Phishing remains an easy access route into organizations for today’s ransomware payloads and data breaches. With forty-one percent1 of organizations seeing an attack on a daily basis, employee training remains critical to maintaining effective security. Sophos Phish Threat automates the entire training process and provides visual analytics to identify vulnerable employees. As the only security awareness training program from a leader in IT security, it can be managed alongside email, endpoint, and network security from one console for improved risk management and incident response.
Sunil Sharma, Managing Director Sales at Sophos India & SAARC said “In 2017, 30 percent of Indian organizations reported email and web malware attacks as per a SophosLabs finding. With businesses challenged by the alarming increase in phishing and compliance threats, they are attempting to tackle the issue themselves by deploying next generation IT security solutions. These attempts mostly fail due to lack of employee awareness to spot a phishing email.”
Sunil further added, "Human behavior is a critical element of cybersecurity yet 62 percent of companies don’t train employees to recognize phishing attempts. SophosLabs sees malware on up to 77 percent of blocked mail. Creating a culture of security and data protection awareness has risen in priority with the greater risk of email born ransomware and the planned introduction of new legislation such as GDPR. Employees have to be responsible for the way they handle data and how to spot a phishing attack should be part of their training. Phish Threat builds greater employee awareness by creating suspicious emails using known techniques, successful spoofs, and contemporary examples. In fact, after just four Phish Threat simulation training emails, the average organization reports a 31 percent2 reduction in employee susceptibility.”
Phish Threat enables IT managers to identify susceptible employees and manage relevant real-world phishing email simulations to deliver more effective training sessions from within Sophos Central. Attack templates and training are available in nine languages and constantly updated based on Sophos’s global awareness of current threats. When errors are made, individuals are automatically given corrective training to learn from their mistakes. Phish Threat also provides the analytics and reporting metrics to allow tracking and measurement of overall business risk and security posture at an organization or individual level. With benchmark data available on employee phishing susceptibility against global norms, training can be fully tailored, and data can be used to enhance security policy across Sophos Central to deliver a multi-layered security strategy against phishing and social engineering attacks.