions to this tool that allow program administrators to manage their campaigns more efficiently and to rapidly evaluate users’ responses to emerging phishing threats:
Want to see our product portfolio in action?
We added several new and valuable topics to our training portfolio this year, and now offer more than 35 interactive modules that can be used to change behavior and reduce end-user risk:
Our CyberStrength® Knowledge Assessments allow program managers to create, administer, and analyze the results of organization-wide and targeted knowledge evaluations. This end-to-end cybersecurity assessment tool helps organizations identify areas of susceptibility related to email-based social engineering and also evaluate knowledge beyond the phish.
New questions were added to the CyberStrength library this year, giving administrators access to more than 185 multiple-choice and true/false queries when creating assessments (along with the previously available option to create custom questions). We also added a new Predefined CyberStrength assessment specifically for GDPR. Our predefined options allow administrators to focus on a particular topic and automatically deliver follow-up training to end users who do not exhibit a satisfactory level of knowledge when taking the assessment.
Also new for 2018, CyberStrength assessments are now mobile-responsive, allowing end users to access and complete their assignments on PCs, smartphones, and tablets. The tool also now conforms to the US Section 508 standard and the international Web Content Accessibility Guidelines (WCAG) 2.0 AA standard. These enhancements increase security awareness and training flexibility and accessibility for organizations and their end users.
Organizations that enable easy reporting of malicious emails give themselves a valuable opportunity to increase phishing awareness among their end users — and to benefit from a more alert employee population. Our PhishAlarm® email reporting button does just that, allowing organizations to incorporate quick-click submissions directly within email clients.
To accommodate increasingly mobile workforces, we expanded our support for mobile email reporting to include Microsoft Outlook Mobile for iOS and Android. We also worked with Google this year to meet new Gmail requirements to deliver a new PhishAlarm G Suite Marketplace application (which, as of this writing, is the only third-party email plug-in currently available for Gmail).
We also introduced PhishAlarm customization features in 2018. Organizations can now upload a custom icon and specify label text for the PhishAlarm button. This helps organizations meet specific branding goals and improve end-user comfort with and use of the reporting button.
Our End-User Sync feature allows administrators to streamline the tasks of uploading and updating users and user properties within the Security Education Platform, our integrated, SaaS-based learning management system (LMS). In addition to Active Directory (AD) Sync, our platform now supports Microsoft Azure Sync. Administrators can create and maintain end-user directories, test their sync before adding any data, and easily map Azure properties to Wombat properties.
We also released advanced reporting features, giving administrators better access to their business intelligence. Our new Automated Report Scheduler allows account managers and administrators to set up automatic exporting and delivery of specific security awareness training reports, which increases visibility and accountability. In addition, program managers now have access to broad and deep analysis of CyberStrength performance, including the ability to benchmark results against other organizations.
Our professionally translated and localized content lets organizations deliver assessments and training to end users around the world. We support more than 35 languages, and we go well beyond translation to deliver localization, creating a more personal, relevant, and engaging training experience for end users. Our content matches the conventions the supported language; items like domains, brands/logos, character names, currencies, and regional references (like dates/times and addresses) are language-appropriate.
In 2018, we added support for five new languages/locales (with more to come in 2019):
Note: Current customers who would like to learn more about this year’s product enhancements and future direction can access the replay of the December 11 Wombat Insiders meeting within the Wombat Wisdom Community.
Posted by Gretel Egan on 12.12.18
Posted by Gretel Egan on 12.12.18
Posted by Gretel Egan on 12.12.18