The past three months brought fresh training content, new features and a brand new name to Infosec IQ. In this post, we summarize the biggest additions to Infosec IQ and how you can use them to educate your employees to beat the cybersecurity threats they face.
Fresh content to keep learners engaged
New training modules & translations
Several new training modules are live in Infosec IQ, covering new cybersecurity topics and regulation compliance. New training modules include:
- Incident Response
- Introduction to C-TPAT
- Managing Software Assets
- GDPR for Data Processors
- California Consumer Privacy Act
We continue to translate and localize both new and existing content to bring the most relevant training resources to your entire workforce, regardless of language or location. Over the last three months, we’ve added modules in Malay and Traditional Chinese and translated dozens of live-action videos into German, Dutch, Portuguese and Japanese. The Infosec IQ content library now includes training modules and live-action videos in 34 languages and hundreds of international phishing templates.
Measure cybersecurity retention with 70+ new assessments
Over 70 brief assessments were added to Infosec IQ this month, helping you measure learner retention on the cybersecurity topics that matter most to your organization. New assessments contain 10 questions or less and map to the most popular Infosec IQ training modules.
Assessment timer and randomization
Learner assessments now include answer randomization and an optional 30-second timer for each question to preserve assessment integrity, eliminate order bias and more accurately measure retention.
Prepare your employees with new phishing templates
14 new phishing templates were added to Infosec IQ over the last 3 months to help you prepare employees for the phishing attacks they are most likely to encounter.
New phishing templates include:
- American Express – Important Message
- HBO Now – Free Trial
- Office 365 – Suspicious Activity
- H&R Block – File Your Taxes
- Spotify – Reset Password
- Uber – Receipt
- Instagram – Account Suspended
- And more…
Marine Lowlifes Security Awareness Campaign Kit
Have you tried our new Marine Lowlifes campaign kit? It includes training modules, posters, infographics, email templates and a step-by-step communication plan to help you launch and manage your campaign.
New tip sheets to reinforce cybersecurity best practices offline
Six new security awareness tip sheets were added to Infosec IQ Program Resources in March, giving you more ways to keep security best practices top-of-mind at your organization. New tip sheets include:
- 10 Tips for Physical Security
- Security at Home
- Protecting Devices and Media
- 10 Ways to Recognize and Combat Social Engineering
- 10 Ways to Recognize and Prevent Insider Threats
- 10 Tips for Spotting SMishing and Vishing
New features to customize your program & measure success
Select training content by core security behaviors
In March, we mapped every Infosec IQ training module to one of nine core behaviors derived from the NIST security awareness and training guidelines. This allows you to measure your organization’s compliance score based on training completion rates for each core behavior. You can now filter the content library based on these nine core behaviors:
- Password Security
- Social Engineering
- Removable Media
- Physical Security
- Working Remotely
- Mobile Security
- Safe Web Browsing
Measure compliance and track susceptibility with performance dashboards
In March we also added Performance dashboards to give you an easier way to track training compliance and phishing susceptibility at the organization and department level.
The compliance widget measures training completion rates for nine core security behaviors mapped to the NIST security awareness and training guidelines. This allows you to monitor your organization’s overall compliance score and download reports for key stakeholders or auditors.
The new click rate widget displays your phish rate and simulated phishing attempts in the same report to correlate your organization’s phishing improvements with your simulated phishing program. You can also track your phish rate based on phishing attack type, including drive-by, attachment, business email compromise and data-entry attacks.
SCORM as a Service training modules, streamed from your LMS
SCORM packages are now available for download from the Infosec IQ content library, allowing you to upload and deliver Infosec IQ training from any LMS. Instead of uploading a static, traditional SCORM training file, you can now use Infosec IQ SCORM packages to stream content directly from the platform to track views and deliver the most up-to-date training modules available.
SCORM as a Service is available for over 90 Infosec IQ modules, with more SCORM-compliant modules added weekly. View all training modules available in SCORM format using the content library’s SCORM as a Service filter.
Authenticate learners using single sign-on (SSO)
Enable single sign-on (SSO) within AwareEd campaigns to authenticate learner identities before serving training modules. This helps you remain compliant by ensuring every user completes their own assigned training. Infosec IQ connects to any identity provider that supports the SAML 2.0 standard, including Azure Active Directory, Google Suite, OneLogin and more.
Apply PhishHunter™ tags based on shared email components
Apply a global tag to individual email components, such as a from address, to automatically group emails with the same component. Tags applied to email components group employee-reported emails already in quarantine and serve as rules to organize emails reported in the future. This identifies trends and large-scale attacks, helping you respond to threats faster.
PhishNotify™ for Outlook mobile
The PhishNotify email reporting plugin is now available for the Outlook mobile app. Download the newest version of PhishNotify for Outlook to enable email reporting on desktop, web or mobile.
Deliver PhishSim templates on the right day at the right time
You can now schedule the day of week and time of day to send phishing emails. Restrict phishing email delivery during the week, during business hours or allow for email delivery at any time on any day.