We have partnered with Infosec Institute to provide you with security awareness training using their InfosecIQ platform. InfosecIQ is an online learning platform that combines a phishing simulator and computer-based security awareness training system in one easy-to-use cloud-based service. InfosecIQ allows your organization to achieve total cybersecurity awareness by enrolling everyone in your organization into our automated campaigns.
Over the next few weeks your users will received different types of "phishy" emails that are designed to try and get them to give up sensitive information such as usernames, passwords and other types of data (don't worry none of this data is ever stored). Sometimes just clicking on a bad email can cause a computer to become infected with malware, as such some of these emails are just looking for people to click on them.
All users (even those at the very top) are subject to phishing so we cannot tell you when or what we are sending. Different campaigns will automatically be sent each month at random times.
In addition to the "phishy" emails that are sent, users will also be enrolled in pro-active AwareEd training. This training is released around the 1st and 15th of each month. Each training module is designed to be short (around 2 minutes) and entertaining.
You should inform your users that you are participating in a cybersecurity awareness program and that their participation is required. Users who fall victim to our phishing emails will be required to participate in a quick educational training module and answer a few questions afterwards. In addition you should start to see a new "Report Phishing" button appear in Outlook. Anyone who suspects a "phishy" email can click this to delete and report the email to us for further review.
Any users that have been caught will receive an email similar to the one below informing them they were phished and that they need to participate in training. In addition we will notify you if there are users that have not participated in education after being caught.
Below is an example of the email sent for AwareEd training. Users will receive an email similar to the one below twice a month once new training is released. Users should view the training content as soon as possible. Users who do not participate in training will be listed on a monthly report.