Security Awareness Training Programs
Not sure which assessment and education components to select for your security awareness training programs? Our suggested programs identify Wombat products that will help you use our unique, four-step Assess, Educate, Reinforce, Measure methodology as the foundation of an effective security awareness training program.
The Anti-Phishing Training Suite combines simulated phishing attacks, our unique Auto-Enrollment feature, and three interactive training modules to help you reduce phishing risks. Customers have reduced their quantity of successful phishing attacks by up to 90% using our proven Anti-Phishing Training Suite.Learn More ›
How well do your employees understand the basic principles behind compliance initiatives? We cover PII, PHI, and PCI-DSS topics. Don’t just check the box with your compliance training. Choose a program that allows you to evaluate knowledge and use interactive training to drive behavior change.Learn More ›
Healthcare data is one of the most valuable items to cybercriminals and often healthcare settings are easy targets because of their own unique time and security challenges. Use our healthcare-focused assessments and short, interactive training to build an effective security awareness and training program to keep your staff and patients safe.Learn More ›
Social engineering is often the first step in many other types of attacks. Use our CyberStrength assessments and simulated attacks to evaluate susceptibility, and follow with training modules that help your users identify social engineering scams and react appropriately.Learn More ›
Data Storage & Handling
Data is everywhere and more mobile, giving more potential access points to criminals than ever before. Assess your users’ knowledge and then educate them on how to safely use, transport and store sensitive data.Learn More ›
Theft, loss, and damage to mobile devices is no small problem; portability means that sensitive data is constantly on the move. Assess your user’s knowledge and educate them with our interactive training modules specific to this important topic.Learn More ›
Retail organizations have long been targeted by cybercriminals, who seek all opportunities to breach networks and systems in hopes of obtaining credit card, banking, and personal information. Assess your user’s knowledge and educate them with our interactive training modules specific to this industry.Learn More ›
Wombat Security Blog
WannaCry, NotPetya, and the Evolution of Ransomware
BT/KPMG Paper Calls on Business Leaders to Build a Culture of Security
There are members of the infosec community who continue to call for a technical-only solution to phishing prevention, one that cuts end users out of the equation entirely. And there likely always will be individuals seeking this Holy Grail. While we certainly can’t see into the future, we do know this: We fully expect technological advances to help with phishing, much like spam filters, sandboxing, and other technologies have over the years. But the trickle-down time and lag in adoption rates mean that no new technology will offer even close to an immediate fix to the problem. Waiting on technology to solve cybersecurity vulnerabilities and abandoning the idea that end users can be a better asset does nothing to advance security postures now.
Black Hat 2017 Takeaways: Treating the Root of End-User Risk
Last week, I got to spend time with many other members of the security community at Black Hat USA 2017. Despite being in the infosec space for the past ten years, this was my first time attending the event, and I was impressed with the breadth of topics covered. None too surprising, I found a lot of interesting talks in the “Human Factors” track, but it was refreshing to see how broadly this community is looking at security.
Though future blog posts will dig into additional topics that piqued my interest during my time in Las Vegas, I wanted to use this post to highlight the point that most resonated with me during the show, which I heard during the keynote by Alex Stamos, Facebook’s Chief Security Officer. While Stamos offered a number of great insights, the one that stuck with me was the statement that we too often focus on fixing a specific issue or bug, and fail to think about the root cause and how we can address that. I found this to be sage advice not just for the security space, but for life in general. That’s not to say we should go philosophical and “meta” with every problem presented to us every day, but when you see similar things happening over and over, it’s worthwhile to take a step back and attempt to look at the situation with fresh eyes. Doing so can help reveal a fundamental issue that has been overlooked, thus causing repeated issues.