Automating security education programs rapidly increases employee participation in security education and results in behavior change.
Pittsburgh, PA – February 11, 2014– Wombat Security Technologies (Wombat) today announced a market innovation in security awareness training that automates educational programs to dramatically improve employee engagement in, and completion of, cyber security training. Wombat Security’s innovative approach enables security officers to electronically create training assignments for people who fall for phishing attacks. Automation improves employee acceptance and completion of training and makes it easier for security officers to manage security awareness and training programs across their organization.
With the dramatic rise in phishing and other cyber security attacks, companies are under the gun to effectively train employees how to recognize and avoid attacks that can cause costly breaches. Security awareness training is in the spotlight because many attacks are initiated by an employee action. However, problems still exist in executing and managing an effective training program. Lack of engagement and participation has stymied many programs. Wombat’s methodology addresses these issues by providing engaging training, increased participation, and measurable results through automation.
“Wombat Security’s unique phishing auto-enrollment feature has significantly improved our security training participation rate, especially for non-mandatory training,” said the security officer of an international consulting firm. “In fact we have well exceeded our traditional completion rate for mandatory training.”
How it works:
Employees who fall for phishing simulated attack e-mails immediately receive a teachable moment and at the same time the Wombat Security Training Platform automatically enrolls the employee to take short, 10 minute interactive training modules that teach them how to identify the cyber-attacks and traps. This methodology motivates employees to complete training at much higher completion rates than training not tied to simulated attacks. Individuals who fall for simulated attacks can have training completion rates higher than 90%.
For example, one Fortune 50 company sent a mock phishing attack to their employees. Within hours of the phishing emails, 25% of people who fell for a phishing attack had already completed the auto-assigned training modules.
“By motivating employees to quickly respond and complete security awareness training means a company’s workforce is armed against the most current attacks,” said the Manager of IT Security and Disaster Recovery for a Fortune 1000 manufacturing company. “In addition, using automated phishing attacks enables companies to streamline operations, save money, and protect their organization at the same time.”
“We are constantly thinking about how we can make employee info security education more effective,” said Joe Ferrara, President and CEO of Wombat Security Technologies and recent winner of “CEO of the Year” from CEO World Awards. “We have seen how automation can successfully ensure that more employees engage in learning and that security officers can more easily implement continuous programs thereby strengthening human defenses against cyber-attack.”