Gartner released a comprehensive review of security awareness training in their recent report, "Market Guide for Security Awareness Computer Based Training." In this guide, Gartner provides their key findings and recommendations that organizations should use to evaluate security awareness solutions.
After being named a Leader for 6 consecutive years in the Gartner Magic Quadrant for Security Awareness Computer Based Training, we are excited and believe that Proofpoint Security Awareness Training is still a leading solution in the market:
- We fully support the overall conclusions for enterprise security awareness
- We fully support the guidance provided for security and risk management leaders
- We fully support the use cases that are defined for organizations
Coupled with our market leading people-centric security solutions, Proofpoint provides the ultimate solution for organizations to reduce the risk of breach and data loss by protecting the organization's number 1 threat vector; people.
In part one of this blog series, we reviewed how Proofpoint Security Awareness Training addresses all the key findings as defined by Gartner.
In part 2 of this blog series, we will evaluate how Proofpoint Security Awareness Training addresses all of the points raised in the Gartner Market Guide for Security Awareness Computer Based Training for recommendations and use cases.
We believe we support all Recommendations
#1: "Build security awareness programs around platforms that offer diverse, contextually appropriate content and innovative delivery capabilities that measure success through meaningful metrics."
Proofpoint Security Awareness Training utilizes learning science principles to engage the learner and change behavior, focusing on diversity, variety, and consumability:
- Our training is delivered in small, interactive, consumable lessons that teach security awareness through a story that spurs user interest and holds attention
- With extensive content variety, diversity, and formats, outcomes can be reinforced and repeated in various ways
- We provide the tools to have the learner apply their knowledge to solve a problem
- Proofpoint provides various content in forty languages
- We provide extensive reinforcement content with campaigns and assessments
#2: "Utilize additional information security metrics beyond phishing testing "click rates" to determine program success, such as incident response metrics, employee monitoring reports, unsanctioned application usage, and sensitive data metrics."
Proofpoint believes phishing tests are an important but not exclusive component of measuring user behavior change. Other initiatives include:
- Training modules with testing that provides immediate feedback
- User assessments to help gauge user readiness
- Automated phish reporting and remediation highlight user recognition and response to phishing attacks
#3: "Involve and actively solicit groups and individuals outside of IT and information security to help ensure widespread support and approval for your security awareness program."
Security awareness training is the foundation for people-centric security. We help our customers keep security awareness highly visible in their organization, focusing on business outcomes:
- Program materials, newsletter guidance, monthly customer-base briefings, monthly attack spotlights, and feedback briefings
- Track efficiencies for helpdesk and incident response via our automated phish reporting and remediation
- Fun and entertaining videos, posters, games, and contests that encourage continuous visibility and reinforcement of safe and responsible computing
- Customization to support localized programs and content to meet the operating challenges of complex regional and global operations
#4: "Evaluate security awareness training as a managed service if there is a gap in security awareness expertise on staff, or if other budgetary, financial or program-driven constraints exist."
Managed Services for Proofpoint Security Awareness Training offloads the challenge of designing, running, and reporting on a security awareness training program, enabling you to focus on your primary responsibilities.
We believe we support all Representative Vendors (Use Cases) as follows :
#1: Security Awareness Program Platform
Proofpoint provides a highly scalable, cloud-based subscription solution for a complete enterprise platform for security awareness covering both security and privacy compliance.
#2: Security Awareness Content and Delivery
Proofpoint provides the optimal content to drive behavior change with foundational learning science principles, content diversity, variety, consumability, and selected localizations in 40 languages.
#3: Phishing Simulation Testing and Remediation/Response Platforms
With PhishAlarm analyzer, backed by Proofpoint threat intelligence, and our innovative CLEAR, TAP, and TRAP solutions, no other solution provides the automation and accuracy of phish reporting and remediation.
#4: Security Awareness Training as a Managed Service
Proofpoint's managed services provide services that scale from SMB to global enterprises.
Summary
The Gartner Market Guide for Security Awareness Computer Based Training provides organizations excellent guidance on the key issues for training users on safe computing. With effective security awareness programs, organizations can mitigate people-centric threats.
Proofpoint's Security Awareness Training is empowering thousands of organizations to counter the perpetually evolving tactics of malicious hackers. Helping companies meet their security awareness goals, drive behavior change, support regulatory compliance, enhance employee knowledge, and reinforce behavioral expectations.
Wombat Security Technologies as a Leader in Magic Quadrant for Security Awareness Computer-Based Training Vendors 2014
Wombat Security Technologies as a Leader in Magic Quadrant for Security Awareness Computer-Based Training 2015 – 2017
Proofpoint (Wombat Security) as a Leader in Magic Quadrant for Security Awareness Computer-Based Training 2018
Proofpoint as a Leader in Magic Quadrant for Security Awareness Computer-Based Training 2019
Disclaimer: Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.