Executive Summary
- Phished is a cybersecurity platform built around the idea that true cyber-resilience starts with human behaviour in addition to the technical considerations.
- By combining phishing and smishing simulations with threat alerts, active reporting, and training sessions, Phished represents a holistic approach to cybersecurity training which delivers better results.
- Get Support is now a proud partner of Phished and we can help our customers get onboarded with the platform to start improving their cybersecurity right away.
Introduction
What do you think is the biggest cybersecurity risk to your organisation?
Could it be out-of-date software? Maybe human error? A lack of cybersecurity training for your teams? Or perhaps no active communication about potential cybersecurity issues?
The truth is that it’s probably all of these things—and that probably raises a question: how do you improve cybersecurity awareness on all fronts at once?
To answer this, we’d like to introduce a new cybersecurity training platform called Phished. It’s a new approach to improving your team’s cybersecurity awareness training, and it achieves its goals in a rather unique way.
What is the Phished training platform?
Founded in 2018, Phished might be a young company, but it’s got a lot done in a short time.
The brainchild of cybersecurity expert and company CEO Arnout Van de Meulebroucke, the company has operations in Belgium and the UK, and they’re guided by a single goal: to create what they call The Human Firewall.
The idea stems from the belief that it’s people who are the biggest risk to cybersecurity, and that even the best security system in the world can be defeated by one weak password or a little social engineering.
The solution the team has built is Phished, a training platform which provides a fresh take on cybersecurity training—one that doesn’t just have people sit in front of training videos for a few hours.
Instead, the strategy is much more of an ongoing process, assigning a “Behavioural Risk Score” to the organisation based on employee and company behavioural trends. This gives you at-a-glance information about how well protected your company is, and it helps identify where you might want to focus your defensive efforts.
The holistic approach: How Phished does cybersecurity training differently?
One of the biggest factors which sets Phished apart from other solutions—and one of the reasons we chose to partner with them— is the platform’s holistic approach to cybersecurity.
But what does “holistic” really mean in this context?
Well, as opposed to traditional programs, which might focus on just in-person or digital training, or perhaps carry out just one or two cyberattack simulations, Phished looks at things in the whole with an automated solution.
The platform achieves this with four different elements:
#1: Phishing and smishing simulations
Phishing and smishing are two of the most common forms of cyberattack, but they’re not easy to spot.
With simulations, organisations can safely train (or test) their employees on how they’d react in these situations. Historically, though, these simulations are manually managed and analysed. With Phished, that’s changed.
The phishing and smishing simulations launched via the Phished platform are all handled using AI-powered automation, meaning employees can develop the skills to spot real-life threats anytime, anywhere. The Phished AI is built to simulate a real cyberattack down to the smallest detail, including the timings of the apparent attack. You can also choose the type of attack based on real-world events and recent cyberattacks to improve authenticity.
The more real these simulations feel, the better results you’ll get once the truth is revealed.
#2: Active reporting
When real or suspected threats do hit your employees’ inboxes, the Phished platform gives a quick and easy one-click method to report phishing emails.
The great thing about the active reporting system is that your employees will receive immediate feedback about whether or not the emails were authentic or not—further increasing their understanding of active threats and improving future risk identification.
The active reporting system also gradually trains your employees to recognise and report threats when they see or suspect them. This is best practice in terms of cybersecurity training because it’s much worse to ignore a true threat than to report a benign one.
#3: Training sessions and checkpoints
Training and education is a fundamental aspect of the Phished platform, but it’s not delivered in long videos or info-dumps which can be easily forgotten.
Instead, Phished uses an interwoven “microlearning” approach which slowly introduces cybersecurity concepts to employees, then uses a checkpoint system to test out what they’ve learned at regular intervals.
The system also leverages gamification, meaning employees will earn digital rewards as they progress through their learning to help motivate them to keep upskilling their cybersecurity awareness.
#4: Threat intelligence
Real-time monitoring and alerts are a cornerstone of any cybersecurity resilience system, and Phished is no exception.
With real-time threat intelligence, your team will be alerted to any active threats which are aimed at them personally or at the organisation. They’ll also be notified if your company’s threat level is raised at any time, as well as being kept aware of any large-scale global threats which could potentially impact the organisation.
How to get started with Phished and Get Support
If, like us, you’ve been impressed by the fresh approach to cybersecurity that Phished offers organisations like yours, we’d love to give you an introduction to the platform.
We’ve now partnered with Phished and are able to get you and your team onboarded quickly and securely to help boost your cybersecurity (and your Behavioural Risk Score) right away.
To learn more or to ask about trying out the Phished platform, contact your account manager or call us on 01865 594 000.