Tag: phish

Sophos trains for Phishes

imagesSecurity outfit Sophos has announced the expansion of its Sophos Phish Threat phishing attack simulator and training software to Europe and Asia which will be made available through its partners.

It has enhanced dashboards and new analytics to track organisational risk and employee performance and is alleged to simplify a key part of an organisations security strategy – employee awareness and training.  It can choose from hosting locations in Ireland, Germany or the US – organisations worldwide can now access multi-language, interactive security training from within the Sophos Central security management platform.

More than 41 percent of organisations see a phishing attack daily, and  employee training remains critical to maintaining efficient security.

Sophos Phish Threat automates the entire training process and provides visual analytics for identifying vulnerable employees. As the only security awareness training program from a leader in IT security, it can be managed alongside email, endpoint, and network security from one console for improved, risk management and incident response.

Senior vice president and general manager for the Sophos Messaging Security Group Bill Lucchini, said that human behaviour is a critical element of cybersecurity yet 62 percent of companies don’t train employees to recognise phishing attempts.

“SophosLabs sees malware on up to 77 percent of blocked mail. Creating a culture of security and data protection awareness has risen in priority with the greater risk of email born ransomware and the planned introduction of new legislation such as GDPR. Employees have to be responsible for the way they handle data and how to spot a phishing attack should be part of their training. Phish Threat builds greater employee awareness by creating suspicious emails using known techniques, successful spoofs, and contemporary examples. In fact, after just four Phish Threat simulation training emails, the average organisation reports a 31 percent reduction in employee susceptibility.”

Phish Threat enables IT managers to identify susceptible employees and manage relevant real-world phishing email simulations to deliver more efficient training sessions from within Sophos Central. Attack templates and training are available in nine languages and continuously updated based on Sophos’s global awareness of current threats. When errors are made, individuals are automatically given corrective training to learn from their mistakes. Phish Threat also provides the analytics and reporting metrics to allow tracking and measurement of overall business risk and security posture at an organisation or individual level. With benchmark data available on employee phishing susceptibility against global norms, training can be fully tailored, and data can be used to enhance security policy across Sophos Central to deliver a multi-layered security strategy against phishing and social engineering attacks.

Pricing and availability details have been passed to Sophos Partners.