Training & Awareness

More than ever, your users are the weak link in your network security. They need to be trained by an expert, and after the training stay on their toes, keeping security top of mind.

mortarboard1

Train your employees

On-demand, interactive, engaging training with common traps, live demos and scenario-based Danger Zone exercises.
laptop2

Phish Your Users

Fully automated simulated phishing attacks, hundreds of templates with unlimited usage, and community phishing templates.
diagram3

See The Results

Enterprise-strength reporting, showing stats and graphs for both training and phishing, ready for management. Show the great ROI!

Untargeted Attacks

In un-targeted attacks, attackers indiscriminately target as many devices, services or users as possible. They do not care about who the victim is as there will be a number of machines or services with vulnerabilities. To do this, they use techniques that take advantage of the openness of the Internet, which include:

  • phishing – sending emails to large numbers of people asking for sensitive information (such as bank details) or encouraging them to visit a fake website
  • water holing – setting up a fake website or compromising a legitimate one in order to exploit visiting users
  • ransomware – which could include disseminating disk encrypting extortion malware
  • scanning – attacking wide swathes of the Internet at random

Targeted cyber attacks

In a targeted attack, your organisation is singled out because the attacker has a specific interest in your business, or has been paid to target you. The groundwork for the attack could take months so that they can find the best route to deliver their exploit directly to your systems (or users). A targeted attack is often more damaging than an un-targeted one because it has been specifically tailored to attack your systems, processes or personnel, in the office and sometimes at home. Targeted attacks may include:

  • spear-phishing – sending emails to targeted individuals that could contain an attachment with malicious software, or a link that downloads malicious software
  • deploying a botnet – to deliver a DDOS (Distributed Denial of Service) attack
  • subverting the supply chain – to attack equipment or software being delivered to the organisation
97%

of malware is installed through tricking<br /> users through social engineering

Training

Get new-school web-based training that addresses the needs of any size organization.

The training will focus on making sure employees understand the mechanisms of spam, phishing, spear-phishing, malware and social engineering; and are able to apply this knowledge in their day-to-day job. Candidates get high quality web-based interactive training combined with common traps, live demonstration videos, short comprehension tests and scenario-based Danger Zone exercises.

91%

of successful data breaches are started<br /> with a spear-phishing attack

Phishing

TES can schedule regular Phishing Security Tests (PST for short) from a large library of more than 300 “known-to-work” templates.

In the event that an employee falls for one of these simulated phishing attacks, you have several options for correction, including instant remedial online training. TES can schedule one-shot, weekly, bi-weekly or monthly simulated phishing attacks and immediately see which employees fall for these social engineering attacks.

8%

of companies use a human firewall<br /> approach to phish test & train users

Reporting

TES will provide you with comprehensive user data and provide you with enterprise-strength reporting. You will be provided with the insight you need to maximize training ROI and track security compliance.