Security Awareness Training

Solutions
Mimecast Solutions

Successful organizations rely on Mimecast's 3.0 Email Security approach and comprehensive cybersecurity, resilience and compliance platform to protect email, data, users and web.
Solutions
By Industry
By Company Size
Products
Cyber Resilience Platform

Get to know our comprehensive cyber security, resilience and compliance platform to protect your organization's email, data, users and web.
Products
Explore More
Partners
About our Partner Program

Keep your customers safe from evolving cyber threats by leveraging Mimecast’s proven email, web, awareness training, data protection and uptime assurance. Become the trusted advisor for your customers.
Overview
Keep your customers safe from evolving cyber security threats
Become a Partner
Resources
By Topic
- Security
- Archiving
- Continuity
- Migration
- Productivity
- Office 365
- GDPR
Explore More
- Visit Our Blog
- Mimecaster Central
Find resources to help bolster cyber resilience at your organization
Read now
Customer Success
Customer Success

We know that successful customers don’t just require great products but also training, education and flawless implementations. That’s why we’ve created the Legendary Customer Success program because we want our customers to be legends.
Overview
Tens of Thousands of Customers Rely on Mimecast Every Day
Hear More From Them
Company
Who We Are

Mimecast is a cybersecurity provider that helps thousands of organizations worldwide make email safer, restore trust and bolster cyber resilience. Mimecast helps organizations stand strong in the face of cyberattacks, human error and technical failure.
About Mimecast
Get to Know Us
The State of Email Security Report

Actionable steps to improve your organization’s email security and cyber resilience.

Get Report

BLOG

Security awareness training that actually works

Human error is responsible for more than 90% of security breaches. That means if your employees aren't ready to deal with a cyberattack, your organization isn't either. And while many companies have invested heavily in security awareness training, the results are often mixed or disappointing. Most awareness training programs are boring and time-consuming – busy employees resent the time it takes to learn things they think they already know or don't care about.

Mimecast Awareness Training is different – it's something employees actually look forward to and learn from. Engaging employees for just a few minutes each month with short, highly entertaining videos, Mimecast security awareness training helps you dramatically reduce risk by minimizing the employee mistakes that cause security breaches.

Components of Mimecast's security awareness training

Created by top leadership from the US military, law enforcement and intelligence committee, The Mimecast Awareness Training platform combines a highly effective methodology with predictive analytics to address your most pressing security vulnerabilities.

Mimecast cyber awareness training is based on learning science that suggests lasting, meaningful behavioral change requires learning that is engaging, persistent and nonintrusive. It can't be boring, and it can't be a one-off exercise that takes hours out of a busy day. That's why Mimecast web and email security training uses a series of highly entertaining videos, no more than 2 – 3 minutes in length, written and produced by some of the best talent in the entertainment industry. Every few weeks, employees spend five minutes viewing a video and answering a few questions to measure progress in their security awareness.

Employees don't just "like" our security awareness training sessions, they love them. It's an entertaining break in their day that also drives home essential cybersecurity principles on a continual basis. It's also targeted – employees who need more attention based on their test results and risk scoring can receive additional training as needed.

Components of Mimecast employee security awareness training include:

Videos - massively engaging, video-based training modules that take a best-practice, micro learning approach to security awareness training. Each video covers a security threat, what employees should do about it, what the consequences for the company and the personal impact could be if they make a mistake.
Real-world testing – employees answer a set of questions before training to establish a baseline and then answer those same questions every six months thereafter. Employees also answer questions after each training module to assess the impact on their security awareness. You can also test your employees' awareness of best practices around phishing and spear-phishing attacks by regularly sending test phishing emails.
Risk scoring – every employee receives a risk score based on testing and the position they hold within the company (some positions are more likely to be targeted).
Customer mediation – based on individual employee profiles, you can direct training resources to the employees who need it most to improve outcomes and reduce risk.

Topics covered by our security awareness training

Mimecast Awareness Training provides 12 to 15 modules of new information security awareness training content per year, ensuring that and users get fresh and persistent training throughout the year with updated learning about the continuously changing threat landscape.

Our program includes security awareness training on:

Passwords, to make sure employees use strong passwords rather than personal passwords.
Privacy, to show how to protect personal information of employees, customers, partners and your company.
Phishing training, to help employees recognize phishing attacks and to show what happens when they are careless about responding to phishing messages.
PCI, to help employees ensure PCI compliance by recognizing and avoiding social engineering attacks.
HIPAA, to help employees avoid carelessness and oversight that can lead to a catastrophic breach.
Ransomware, to show how easy it is to succumb to an attack and how disastrous ransomware can be to companies and individuals.
CEO/wire fraud, to show what CEO fraud and wire fraud look like and what it feels like to be the person who lost thousands of dollars for the company.
Data in motion, to show how vulnerable data is when it's in motion, and how to protect it.
Office hygiene, to cover best practices for securing paper, desks, screens and buildings.
GDPR, to outline the data privacy rights that all employees must know and practice.

Security awareness training results

We know employees love our security awareness training – they tell us all the time. And by testing employee awareness before and after training modules, we also know how effective our methodology is.

More Knowledge: Awareness Before and After Training
THE TOPIC	BEFORE	AFTER	GAIN
Phishing	33.0%	81.2%	246%
BYOD	28.1%	86.6%	308%
Social Media	37.7%	80.1%	212%
Passwords	12.5%	54.6%	437%
Inadvertent Disclosure	18.6%	78.4%	421%
Insider Threat	17.8%	62.6%	345%
Shadow IT	26.7%	53.9%	202%
Storage Devices	34.5%	88.2%	256%
Reporting Threats	17.8%	62.6%	345%
Tailgating	27.9%	67.2%	241%

FAQs on security awareness training

What is security awareness training?

Security awareness training educates employees about best practices for cybersecurity. An awareness training program will typically acquaint employees with the many threats they face as they send and receive email and surf the web each day. Training programs will also provide users with best practices for avoiding attacks and protecting the organization and themselves.

Why is security awareness training important?

Research shows that more than 90% of cyberattacks involve human error. An ill-advised action on the part of an employee may open the door to an attack, no matter how strong your defenses are. Security awareness training addresses these risks by familiarizing employees with the nature of cyberattacks and ways to identify and prevent them.

What are best practices for how to develop security awareness training?

Many security awareness training programs ignore basic best practices for education, delivering training in one-off sessions that overwhelm users with information, with content delivered in boring, fear-based messaging. Mimecast Awareness Training takes the opposite approach – we deliver short doses of awareness training on a monthly basis in an entertaining format that promotes user engagement and improves user retention of critical information.

Interested in learning more?

Schedule a Demo

Expert Insights

Resources you may be interested in:

Mimecast Solutions

Solutions

By Industry

By Company Size

Cyber Resilience Platform

Products

Explore More

About our Partner Program

Overview

By Topic

Explore More

Customer Success

Overview

Who We Are

About Mimecast

Get to Know Us

The State of Email Security Report