Information Security Awareness Training

    Address human error and prevent cyber risk through Mimecast's cybersecurity awareness training. Video-based training modules, benchmarks, and scoring.

    Are you doing information security awareness training right?

    Information security awareness training is designed to address an organization's weakest security link: human beings. Studies show that human error is involved in more than 90% of major data breaches. With the average breach costing more than $4 million to remediate, it makes sense that organizations of all sizes have invested heavily in cyber awareness training.

    The problem is, most awareness training programs simply don't work, for several key reasons:

    • They're long, dry and boring, making it hard for employees to pay attention.
    • They're delivered too infrequently, making it difficult to remember best practices.
    • They're punitive, leaving employees feeling targeted rather than supported.

    When employees aren't engaged – or worse, when they're resistant – they simply won't learn. That's why Mimecast has built an information security awareness training program that features the educator's secret weapon: humor.

    Are you doing information security awareness training right?

    Wrapping information security awareness training in humor

    Mimecast's cyber security training courses are different than anything you've ever seen. For starters, they're funny. Not groaner-pun, dad-joke funny, but genuinely hilarious. They're created by real comedy writers and entertainment industry pros and presented as mini sitcoms that employees actually look forward to watching.

    We chose funny over boring because – surprise, surprise – funny works better. People pay attention, they get invested and, in the process, they learn. Any educator can tell you: humor works with students of all ages, driving long-term memory retention and higher learning results.

    Another radical difference in Mimecast information security awareness training: short training modules. Each session covers a single topic and is no more than five minutes long, enabling employees to easily absorb critical security best practices. And rather than making employees sit through hours of training at a time, we deliver short doses every month to keep learning fresh and security top of mind. Busy employees can complete their monthly training in just a few minutes, making it a welcome break rather than a dreaded hours-long event.

    Wrapping information security awareness training in humor

    How Mimecast Awareness Training works

    In addition to massively entertaining, video-based training modules, Mimecast employee security awareness training includes:

    • Phishing testing capabilities. Mimecast's easy-to-use phishing training tests and tutorials are fully integrated into the Mimecast Awareness Training platform. These template-based tests use real-life examples – everything from phony promotions and package tracking to password resets and fake news – to test your employees' awareness of phishing techniques and their handling of phishing emails.
    • Sentiment and progress testing. We test the sentiment or attitudes of each employee prior to the start of any testing, and retest the same metrics every six months. We also test immediately after each training module to measure progress in the employees understanding of best practices.
    • Predictive risk scoring. Rather than treating all of your employees the same, Mimecast understands that some employees are much greater risks than others. We assign personalized cyber risk scores to every individual based on testing data, participation in or avoidance of testing, and anonymized data from multiple industries, clients and the Mimecast grid.
    • Customizable, targeted training. Knowing every employee's risk score allows you to target training resources to the people who need it most. That may mean requiring additional training for some or one-on-one coaching for others. And when a higher risk score persists, you may adjust system permissions to better protect your organization.
    How Mimecast Awareness Training works

    What makes Mimecast's Awareness Training better?

    Mimecast information security awareness training offers distinct advantages over other approaches.

    • Ease-of-use. From scheduling training to launching phishing tests, administrators can easily manage all aspects of Mimecast's web and email security training from a single console.
    • Online modules. Mimecast information security awareness training modules are all available online and in several languages, making it easy to deploy training to workers anywhere in the world with just a few clicks.
    • Expert insights. The content for our training courses was developed by senior leadership from law enforcement, the military and the intelligence community – individuals who have deep knowledge and expertise about the evolving threats to cybersecurity and how to stop them.
    • Integrated. Mimecast Awareness Training is fully integrated with other Mimecast solutions for email security, web security and enterprise information archiving to provide a comprehensive cloud-based solution for addressing cybersecurity and resilience.
    • Results. Ultimately, information security awareness training only works when it creates actual change in behavior and awareness. With Mimecast, you can dramatically increase your employees understanding of basic security issues and how to respond by as much as 400%.
    More Knowledge: Awareness Before and After Training
    Phishing 33.0% 81.2% 246%
    BYOD 28.1% 86.6% 308%
    Social Media 37.7% 80.1% 212%
    Passwords 12.5% 54.6% 437%
    Inadvertent Disclosure 18.6% 78.4% 421%
    Insider Threat 17.8% 62.6% 345%
    Shadow IT 26.7% 53.9% 202%
    Storage Devices 34.5% 88.2% 256%
    Reporting Threats 17.8% 62.6% 345%
    Tailgating 27.9% 67.2% 241%

    What makes Mimecast's Awareness Training better?

    FAQs: what is information security awareness training?

    What is the goal of information security awareness?

    The purpose of information security awareness is to encourage employees to better understand the many cyber threats that jeopardize their organization's security and how their actions can promote security.

    What is information security awareness training?

    Information security awareness training provides information on the many threats that employees may encounter in the workplace and the actions they may take that either mitigate threats or enable them to do damage. Security awareness training typically shows employees what threats look like, how they work, and how to best avoid or stop them.

    Why do we need information security awareness training?

    Human error is a significant part of threats to organizational security, contributing to more than 90% of major data breaches. Information security awareness training can help to reduce the chance that an employee will take an action or make a mistake that causes a breach.

    Does Mimecast cover Office 365 security and compliance training?

    Mimecast Awareness Training covers many aspects of security that are important to Office 365 users, including the danger of phishing emails, ransomware and CEO fraud, as well as compliance issues for HIPAA, PCI and GDPR.

    FAQs: what is information security awareness training?

    Interested in learning more?

    Schedule a Demo

    Expert Insights

    Resources you may be interested in: