For years, Proofpoint Security Awareness Training (PSAT) has helped organizations educate their employees and strengthen their skills in defending against cyber threats. As such, PSAT is a core part of our human-centric security platform. But you need to do more than raising security awareness to mitigate human risk.
As digital workspace expands, cybercriminals have more opportunities than ever to manipulate human behavior. Attackers are going beyond email and injecting themselves into digital platforms like messaging and collaboration tools, making it harder to prevent people from engaging with threat actors. Additionally, many users knowingly take risky actions to bypass security. Organizations cannot rely on traditional security awareness training to change unsafe behavior. A human risk management strategy, combining technology and education, is essential to prepare and guide your employees in today's digital landscape.
That’s where Proofpoint ZenGuide™ comes in. ZenGuide is the next evolution of security awareness education within our platform. It strengthens human risk management by integrating adaptive learning with targeted interventions that help to shape your employees’ real-world behaviors. Because it continuously adapts to each person’s risk profile, it can reinforce the right security habits.
Ultimately, ZenGuide helps you build a strong culture of security. This drives sustained behavior change and measurably reduces human risk over time.
Evolving learning framework: from ACE to DICE
Proofpoint ZenGuide provides a smarter, adaptive approach to security awareness. It does this by taking the ACE learning framework one step further to DICE.
The ACE (assess, change behavior, evaluate) framework establishes a solid foundation for delivering effective security awareness programs. It focuses on how well people understand what they learn and how much they retain.
DICE builds on the success of ACE. It transforms employee behavior by providing continuous learning that adapts to risks. DICE has four steps:
- Detect human risk
- Intervene with guidance
- Change behavior
- Evaluate effectiveness
In other words, ZenGuide provides insight into who your high-risk employees are. Then it engages them with automated, personalized experiences with timely interventions and behavior-focused learning to address growing human-centric security challenges.
ZenGuide transforms employee behavior
Here’s how Proofpoint ZenGuide provides continuous learning that adapts to risks.
1: Identify high-risk users
Through ZenGuide’s integration with Proofpoint People Risk Explorer (PRE), organizations can leverage valuable insight into employees’ real-world behaviors, roles, exposure to attacks and privileges. As a result, PRE quantifies human risk. And ZenGuide enables security teams to address the behaviors and vulnerabilities that pose risk to their organizations through targeted, automated interventions. By identifying risky behaviors early, ZenGuide allows teams to deliver tailored education to employees based their unique risk profile.
2: Intervene with guidance
When risky behaviors or potential threats are detected, ZenGuide intervenes. It provides employees with guidance, timely advice and education, which are adapted to their unique vulnerabilities and behaviors.
ZenGuide enhances adaptive learning using Adaptive Groups for automatic enrollment of user groups based on behaviors and risk levels. Pathways provides increased flexibility when building personalized learning experiences.
Adaptive groups
Adaptive Groups enables teams to create groups of learners and auto-enroll them into targeted programs that adapt to individual behaviors and risk profiles.
Adaptive Groups tool.
Pathways
Pathways provides a more flexible way to design curriculum and activities. Teams can tailor lessons, phishing simulations and assessments to ensure that employees receive the right training at the right time.
Pathways tool.
3: Drive engagement and sustained behavior change
Security culture is self-reinforcing. Engaged employees create a stronger security culture. And a strong security culture motivates employees to adopt and sustain better security behaviors.
ZenGuide helps you to promote this positive cycle. It gives you the tools to build an engaging learning program that adapts to your employees’ risk profiles, roles, behaviors, vulnerabilities, preferred languages, competency levels and more.
Here’s how ZenGuide motivates your employees and keeps them engaged:
- Behavioral nudges. At key moments, employees are nudged to make positive security choices and learn more.
- Gamified elements and interactive training content. When learning is fun, employees are naturally more engaged.
- Threat-based content. Our industry-leading threat intelligence informs ZenGuide’s training and phishing simulation content to ensure s employees are trained on real-world scenarios, so they know about new and trending threats.
- Adaptive learning is an approach that delivers a personalized learning experience tailored across phishing simulations, training content, interventions and follow-up educational activities and gradual difficulty levels—based on user risk levels, behaviors, and threat exposure—to drive behavior change and reduce security incidents.
- Learner Dashboard. Employees can get insights into their own behaviors. They can also see security outcomes and the impact of their behavior on their organization. This fosters accountability and encourages positive actions.
ZenGuide Learner Dashboard.
4: Measure success beyond training completion
Traditional training metrics—like participation and simulation outcomes—only tell part of the story. The new ZenGuide Admin Dashboard simplifies how you track real-world behavior and culture change. As a result, you can better measure program success.
The Admin Dashboard features a Repeat Behaviors Report. This report provides visibility into the users who consistently engage in risky behavior and those who exhibit good behavior. It also provides a User Risk Score, which is based on a user’s:
- Attack risk
- Vulnerability risk
- Privilege risk
This data allows you to prioritize education more effectively because it helps you to target the users who pose the greatest risk. Plus, it improves behavior tracking so that you can evaluate the program’s impact on reducing risk overall.
What’s more, the Admin Dashboard enables you to align advanced metrics with organizational goals, create groups on-demand to drive targeted learning, and measure program impact on human risk reduction. Metrics include:
- Reporting accuracy. This metric shows how good your employees are at identify phishing attempts and reporting them.
- Resilience ratio. This metric compares how many employees report simulated phishing emails versus how many fall for them. A higher score means that your organization has more employees who report phishing than employees who fall them.
- Industry benchmarks. This enables you to compare key metrics with industry peers so that you can share your program impact with executives and stakeholders.
ZenGuide Admin Dashboard.
From training to human-risk management with ZenGuide
ZenGuide represents a strategic advancement in security awareness training. It not only provides education, but it also delivers real-time interventions that are based on each person’s behavior.
As the digital workspace expands, human-centric security challenges continue to grow. Attackers target people through email and other digital channels such as Teams and Slack. Your users must be well-prepared for the digital world that they operate in. They need to learn how to consistently make safer choices when encountering threats. It’s even more important to add an extra layer of protection to ensure your users remain resilient in this expanding digital landscape.
Proofpoint offers a comprehensive solution to defend against all human-centric threats. Check out our web page on Prime Threat Protection to find out how Proofpoint helps you protect your organization.
