ERMProtect, a leading cybersecurity firm, launched new educational games that show employees how to work safely online so they minimize the risk of triggering an organizational data breach.
The new offerings expand the company’s expansive line up of animated chalkboard videos, digital games, cyber dictionaries, phishing tests and quizzes that train employees to recognize hacker lures, so they are less likely to compromise sensitive data.
- “Spot the Phish” shows employees emails, on-line advertisements, sign-in links and other common Internet content. Employees must decide if they are real or phony. They receive detailed feedback on why their answers are right or wrong. The games teach employees to spot fake government emails, malicious ad solicitations, business compromise emails and dozens of other common scams targeted at them every day.
- “Count the Phish” displays similar materials, each with multiple (up to 10) phishing lures hidden within each. Employees are challenged to spot and correctly count the number of phishing attacks. These challenges teach employees the many ways information assets can be compromised.
This content set is available as a free resource on the ERMProtect website and social media channels.
“The games give organizations yet another pathway to teach employees how to protect an organization’s sensitive information and comply with data laws and standards,” said ERMProtect President Silka Gonzalez. “The goal is to help companies address the human vulnerabilities impacting information security.”
Gonzalez noted that some of the world’s biggest brands have suffered historic data breaches because a single employee accidentally exposed an organization’s sensitive data. “Some of these organizations had the most sophisticated technical defenses in the world, yet they failed to address the human factor in cybersecurity by offering security awareness training,” Gonzalez said.
ERMProtect’s full content library of 100+ modules is available on the company’s intuitive, easy-to-use e-learning platform. The platform measures the level of security awareness training in an organization on Day 1, then tracks individual progress over time to ensure comprehension and demonstrate ROI.
The training, written by security experts in the field fighting known and emerging threats, is continuously updated. Modules typically last no more than five minutes, so users stay engaged and can get back to work quickly.
All content is available in English and Spanish. Clients with their own learning management systems can license the content. Sample course topics include new employee training, email security, password security, social media security, smartphone security, social engineering, ransomware, vishing, IoT, clean desk and insider threat. Topics also include regulatory compliance such as NIST, GLBA, HIPAA, PCI, PHI and GDPR.