Wombat Security Awareness Training: 2018 Year in Review

For us, 2018 was a year full of innovation, evolution, and product development, and we’re feeling energized and excited about continuing our leadership into 2019 and beyond. We celebrated our tenth anniversary this year, and as we look back at 2018’s significant milestone moments and portfolio enhancements, we are thankful for the continued support and championing of our customers, industry partners, and leading infosec organizations.

Part of the Proofpoint Family

Our biggest news of the year was our acquisition by Proofpoint, a leading next-generation security and compliance company, in March 2018. The synergies between our missions are undeniable, and the blend of our product lines uniquely positions us to help organizations take a more people-centric view of cybersecurity and deliver the right training to the right people at the right time.

As Joe Ferrara — former Wombat Security Technologies CEO and now General Manager of Wombat Security, a division of Proofpoint — said of the acquisition, “The combination of our two companies will give you access to the most accurate insights into your employees’ vulnerability to the real-world attacks and threats you are facing every day, as well as the education solutions you need to more effectively manage and reduce end-user risk.”

A Leader in the Gartner MQ … for the Fifth Year in a Row

As we announced last month, for the fifth consecutive year, Gartner named us a Leader in its 2018 Magic Quadrant for Security Awareness Computer-Based Training (CBT). We were again recognized for our Completeness of Vision and Ability to Execute — and we were positioned highest in the latter metric.

Proofpoint Integrations

Access to Proofpoint threat intelligence is one of the major advantages of this year’s acquisition, as is the ability to integrate our products with those in the Proofpoint portfolio to deliver a more robust, automated response to email threats.

In September, we announced Closed-Loop Email Analysis and Response (CLEAR), a complete closed-loop approach to enable instant end-user email reporting, analysis, and remediation. This innovative Wombat-Proofpoint solution helps organizations more effectively target a soft spot in their defense-in-depth security strategies: malicious emails that pass through perimeter defenses. Those who implement this solution can reduce the typical threat triage time for reported emails from hours to minutes.

Our new Attack Spotlight series is another collaboration with Proofpoint that helps infosec teams better address emerging email threats. This free resource blends Proofpoint threat intelligence with our security awareness expertise, allowing organizations to deliver timely, actionable advice to end users about trending malicious content and phishing lures that are being distributed at critical mass (like the recently identified Emotet trojan).

Advances in Our ThreatSim Phishing Simulations

Our Phishing Simulations give organizations a way to quickly and effectively assess their end users’ susceptibility to a variety of phishing methods, and to automatically integrate follow-up training for their most vulnerable users.

In 2018, we made key additions to this tool that allow program administrators to manage their campaigns more efficiently and to rapidly evaluate users’ responses to emerging phishing threats:

• We added more than 100 templates to the ThreatSim library, including new Dynamic Threat Simulation templates, which are created based on Proofpoint threat intelligence to reflect real-world attacks across all major industries.
• Our new Follow-up Campaigns feature enables administrators to quickly and easily send an additional phishing test to users based on actions taken during a previously completed campaign.
• System Click Exclusion is designed to eliminate false failure flags, which are commonly caused when email protection tools “detonate” links within simulated phishing emails. This helps to ensure more accurate recording of failure rates and prevent system clicks from triggering Auto-Enrollment training assignments for users who did not actually fall for the phish.

Innovative New Security Awareness Training Modules

We added several new and valuable topics to our training portfolio this year, and now offer more than 35 interactive modules that can be used to change behavior and reduce end-user risk:

• We launched our Password Policy module in February, and this industry-first configurable cybersecurity education module delivers a significant training advantage: The ability for organizations to dynamically teach users about password security according to specific password policies.
• Later in the year, the Password Policy module was rolled into our new, expansive Password Protection Series, which includes three other modules: Beyond Passwords (which focuses on passphrases and PINs), Multi-Factor Authentication, and Password Management.
• Our Insider Threat Series, released in March, includes three interactive mini-modules to help organizations combat both malicious insiders and unintentional threat actors. The series introduced branching, an engaging new feature within our training that allows users to practice decision-making and critical thinking within simulated scenarios and explore the consequences of their choices in a no-risk environment.
• In May, we updated and expanded our compliance-based training options via our GDPR Overview and GDPR in Action modules. These two modules help organizations and Data Protection Officers educate employees about the General Data Protection Regulation (GDPR) — a critical need, given that end users are being relied upon to protect the sensitive data of EU residents.

Enhancements to CyberStrength Knowledge Assessments

Our CyberStrength® Knowledge Assessments allow program managers to create, administer, and analyze the results of organization-wide and targeted knowledge evaluations. This end-to-end cybersecurity assessment tool helps organizations identify areas of susceptibility related to email-based social engineering and also evaluate knowledge beyond the phish.

New questions were added to the CyberStrength library this year, giving administrators access to more than 185 multiple-choice and true/false queries when creating assessments (along with the previously available option to create custom questions). We also added a new Predefined CyberStrength assessment specifically for GDPR. Our predefined options allow administrators to focus on a particular topic and automatically deliver follow-up training to end users who do not exhibit a satisfactory level of knowledge when taking the assessment.

Also new for 2018, CyberStrength assessments are now mobile-responsive, allowing end users to access and complete their assignments on PCs, smartphones, and tablets. The tool also now conforms to the US Section 508 standard and the international Web Content Accessibility Guidelines (WCAG) 2.0 AA standard. These enhancements increase security awareness and training flexibility and accessibility for organizations and their end users.

Expanded Email Reporting Capabilities

Organizations that enable easy reporting of malicious emails give themselves a valuable opportunity to increase phishing awareness among their end users — and to benefit from a more alert employee population. Our PhishAlarm® email reporting button does just that, allowing organizations to incorporate quick-click submissions directly within email clients.

To accommodate increasingly mobile workforces, we expanded our support for mobile email reporting to include Microsoft Outlook Mobile for iOS and Android. We also worked with Google this year to meet new Gmail requirements to deliver a new PhishAlarm G Suite Marketplace application (which, as of this writing, is the only third-party email plug-in currently available for Gmail).

We also introduced PhishAlarm customization features in 2018. Organizations can now upload a custom icon and specify label text for the PhishAlarm button. This helps organizations meet specific branding goals and improve end-user comfort with and use of the reporting button.

Enhanced Administrative and Reporting Features

Our End-User Sync feature allows administrators to streamline the tasks of uploading and updating users and user properties within the Security Education Platform, our integrated, SaaS-based learning management system (LMS). In addition to Active Directory (AD) Sync, our platform now supports Microsoft Azure Sync. Administrators can create and maintain end-user directories, test their sync before adding any data, and easily map Azure properties to Wombat properties.

We also released advanced reporting features, giving administrators better access to their business intelligence. Our new Automated Report Scheduler allows account managers and administrators to set up automatic exporting and delivery of specific security awareness training reports, which increases visibility and accountability. In addition, program managers now have access to broad and deep analysis of CyberStrength performance, including the ability to benchmark results against other organizations.

Additional Support for Multinational Organizations

Our professionally translated and localized content lets organizations deliver assessments and training to end users around the world. We support more than 35 languages, and we go well beyond translation to deliver localization, creating a more personal, relevant, and engaging training experience for end users. Our content matches the conventions the supported language; items like domains, brands/logos, character names, currencies, and regional references (like dates/times and addresses) are language-appropriate.

In 2018, we added support for five new languages/locales (with more to come in 2019):

• Malay (Malaysia)
• Indonesian (Indonesia)
• Ukrainian (Ukraine)
• Khmer (Cambodia)
• Burmese (Myanmar)