At Cyber Risk Aware (CRA) we do not only enable you build a human firewall that functions as a last and critical line of defense on cyber-attacks, we also ensure that you and your organisation are able to thoroughly meet your legal and regulatory compliance. We do this through our industry-leading and most user-friendly integrated Security Awareness platform which we are constantly improving to best suit your ever-evolving needs.
We have been busy delivering on the additional capabilities that we believe would enable you extract more value from the CRA platform, as well as some other updates that some of you outrightly asked for.
In this post we will look at:
- - Uploading your own content and using the CRA platform to deliver other internal training programs.
- - Realtime Intervention with both security awareness, compliance training and general company policies.
- - Expansion of our Realtime Intervention messaging capabilities.
- - The SMiSHing Simulator - because cyber criminals are now leveraging mobile phones.
- - Tracking staff acknowledgement and acceptance of company policy
Upload Your Own Content
We have added an auto-upload feature to the platform where you can upload your own presentations, courses, videos and policy documents. This greatly enhances the return on investment that you are getting from the platform as it extends the number of use cases for the CRA platform.
We spoke to a number of our customers and many were facing a similar problem. Often times, different departments within an organization were tasked with delivering training, testing and compliance reporting. Each department had to find their own solution, but this resulted in a number of problems:
- - Extra cost of installing multiple training platforms.
- - Inconsistent results with some systems being less effective than others.
- - Reduction in productivity because internal teams first have to learn how to use multiple systems to deliver training and employee's having to access different sources of training.
- - Besides, many training systems don't provide follow up assessments. Or the ability to track and report on training compliance and the effectiveness of completed training.
So, we got to work! Based on these feedback and requirements, we extended the capabilities of the CRA platform to enable you include and deliver all of your internal policy and training materials. Now you have one platform (Cyber Risk Aware) for both your security awareness training and all of your other training needs. The CRA platform no longer serves just the IT/security team, now other departments (HR and Compliance) can get on board and leverage the capabilities of the platform in administering their policy training and meeting their compliance needs. Brilliant right?
New Realtime Intervention Capabilities
We have expanded our ground breaking Real-Time Training Capability of delivering security and compliance training content in real-time to staff. Staff can now get policy reminders, explanations, hints and tips right at the point of engaging in risky cyber behaviour. This is to help you deliver contextualised content aimed at changing behavior at the point where such content would be most beneficial, impactful and appreciated.
These training interventions can also be sent to staff via SKYPE and not only through Email. In the near future, we plan to add SLACK, SMS and Teams as other modes of delivery.
To learn more about this CRA feature, check out the introductory Webinar we ran on this last year.
Realtime Intervention for Employees Daily Operational Activities
This feature combines the advantages of being able to upload own training content and the benefits of Real Time Intervention Capabilities. Your compliance team can add all of the organisation's key policies, process and procedure requirements to the CRA platform and initiate a real time intervention process.
You can remind employees of the various policies and procedures guiding their operational activities at the point when they are carrying out such tasks, as opposed to conducting a one-off training that might be forgotten over time or yet another 300-page manual full of procedures and “things to do" that they'd probably never read. This way your employees are able to understand the relevance of company procedures and policies and appreciate why compliance checks are important.
SMS Phishing “SMiShing” is one of the fastest growing methods of attack due to the increased time people are spending on their mobile phones. Because sometimes people tend to be more inclined to trust a text message than an email, SMiShing is particularly scary and steadily becoming a huge security problem. If criminals are moving to where your employee's spend time and are more vulnerable, so should your cyber security awareness programmes.
Our unique SMiShing Simulator allow companies raise awareness of the attacks that are being perpetrated against their people both in their work and personal lives. Only by running helpful real-world simulations can staff fully appreciate what they are facing and know how to detect an attack before it happens.
Policy Tracking & Realtime Reminders
You can now send policies to staff pre or post training and track their acceptance - that they have read and will comply with the policy. This is incredibly useful when you make policy changes mid-year and want to let staff know they have been changed. This is also potentially beneficial for the the savvy manager who might want to reward those who are compliant and guide stragglers towards the desired behavior.
This feature when combined with our Real Time Intervention capability can enable you show snippets of company policies to employees when they take certain actions - either a security risk action or an operational action related to their day to day job tasks.