New training content and features are live in the Infosec IQ security awareness and anti-phishing platform, making it easier for you to prepare your employees to beat the cyber threats they face. In this post, we highlight the top additions from the past three months.
Jump ahead
New features
Train new hires automatically
Get new employees up to speed quickly and easily so they are prepared to defend themselves and your organization from your top threats as soon as they start. With our pre-built, new hire training campaign, you can enroll new employees in a training course the moment you add them to Infosec IQ. This allows you to automatically assign training, assess your new employee’s security aptitude and deliver your security policy within days of starting.
Upgrade your email threat detection & response with PhishHunter
Orchestrate your incident response
You can now create rules to automatically tag, assign a threat score score and trigger a notification for employee-reported emails based on the contents of the email header. Create a new rule from the PhishHunter Orchestration Center to leverage existing threat intelligence and improve your team’s threat response.
Respond to employee-reported emails
With PhishHunter notifications, you can now automatically send your employees a confirmation response when they report suspicious emails via PhishNotify that matches one of your Orchestration Center rules. This allows you to acknowledge your employees’ efforts and encourage them to continue reporting suspicious activity to your security team.
Along with all existing notification variables, the PhishHunter notification builder includes new variables such as {{message_subject}}, {{message_report_date}}, {{message_reporter}} and more. This allows you to personalize the notification and help your employees recall the email they reported.
Safely detonate & diagnose malicious attachments
PhishHunter now puts enterprise-grade malware analysis in your hands, allowing you to identify and document threats hidden in email attachments and share threat intelligence with your security teams.
With the click of a button, you can safely detonate potential malware attached in employee-reported emails in a sandbox environment to reveal the behavior and intent of the file. After detonation, PhishHunter provides a JSON summary of the file’s behavior, allowing you to classify malware threats or share with your security operations and response teams.
Improve every learner’s experience
Accessibility updates improve screen-reader experience
Updates to phishing education pages and custom branding make it easier for learners using screen-reader technology to interact with training.
Updates include:
- Page title added to phishing education pages
- Language attribute added to phishing education pages
- Your organization name is used as the alternative text everywhere your custom logo displays
Improved accessibility for LMS users
We also updated all SCORM as a Service training modules to add new functionality and improve accessibility for every learner.
SCORM as a Service module updates include:
- Improved keyboard navigation
- Display and closed caption options
- Module completion buttons
- Improved module completion tracking
Administrative enhancements
Send Infosec IQ emails via direct SMTP
You can now use your SMTP server to route AwareEd and PhishSim emails directly to your employees’ inboxes. Enabling direct SMTP sending gives you the option to bypass your security tools and appliances that sit in front of your mail server to prevent false click reporting and ensure the deliverability of training notifications and simulated phishing emails.
Campaign run API endpoint
A new API endpoint makes it easier to retrieve learner information from AwareEd campaigns. Use the Retrieve a campaign run endpoint to surface the details of all learners who have started, completed or are in the process of completing the campaign.
Disable automated emails
You can now disable your daily phish summary email sent to Infosec IQ administrators, which contains a summary of all phished learners from the previous day. By disabling your daily phish summary email, you can ensure your learners’ personally identifiable information (PII) is not delivered via email to retain GDPR compliance. If disabled, you retain the ability to retrieve phished learner information using reports within Infosec IQ.
Verify single sign-on on authentication requests
Infosec IQ now delivers a signed certificate in the SSO metadata when making SAML authentication requests to your identity provider (IdP) so you can validate each request.
Build notifications easier than ever
The AwareEd, PhishSim and PhishHunter notification pages now extend the full width of the page, giving you a larger workspace when building, editing and previewing notification emails.
New training content
Ride West for Cybersecurity Awareness Month
Want to take your employees on an unforgettable adventure this Cybersecurity Awareness Month? Download the Wild Wild Net Campaign Kit for everything you need to launch an awareness campaign that will keep your employees engaged all October.
What’s included:
- 1 teaser trailer
- 5 posters
- 4 infographics
- 5 articles
- 5 email templates
- 1 screensaver
- 1 stakeholder presentation
Power Up with Need to Know
Your favorite characters from the Need to Know training series are back, with new lessons diving deeper into the most common cybersecurity situations your employees face. The first 12 episodes of Power Up are live, including:
- Need to Know: Two Factor Authentication
- Need to Know: Email Security
- Need to Know: Business Email Compromise
- Need to Know: Proper Disposal
- Need to Know: Unauthorized Cloud Services
PCI DSS training series
Teach employees the fundamentals of protecting cardholder data and stay compliant with our new PCI DSS training series. Eight new PCI DSS training modules are live in Infosec IQ, including:
- PCI DSS Protecting Cardholder Data
- PCI DSS: Physical Security
- PCI DSS: Protecting Networks and Systems
Keep employees prepared with new phishing templates
Dozens of new phishing templates were added to Infosec IQ over the last 3 months to help you prepare employees for the attacks they are most likely to encounter.
New phishing templates include:
- Human Resources – Workstation Policy
- Instagram – Copyright infringement
- Apple – Scam Refund
- Office 365 – New Policy
- Slack – Workspace
- Canon – Data Breach
- Payroll Updates
- Zoom – Voicemail
- Blocked Email Notification
- USPS – Found Parcel
- Dropbox – IE 11
- And more
Log in to Infosec IQ or start your free account to see them all.
Use the latest monthly newsletters
Have you taken advantage of our new, monthly newsletters? Download the ready-to-email pdf version or use the editable version to customize the content.
Including:
- July: The Psychology of Malware
- August: Creating the Best Password
- September: Outsmarting Smarter Attacks
Although we release a new newsletter every month, each newsletter can be used interchangeably throughout the year.
Need to Know translations
All 11 training modules in the original Need to Know training series are now available in 24 languages, allowing you to deliver the comprehensive, 12-month Need to Know training program globally. Search Need to Know in the Content Library to see the full language coverage.
Features & content coming next
Want a sneak peek at the features and training content coming to Infosec IQ in Q4 2020? Watch our What’s New in Infosec IQ webinar for a first-hand look at everything new.