The security awareness training company, the InfoSec Institute, has launched a new phishing defense tool called PhishDefender, which the firm claims can reduce phishing susceptibility to 0%.
PhishDefender allows administrators to automatically set security controls based on real-time learner data, adjusting controls automatically based on the level of risk. PhishDefenser has been added to the firms SecurityIQ security awareness training platform, which can be used by all InfoSec Institute customers.
Employees that have not completed key training modules, or those that have performed poorly, will automatically have the highest security controls applied. All links sent via email will be disabled and other restrictions are placed on their accounts. When the user completes more training sessions and lowers their risk profile, security settings on their accounts will be eased.
Not only does this new phishing defense tool improve security for businesses, it gives users an instant reward for completing their training and performing well. When users make positive changes to their behavior, they will benefit from an easing of security controls.
The new phishing defense tool is just one of several features of the SecurityIQ platform that allows businesses to manage and avoid risks. SecurityIQ uses scorecarding to generate risk profiles for individual users, departments, or user groups which can help administrators of the training platform assess who poses the highest risk to their organization. SecurityIQ tracks 18 risk-related behaviors, which can guide administrators when setting training modules. These scores also feed into PhishDefender for automatic risk management.
The InfoSec Institute provides an extensive library of training materials and courses that can be used, as appropriate, by administrators to train the workforce on security. After training, phishing simulation exercises can be conducted to assess the effectiveness of the training courses. When employees fail phishing simulations, it is turned into a learning opportunity, with employees told where they have gone wrong and the phishing indicators that they should not have missed.
“Our SecurityIQ clients are proof that any organization can change end user behavior. We’ve seen clients’ phishing susceptibility drop from 29% to less than 1% in as little as a few months,” said InfoSec Institute President and Founder, Jack Koziol.