Infosec IQ security awareness and training aims to empower employees with the knowledge and skills to stay cybersecure at work and home. With over 2,000 awareness and training resources, Choose Your Own Adventure® Security Awareness Games and personalized learning experiences, the solution aims to present everything needed to prepare employees and strengthen the user's cybersecurity culture. The platform can be customized and personalized to match an organization’s…
N/A
KnowBe4 PhishER/PhishER Plus
Score 9.2 out of 10
N/A
PhishER is presented as a lightweight Security Orchestration, Automation and Response (SOAR) platform to orchestrate threat response and manage the high volume of potentially malicious email messages reported by users. And, with automatic prioritization of emails, PhishER helps InfoSec and Security Operations team cut through the inbox noise and respond to the most dangerous threats more quickly.
If the company is very small, the Infosec IQ solution might be a little overkill. However, for a medium to large company, I think Infosec IQ is a great tool for providing cybersecurity training, reporting, and assessment testing for all employees. Based on the information gathered during training, testing, etc., it allows the cybersecurity manager to focus on what employees need additional training or potential weak spots in the current training. This is important information to report to senior leadership. It also serves to meet cybersecurity awareness training that may be a compliance requirement for customer contracts, governmental standards, etc
PhishER comes with some good features, such as PhishML, PhishRIP, PhishFlip, etc. These features help us manage phishing email reporting incidents. From reporting emails via Phish Alert Button plug-in to collecting all reported emails in one place at the PhishER dashboard. Now, the PhishML comes into play, scanning all reported emails and tagging each as clean, spam, or threat. With the help of this machine learning-based algorithm, our investigation process becomes easier. Other features, such as PhishRip, help to search and quarantine phishing emails, and PhishFlip converts a real phishing campaign to a test phishing campaign.
Set it and forget it: Multiple recurring options for campaigns to run automatically.
Program assistance: The team at InfoSec creates content intended to meet annual training needs and produces how-to and promotional content to help guide resellers in packaging and deploying.
Integrates with O365 and can deploy a button to minimize false alarms from employees when they accurately identify training spam.
PhishRIP info tabs (i.e. if improperly check ripped emails are turned into tests. This has caused issues.) Info tabs or markers allow user to hover and get more information about what action a check box or slider provides.
because with infosec we are able to achieve our goals regarding training awarness, and we are really satisfied with frecuency they update their content, so our users never get bored with the courses and campaigns we run monthly, they also have a great support team, and we can also have role courses
When we first discovered that KnowBe4 released something like this, we saw a demo of it and were floored at what it could do and how it could help us from a security standpoint. Gone are the days of us in IT sending out a mass email saying please don't click on anything in the email from sender "X", and it allows us to quietly and easily ensure that people don't take any action on malicious emails.
They continue to work on the interface but there are still weird places where you have to hover to see options come up, weird navigation sometimes. Administering is not my favorite part of it. Need to increase their capability for uploading your own training.
I think that the system is well designed and makes it easy to fine phishing emails that have been reported. It also has a simple user interface that allows you to review and address threat emails also providing an automated component that allows for automated threat mitigation and customized feedback responses to users
We've gotten great help when we needed it. When our IT guy left who managed security, we had limited knowledge internally with all of the configuration and implementation. Support helped get us running quickly. They spent an hour or so with the new IT person and they hit the ground running. That was super easy.
When evaluating potential solutions for their effectiveness and return on investment (ROI), several factors stood out in our decision to choose Infosec IQ: Single Sign-On (SSO) Integration, excellent Support and Customer Service: and scalability/flexibility:
We evaluated the Titan options because we have already used their DNS filtering product. However, KnowBe4 came in with a better price per user and a significantly stronger product lineup, particularly with its security awareness training component.
InfoSec IQ has been a profitable addition to our security stack. After getting everything set up, the normal profit margin per customer is 65% - 75%.
Many cyber-security insurance policies require some form of mandatory employee security training, and some policy premiums can be reduced based on your organization's training statistics.
It has allowed us to have a common "cyber-security" language with our customer base, making support requests flow smoother and breaches addressed quicker. It also lets us establish and enforce a more security-aware workplace tone with our customers.
There has been a 700% increase in emails being reported now. Previously, staff were only reporting 4 emails a month. It is easier for us to promote the phish alert button, receive automated remediation and rapidly respond.
We had no reports on the amount of phishing emails were coming through Mimecast but now we have reports for the board of trustees.
Every Wednesday we talk about cyber security to all staff, PhishER allows us to point out the trend and what to look out for which raises awareness. Never before were we able to talk about cyber security like this.