Corporate FactsFounded in 2016 by Industry ExpertsHeadquartered in Dublin, IrelandBacked by Enterprise IrelandAutomated Security Awareness Training,anti phishing platform with real time intervention awarenessActive in UKI, US, Australia, South AfricaExceptional Customer feedbackCyber Risk Aware creates a human ﬁrewall1000’s of Enterprise Staff protected globallyBuzzwww.infosecurity-magazine.com/opinions/ creating-human-ﬁrewallwww.actuarialpost.co.uk/article/insurers-can-help-educate-smes-about-cyber-attack-risk-12847.htmRecent Awards2017 Cyber Startup of the year ICTTF
Value PropositionCHANGING BEHAVIOURReduce phishing email click through rates and increase human cyber security awareness.REAL TIME INTERVENTION AWARENESS Reduce the cost of delivering security awarenesstraining to all staff by only sending the right security message to the right user at the right time,in response to detected risky behaviour MEASURED EFFECTIVENESSAccurately track improvement in organisations cyber risk awarenessRAPID DEPLOYMENT SAAS rapid deployment
Business Problem:Retail company in the U.K/Ireland breached by several phishing emails, lost €100K+Competed against:Phishme, WombatSolution:Standard Edition implemented – Phishing, Security Awareness training courses and videos, quizzes and reporting.Results:Implementation completed in half a day; No heavy lifting. Reduced actual incidents by 47% delivering a 10x ROI!
Sales Cheat Sheet
Qualiﬁcation QuestionsWhat email platform are you using? (i.e. Outlook, Google, Other)Do you have a SOC team?Are you obligated by regulation to run Simulation & Training campaigns to increase awareness? (i.e. ISO, HIPAA, PCI, GDPR)Are you currently running periodical Awareness Campaigns?How many Email Users do you have?Have you ever been hit by a Phishing Attack?What gateway ﬁlters are you using?How do you orchestrate all your defense lines when you’re undergoing a phishing attack?
Business Problems SolvedPhishing attacks’ collateral damage on the organisation (i.e. Brand reputation, Wire Fraud, Data Breach, Loss of Productivity, Regulatory Fines etc.)Lack of staff awareness and accountabilityRansomware ImpactFake CEO email “wire fraud” impactSOC teams’ overloadRegulation & ComplianceSecuring Information and data
USE CASE #1
What’s in it for you?A Complete Security Circle:Fully layered: Technical and Human Layered SecurityUniﬁed Solution & Reduced Costs: Uniﬁed Dashboard & Product integration spanning Awareness to RemediationTotal connectivity: Active Directory (On-Prem & O365)Compliance Assistance: Help companies comply with ISO, HIPAA, PCI, GDPR, EU NIS etc.Low Maintenance &Quick Deployment – Reduce SOC workload and resources. Start running your ﬁrst campaign in minutes (POC/Full solution)TRUSTED:Premier partners, Tier 1 CustomersPROVEN:Field proven with successfully deployed customer implementations across all industries and around the world at companies such as CFC Underwriting, Smyths Toys, Applegreen, Redburn, Invesco,Angola LNG.
Security Awareness Training Courses 8 minute in duration coursesGamiﬁed Training for maximum retention Multi-LingualAutomatic Enrolment from a phishing test European English Locale Content American English Locale Content SCORM CompliantSecurity Awareness Training Videos Simulated PhishingEase of Use Campaign Setup Anti-user Tip-Off"Burst Mode"User Reporting Add-On for Outlook and G-Suite Self Managed PlatformIndustry benchmark reportingCyber Knowledge Assessment Quizzes Compliance ReportingMSSP Ready Uniﬁed DashboardSingle Sign-on (SAML, ADFS, 0365) Compromised Email Credential ReportCompromised Email Credential Breach Notiﬁcation Integrated SmishingIntegrated USB DropReal-Time Intervention Awareness Multiple Anti-Virus / Sandbox scan
BETA TestBETA TestBETA TestBETA Test
Complicated PartiallyComplicateddifferent products different dashboards
•Simulation & Training - Cyber Risk Aware challenges your employees with a series of staged, realworld phishing attacks inorder to evaluate their individual level of awareness towards, malware, ransomware, social engineering, spear phishing, spooﬁng, smishing, USB drop and more. Our gamiﬁed, interactive method trains each employee individually to think and act as a “human ﬁrewall” and a virtual SOC response team memberPhishhuk ™ - Staff Reporting of Phishing emails for manual act as a “human ﬁrewall” and a virtual SOC response team member. Q1’18 automatically analyse reported emails by AV and Sandbox defenses followed by an enterprise-wide remediation response. Easily installed email add-on Outlook and G-Suite, empowers employees to report suspicious emails with one-click on their toolbar in both Outlook and Gmail clients.TargettedTraining- Cyber Knowledge Assessmentquizzesascertainyour employeesecurity awarenesssoyoucandecide who needs training rather than send to everyone and thus reduce the cost to the company. Q1’18 Real Time intervention awareness will deliver fully contexualised training to the right user at the right time based on SIEM risky behaviour alarms, further reducing the need for blanket training campaigns to all staff that needlessly impact staff productivity.Dark Web Breach notiﬁcation - Compromised email credential reports produced monthly and in real-time if credentials are detected for sale on the dark web.
OBJECTIONWhy can’t I just use my Mimecast and run some open source simulation campaigns?RESPONSEToday’s commercially available email security solutions that only deal with signature based ﬁltering such as Mimecast/ATP and others, they consistently fail in mitigating and remediating reported attacks in a timely manner. A recent Mimecast reported over 30% malicous emails still get through email ﬁlters. The templates provided are also very generic and easily spotted by staff.OBJECTIONWhy Cyber Risk Aware over Phishme, Wombat/ Knowbe4 or Phishing attack protection?RESPONSEBesides from being the most user friendly and cost-effective solution on the market, Cyber Risk Aware provides the mostcomplete security awareness platform on the market with cyber knowledge assessments, gamiﬁed training content that is localised and not just american in addition to providing enterprise risk and compliance reporting unlike the competition. (see “Capabilities” table at left).OBJECTIONWhat is the beneﬁt of using Cyber Risk Aware? RESPONSECyber Risk Aware complete and proven approach to mitigate phishing attacks and low levels of staff awareness allows our customers to reap dramatic results. Customer feedback indicates that Cyber Risk Aware delivers up to an 90% increase in StaffAwareness levels and a dramatic reduction in actual security incidents that don’t cause expensive business interruptions, lossof productivity and reputation damage. The platform was built for the frictionless on-boarding of SME and Enterprise clients.OBJECTIONI don’t have either time nor the resources to run a POC with you guys RESPONSEWe need only 2 hours of your time to get it up and running. We’ll run the POC for you.OBJECTIONWhat is the cost of using Cyber Risk Aware?” RESPONSEPricing starts from as little as €20 per user per year and decreases the more users you add.