Wombat Security Technologies is in the business of threat filtering and user training. For this month, we looked at their training.
The cornerstone of Wombat training is threat knowledge. Wombat is well-versed in information security threats and it uses this knowledge to enhance training with what it calls "teachable moments." The idea is that information security training is about as interesting as watching paint dry, so they spice it up with simulated attacks. These attacks come as a result of the student working through a scenario and seeing the consequence of a wrong move.
One of the company's premier programs involves phishing. It claims that organizations that have implemented their anti-phishing training have reduced the consequences of phishing attacks by up to 80 percent. Its programs - which also include email security, smartphone security and safe use of social networks among others - are administered through a web interface by the organization's system or training admins. The administrator can look at a wide range of statistics that focus on users, weak areas overall, or both, giving a clear picture of success of the program.
The training program can reside in the cloud or at the customer site. On the cloud system, new phishing attacks are added on an almost weekly basis. Staying current is a big benefit of the program. I have taught both in universities and at security conferences for more than 30 years. I tend to avoid security awareness sessions because keeping the class relevant and keeping the class awake is a huge challenge. The Wombat program solves both of those issues and adds the benefit of providing ways to validate outcomes and show progress.
Click here to read the full article