A fully managed automated cybersecurity training service that is designed to prepare your employees against today’s sophisticated cyber-attacks. This ensures your employees understand the fundamental mechanism of spam, phishing, malware social engineering and etc. Thus, providing a wholesome cybersecurity training experience.
Delivered at the ease of their workstations
Monthly simulated phishing attacks
A highly interactive web-based training module
Short assessments to measure the level of absorption
Online training modules are bite-size (between 5 to 10 minutes) suitable for busy employees
In-depth reporting to measure the effectiveness of the program.
Why Security AwarenessNow!
Slide
Compliancy
Risk Management in Technology (RMiT) policy by Bank Negara Malaysia (BNM)
Under Section 13: Internal Awareness and Training, it specifies that:
ISO 27001/27002:2013 Requirements by International Organization for Standardization
Under Clause 7.2.2: Information Security Awareness, Education and Training, it specifies that:
‘All employees of the organization and where relevant, contractors should receive appropriate awareness education and training and regular updates in organizational policies and procedures, as relevant for their job function’.
Malware is any software intentionally designed to cause damage to a computer, server, client, or computer network. Malware does the damage after it is implanted or introduced in some way into a target’s computer – usually through an email and can take the form of executable code, scripts, active content, and etc
Social Engineering
Social engineering, in the context of information security, refers to psychological manipulation of people into performing actions or divulging confidential information.
Criminals use social engineering tactics because it is usually easier to exploit your natural inclination to trust than it is to discover ways to hack your software. For example, it is much easier to fool someone into giving you their password than it is for you to try hacking their password (unless the password is really weak).
Service Overview
Many financial institutions are still using the talk and chalk method (traditional method) to create awareness amongst their employees, that aren’t engaging enough to truly educate them.
Our Continuous Training approach informs users about best practices and teaches users how to employ these practices when they face security threats.
A continuous cycle of assessment, education, reinforcement, and measurement maximizes learning and lengthens retention. Thus providing the flexibility to:
Evolve your program over time
Identify areas of susceptibility
Deliver targeted training when and where it’s most needed.
Step 1
Assess
We start with the Assess stage by measuring the baseline of the current awareness level – via Knowledge Assessment (Quiz) and Simulated Phishing Attack.
Phishing
Lure targeted user to click on a link in an email
Credential Harvesting
Lure targeted user to enter credentials into a fake website Note: No paswords are collected
Attachment
Lure targeted user to open an attachment within an email
Step 2
Educate
Based on the data collected in the Assess stage, we will devise an online training program consisting of Interactive Online Training modules (which focus on practical exercises and games).
These 10- to 15-minute modules give users the opportunity to understand the types of risks they might encounter and recognize how their actions can have a positive impact on the safety and security of corporate and personal assets.
Online learning can be automatically assigned for those that fail Monthly Simulation and those users who don’t exhibit the desired level of proficiency for a Just-In-Time (JIT) training – immediate training for those that need it.
Monthly Simulation
This is done on a consistent basis which makes safety the top priority in your employees’ mind, ensuring they are always on the lookout for cyber threats while surfing the Internet or going through their emails.
Assessments
Short Quiz/Test after training helps ensure that your employees understand the basic mechanisms of the training modules and are always prepared.
Step 3
Reinforce
Our Security Awareness Materials — a library of images, posters, articles, and videos — help you emphasize best practices and positive behaviors within your workplace. By making these message more visible and more recognizable, you reinforce your training and help employees retain their knowledge.
Step 4
Measure
The methodology relies heavily on in-depth reporting, by providing stats and graphs for both training and phishing.
Phishing Simulation
Number of employees that opened dangerous attachment, clicked on a phishing link, read the training message completely and etc.
Online Learning Module
Number of employees who started the training, those that completed, those in progress.
Assessment
The scores by each staff, department or company as whole.
Slide
INTERNETNOW TEKNOLOGI SDN BHD (721490-V)
2F-18 & 19, Pusat Perdagangan IOI, Persiaran Puchong Jaya Selatan,
Bandar Puchong Jaya, 47100, Puchong, Selangor.
