Attackers
relentlessly target organisations with spam, phishing, and advanced socially
engineered attacks, with 41% of IT professionals reporting phishing attacks
daily. End users are often an easy target and the weakest link in your cyber
defences.
“Phishing is big business. Attacks
have shown record growth in recent years, with 66% of malware delivered via
malicious email attachments, and advanced spear phishing attacks costing
businesses an average of $140 000 per incident. End users continue to be the easiest
target for attackers in most organisations, but an army of trained,
phishing-aware employees can provide you with a human firewall against these
threats. Sophos Phish Threat emulates a range of phishing attack types to help
you identify areas of weakness in your organisation’s security posture and
empower users through engaging training to strengthen your organisation’s
defences,” says Ross Anderson, Sophos Product Development Manager at Duxbury
Networking.
Sophos Phish Threat allows companies
to simulate hundreds of realistic and challenging phishing attacks in a just
few clicks. The global SophosLabs analysts monitor millions of emails, URLs,
files, and other data points each day for the latest threats. This constant
stream of intelligence ensures user training covers current phishing tactics,
with socially relevant attack simulation templates, covering multiple scenarios
from beginner to expert.
Understand your organisation’s
security health and demonstrate real return on investment with intuitive
dashboard results on demand. The Phish Threat dashboard provides at-a-glance
campaign results on user susceptibility, and allows you to measure overall risk
levels across your entire user group with live Awareness Factor data.
“Drill–down reports will give you
deeper insight into performance at an organisational, or individual user level.
The included Outlook add-in provides users with the ability to report simulated
attacks – allowing you to track true awareness at the inbox, providing new insight
into your organisation-wide security posture. Your organisation will gain
greater visibility into organisational awareness by reporting on user
behaviour, and employees will receive instant feedback when reporting phishing
simulations,” says Anderson.
Sophos Synchronised Security
Sophos Synchronised Security
connects Phish Threat with Sophos Email Protection to identify those who have
been warned or blocked from visiting a website due to its risk profile.
“You can then seamlessly enroll them
into targeted phishing simulations and training to improve awareness and cut
your risk of attack. Turn all employees into an active line of defence against
email phishing attacks with the Phish Threat Outlook add-in for Exchange and
O365. With one click, Phish Threat ensures employees report messages to the
correct destination and in the correct format – eliminating the need to
remember a specific email address,” says Anderson.
Over 60 interactive training modules
will educate users about specific threats, such as suspicious emails,
credential harvesting, password strength, and regulatory compliance. End users
will find them informative and engaging, while organisations enjoy peace of
mind when it comes to future real-world attacks.
“Sophos Phish Threat is conveniently
run through your web browser and manged via the Sophos Central Admin Portal,” says Anderson.