Cyber Risk Aware

 © Copyright 2017 All Rights Reserved   | Mboneni Teledata
Services | Consulting Wireless Security Analysis | Troubleshooting • Design • Airmagnet Enterprise • Lan • Analysis • Penetration Testing • Survey Auditing Wired Audits • PCI / Iso 27001 • Palo Alto • Hippa Design • Defense • Vlans • Subnetting
Corporate Facts Founded in 2016 by Industry Experts Headquartered in Dublin, Ireland Backed by Enterprise Ireland Automated Security Awareness Training,  anti phishing platform with real time intervention awareness Active in UKI, US, Australia, South Africa Exceptional Customer feedback Cyber Risk Aware creates a human firewall 1000’s of Enterprise Staff protected globally Buzz www.infosecurity-magazine.com/opinions/ creating-human-firewall www.actuarialpost.co.uk/article/insurers-can-help- educate-smes-about-cyber-attack-risk-12847.htm Recent Awards 2017 Cyber Startup of the year ICTTF
• • • • • • • • •
Value Proposition CHANGING BEHAVIOUR Reduce phishing email click through rates and increase human cyber security awareness. REAL TIME INTERVENTION AWARENESS Reduce the cost of delivering security awareness training to all staff by only sending the right security message to the right user at the right time, in response to detected risky behaviour MEASURED EFFECTIVENESS Accurately track improvement in organisations cyber risk awareness RAPID DEPLOYMENT SAAS rapid deployment
Business Problem: Retail company in the U.K/Ireland breached by several phishing emails, lost €100K+ Competed against: Phishme, Wombat Solution: Standard Edition implemented – Phishing, Security Awareness training courses and videos, quizzes and reporting. Results: Implementation completed in half a day; No heavy lifting. Reduced actual incidents by 47% delivering a 10x ROI!
Sales Cheat Sheet
Qualification Questions What email platform are you using? (i.e. Outlook, Google, Other) Do you have a SOC team? Are you obligated by regulation to run Simulation & Training campaigns to increase awareness? (i.e. ISO, HIPAA, PCI, GDPR) Are you currently running periodical Awareness Campaigns? How many Email Users do you have? Have you ever been hit by a Phishing Attack? What gateway filters are you using? How do you orchestrate all your defense lines when you’re undergoing a phishing attack?
• • • • • • • •
Business Problems Solved Phishing attacks’ collateral damage on the organisation (i.e. Brand reputation, Wire Fraud, Data Breach, Loss of Productivity, Regulatory Fines etc.) Lack of staff awareness and accountability Ransomware Impact Fake CEO email “wire fraud” impact SOC teams’ overload Regulation & Compliance Securing Information and data
• • • • • • •
USE CASE #1
What’s in it for you? A Complete Security Circle: Fully layered: Technical and Human Layered Security Unified Solution & Reduced Costs: Unified Dashboard & Product integration spanning Awareness to Remediation Total connectivity: Active Directory (On-Prem & O365) Compliance Assistance: Help companies comply with ISO, HIPAA, PCI, GDPR, EU NIS etc. Low Maintenance & Quick Deployment – Reduce SOC workload and resources. Start running your first campaign in minutes (POC/Full solution) TRUSTED: Premier partners, Tier 1 Customers PROVEN: Field proven with successfully deployed customer implementations across all industries and around the world at companies such as CFC Underwriting, Smyths Toys, Applegreen, Redburn, Invesco, Angola LNG.
• • • • • • •
Security Awareness Training Courses 8 minute in duration courses Gamified Training for maximum retention Multi-Lingual Automatic Enrolment from a phishing test European English Locale Content American English Locale Content SCORM Compliant Security Awareness Training Videos Simulated Phishing Ease of Use Campaign Setup Anti-user Tip-Off "Burst Mode" User Reporting Add-On for Outlook and G-Suite Self Managed Platform Industry benchmark reporting Cyber Knowledge Assessment Quizzes Compliance Reporting MSSP Ready Unified Dashboard Single Sign-on (SAML, ADFS, 0365) Compromised Email Credential Report Compromised Email Credential Breach Notification Integrated Smishing Integrated USB Drop Real-Time Intervention Awareness Multiple Anti-Virus / Sandbox scan
BETA Test   BETA Test   BETA Test   BETA Test
Complicated Partially Complicated different products different dashboards
Simulation & Training - Cyber Risk Aware challenges your employees with a series of staged, realworld phishing attacks in  order to evaluate their individual level of awareness towards, malware, ransomware, social engineering, spear phishing, spoofing, smishing, USB drop and more. Our gamified, interactive method trains each employee individually to think and act as a “human firewall” and a virtual SOC response team member Phishhuk ™ - Staff Reporting of Phishing emails for manual act as a “human firewall” and a virtual SOC response team member. Q1’18 automatically analyse reported emails by AV and Sandbox defenses followed by an enterprise-wide remediation response. Easily installed email add-on Outlook and G-Suite, empowers employees to report suspicious emails with one-click on their toolbar in both Outlook and Gmail clients. Targetted Training - Cyber Knowledge Assessment quizzes ascertain your employee security awareness so you can decide who needs training rather than send to everyone and thus reduce the cost to the company. Q1’18 Real Time intervention awareness will deliver fully contexualised training to the right user at the right time based on SIEM risky behaviour alarms, further reducing the need for blanket training campaigns to all staff that needlessly impact staff productivity. Dark Web Breach notification - Compromised email credential reports produced monthly and in real-time if credentials are detected for sale on the dark web.
• • •
Product & Features Cyber Risk Aware PhishMe Wombat Knowbe4
Not straighforward Partially Complicated
Partially Partially outlook only
Complicated Badly supported
Partially
Partially
different products different dashboards
different products different dashboards
OBJECTION Why can’t I just use my Mimecast and run some open source simulation campaigns? RESPONSE Today’s commercially available email security solutions that only deal with signature based filtering such as Mimecast/ATP and others, they consistently fail in mitigating and remediating reported attacks in a timely manner. A recent Mimecast reported over 30% malicous emails still get through email filters. The templates provided are also very generic and easily spotted by staff. OBJECTION Why Cyber Risk Aware over Phishme, Wombat/ Knowbe4 or Phishing attack protection? RESPONSE Besides from being the most user friendly and cost-effective solution on the market, Cyber Risk Aware provides the mostcomplete security awareness platform on the market with cyber knowledge assessments, gamified training content that is localised and not just american in addition to providing enterprise risk and compliance reporting unlike the competition. (see “Capabilities” table at left). OBJECTION What is the benefit of using Cyber Risk Aware? RESPONSE Cyber Risk Aware complete and proven approach to mitigate phishing attacks and low levels of staff awareness allows our customers to reap dramatic results. Customer feedback indicates that Cyber Risk Aware delivers up to an 90% increase in Staff  Awareness levels and a dramatic reduction in actual security incidents that don’t cause expensive business interruptions, loss of productivity and reputation damage. The platform was built for the frictionless on-boarding of SME and Enterprise clients. OBJECTION I don’t have either time nor the resources to run a POC with you guys RESPONSE We need only 2 hours of your time to get it up and running. We’ll run the POC for you. OBJECTION What is the cost of using Cyber Risk Aware?” RESPONSE Pricing starts from as little as €20 per user per year and decreases the more users you add.
user reporting add-on for outlook and g-suite
Tel: +2712 386 9000 Fax +2786 589 1036 Cell: +2782 326 0405 Email: leon@mboneni.co.za 3-231 Rust Building Frikkie Meyer Street Pretoria Industrial