Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

10 companies that can help you fight phishing

Maria Korolov | May 6, 2016
According to the most recent Verizon data breach report, a phishing email is often the first phase of an attack.

In addition, there are training modules on social engineering, malware, physical security, and using public WiFi networks, among other general security topics.

This is different from Symantec's own training program, which is focused on helping enterprise security professionals install and maintain Symantec products.

PhishLine

Taking anti-phishing testing one step further, PhishLine targets a broader set of social engineering attacks, including text messages, phone calls and even "accidentally dropped" USB sticks.

Earlier this year, PhishLine launched a marketplace for third-party computer-based training materials, including hundreds of phishing templates, customized landing pages, risk assessment surveys and multi-lingual security training content.

In addition to training and simulations, the company also offers measurement tools that allow companies to track the success of their programs. One measurement, for example, which can be used for gamification, is risk-based scoring. Enterprises can set up custom dashboards where training scores can be compared by individual employees, departments or other groups, or to internal or external benchmarks.

InfoSec Institute

This company is best known for their in-person enterprise security training, boot camps, and certification programs.

But they also offer interactive online training modules for security awareness. Their SecurityIQ product combines computer-based security awareness training and a phishing simulator in one cloud-based service. Companies can set up automated campaigns to send phishing tests to employees over time, or to enroll and remind learners to take their security awareness training.

Although it's possible to build an anti-phishing training and testing program internally, vendors such as InfoSec Institute and the others listed above offer some significant advantages to the enterprise.

"Oftentimes, organizations aren’t equipped to provide great education, internally," said Mike Spanbauer, vice president of security test and advisory at NSS Labs.

Vendors who focus specifically on phishing are aware of new trends in phishing emails and can incorporate the tactics into their training programs and anti-phishing simulation templates quickly.

 

Previous Page  1  2  3  4 

Sign up for Computerworld eNewsletters.