New Personally Identifiable Information (PII) Training and Platform Enhancements

We are excited to announce several new product enhancements, which promise greater accuracy and speed for program administrators, and expand the scope of our interactive training. These advancements to our Security Education Platform include a training series on protecting personally identifiable information (PII), an innovative System Click Exclusion feature for our ThreatSim® Phishing Simulations, and a new reporting experience.

New PII Training Module Series

We have refreshed and expanded our PII awareness training content with the new PII Series, which includes PII Fundamentals and PII in Action.

We have updated the content of our PII training in several key ways. For added flexibility and consistency, the modules are now mobile responsive and conform to the US Section 508 standard and the international Web Content Accessibility Guidelines (WCAG) 2.0 AA standard. Other updates included a redesigned approach to the discussion of the risk associated with different categories of PII, including how to classify PII. Finally, we also added information about the global landscape of PII regulations and working with third parties.

• PII Fundamentals – Considered the replacement for our previous PII module, your end users will learn best practices for handling, storing, and sharing PII. It covers the different types of PII, as well as guidelines for identifying, collecting, and using it. It also includes interactive instruction about techniques for improving overall security associated with PII.
• PII in Action – In this module, your end users will explore various scenarios to learn how different decisions affect our ability to safeguard PII.

We currently offer 35+ interactive training modules, available in 35+ languages. In addition to the new PII Series, several modules address specific data security requirements, including Protected Health Information and the Payment Card Industry Data Security Standard (PCI DSS), alongside broader training in Data Protection and Destruction and the General Data Protection Regulation (GDPR).

Innovative Phishing Simulation Feature

Email security gateways often sandbox or click the links in emails. When done in a phishing simulation, this could lead to a link being clicked by the email gateway, and that click erroneously being associated with an end user. We now offer System Click Exclusion, a feature built into ThreatSim that identifies and isolates phishing simulation interactions initiated by email protection tools. This innovative approach ensures an accurate view of risky end-user behaviors and enables productive and efficient security awareness training programs.

Here’s what System Click Exclusion provides for security awareness program administrators:

• A mechanism to ensure an accurate view of end-user interactions (versus system clicks) in phishing simulations.
• An intuitive interface for creating System Click Exclusion rules for multiple system interactions based upon IP address or user agent.
• An easy way to identify the interactions from systems instead of users to validate that all interactions are being captured.
• Integration with Proofpoint Targeted Attack Protection (TAP). For TAP customers, integration between ThreatSim and TAP provides a seamless experience, in that their email protection tool clicks are already systematically whitelisted.

New Reporting Experience

We’ve also enhanced our Security Education Platform by introducing a modern, easy-to-read, more responsive reporting experience. This is all due to our new reporting engine. Two familiar reports (User Failure Summary and Assignment User Details) are now rendered in the new engine, with more to come. Here’s a sample of the new UI experience:

Detail showing our improved Assignment User Details report, rendered in our new reporting engine.

Detail showing our improved User Failure Summary report, rendered in our new reporting engine.

Advanced Reporting Benefits and Features

• Speed – The new engine runs in memory, which means that once all of your data is loaded, operations like sorting and filtering happen far more quickly. The existing report engine, by contrast, requires a round-trip to the server to return results.
• Customized tables – You can now place standard and custom table columns, in your preferred order, on all report tables. Re-size, re-order, and sort table columns with a click.
• The ability to export more data – The data from each table, and the data behind the charts, can be exported to a CSV or XLS file.
• Advanced filtering – You can now filter by additional report elements; simply click on chart values or individual table records. In addition, for the first time, you can filter the report by your custom properties. Many customers upload (or sync) fields like Department, Region, or Country. You can now search and filter by these fields directly from the data tables.

Detail showing advanced filtering by Department, a custom property.

These are just a few of many new reporting features. For more details, customers can access the reports section in their Security Education Platform, click the “what’s new” link, and review an extended article that covers what’s new, what’s different, and known items.

Note: Current customers who would like additional insights about this year’s product enhancements and future direction can access the replay of the December 11 Wombat Insiders meeting within the Wombat Wisdom Community.