SecurityIQ Release: Prove Security Training Success with Performance Dashboards

Performance dashboards are live, giving you an easier way to track training compliance and phishing susceptibility. The latest SecurityIQ release also includes a test campaign feature, randomized assessment answers, a physical security tipsheet and new training modules available via SCORM as a Service.

Measure Training Compliance Across 9 Core Behaviors

Use the new SecurityIQ dashboard widget to prove security awareness training compliance. The compliance widget measures training completion rates for nine core security behaviors mapped to the NIST security awareness and training guidelines. This allows you to monitor your organization’s overall compliance score and download reports for key stakeholders or auditors.

How It Works

1. All SecurityIQ training modules are now mapped to one of nine core security behaviors

2. Training for a core behavior is considered complete when an employee completes any training module mapped to that core behavior in the past 12 months

3. Your organization’s compliance score is generated based on your employees’ average completion percentage of all nine security behaviors

• For example, if you had 10 employees and eight completed at least one training for all nine core behaviors (100% completion) and two employees completed training for only four core behaviors (44%), your employees' average completion percentage (your organization’s compliance score) would equal 89%.

4. You can also observe completion rates and trends for each core behavior. If your compliance overview chart contains a large amount of red and orange completion indicators, investigate by individual core behaviors to identify gaps in training. You can also toggle to sample data to view a complete, 18-month sample.

Track Your Organization's Phishing Susceptibility

The new click rate widget displays your phish rate and simulated phishing attempts in the same report to correlate your organization’s phishing improvements with your simulated phishing program. You can also track your phish rate based on phishing attack type, including drive-by, attachment, business email compromise and data-entry attacks.

Additional Dashboard Changes

• A What’s New widget now details the latest SecurityIQ feature updates
• A new Subscription Settings widget outlines your subscription tier, next payment and learner seat usage
• A Community widget gives you access to TechExams, our community of thousands of other IT and security pros
• The Awareness Program Automation tool is now called Manage My Tasks and is available under the settings dropdown
• The Learner Grades, Campaigns, PhishSim and AwareEd widgets no longer reside on the Dashboard page, but this information is still accessible from their respective pages

Select Training Content by Core Behaviors

All SecurityIQ training modules are mapped to one of nine core behaviors derived from the NIST security awareness and training guidelines. This allows you to measure your organization’s compliance score based on training completion rates for each core behavior. You can now filter the SecurityIQ content library based on these nine core behaviors:

• Phishing
• Password Security
• Social Engineering
• Malware
• Removable Media
• Physical Security
• Working Remotely
• Mobile Security
• Safe Web Browsing

Build Test Campaigns to Preserve Data Integrity

You can now label any PhishSim or AwareEd campaign as a test campaign to exclude its data from aggregate reports. Test campaigns still produce campaign-level auto reports to verify results, but this data does not impact system reports at the account or learner level.

Assessment Answer Randomization

Enable answer randomization on any existing or custom assessment to eliminate order bias and more accurately measure understanding. Answer randomization is disabled by default for all existing assessments. Learners can now submit feedback on any question, allowing our team to monitor and maintain the quality of the question library.

SCORM as a Service Additions

Over 70 modules are now available via SCORM as a Service. New modules include:

• Ten modules in the OWASP training series and the OWASP Top Ten Overview
• Underprotected APIs
• Insufficient Attack Protection
• Intelligent Personal Assistant
• Insider Threats