An In-Depth Look At Webroot Security Awareness Training
We take an independent look at the key features and benefits of Webroot Security Awareness Training.
Expert Insights / May 09, 2019By Joel Witts
In August 2017, Webroot
announced that it acquired Security Awareness Training vendor SecureCast, and
was launching Webroot Security Awareness Training (WSAT). The solution is geared towards managed service providers (MSPs) serving
small-to-medium sized businesses, and its goal is to help businesses reduce
security risks via relevant and ongoing user training and phishing simulations.
In this article, Expert Insights will take an in-depth look at the features offered by Webroot Security Awareness Training. This article is based off Expert Insights’ conversations with Dan Fox, Senior Product Manager for WSAT, an in-person demo of WSAT we were given at The RSA Conference 2019 and product information supplied to us by Webroot.
Expert Insights is fully independent of Webroot. This is not sponsored content.
Webroot Security Awareness Training provides businesses with a way to educate and train employees to be more cybersecurity aware. This helps to reduce risk of employee errors, such as falling for scams or phishing emails, and helps to prevent security breaches and financial losses. The solution allows organizations to set up customizable phishing simulations to test employees, and tailored training campaigns depending on department.
The platform is a natural fit for existing Webroot customers, as it seamlessly integrates with their existing SMB and MSP platforms. Also, it’s a fully cloud-based solution, which means it’s lightweight, easy to deploy and easy to manage.
Ease of Use and Management
One of the most important measures of a good Security Awareness Training solution is how easy it is to use and operate. The WSAT platform provides a useful 5-step set up wizard that allows admins to create simulations and campaigns quickly and easily. It lets you create simulation campaigns, choose desired recipients to test, create email templates and then choose the accompanying training module.
The WSAT platform includes an integrated Learning Management System (LMS) with ready to send training courseware , which makes deploying to multiple clients at a time easier. From here you can set up campaigns, view reports on how well employees are progressing and set up phishing simulations. If you use Webroot Business Endpoint Protection or Webroot DNS protection, you can manage Security Awareness Training through your existing admin console.
Quality of Training
Webroot created interactive and accessible training materials, which is extremely important for a strong Security Awareness Training solution. They can be scheduled to be delivered to users regularly or can be sent manually as needed. The training materials can also be accessed via browsers on desktop, or mobile.
The courses themselves are a mixture of animations, videos and interactive quizzes that typically last around 10 minutes. This concept is called “micro-learning” and aims to provide relevant, targeted and tailored trainings with the overall goal of memory retention and behavior change. The courses cover topics like ‘Understanding Phishing,’ ‘How to Avoid Phishers, Hackers and Social Engineers,’ and ‘Compliance.’
Webroot Security Awareness Training offers a frequently updated library of templates for training and phishing simulations, so organizations can be sure they test users on the latest and most relevant threats. These emails appear as realistic as possible to employees, to help provide a clear picture of the risk user errors can have on security. This then allows the admin to tailor training content to the topics users need more education around.
Though the Webroot Security Awareness Training Reporting Centre, admins can receive campaign statistics and generate per-user actions based on reports. This allows admins to measure ROI and see how the organization as a whole is improving on security awareness and behavior. The LMS also keeps track of user participation, to make sure that the education is measurable and that everyone within the organization gets the training they need. This reporting dashboard is actionable, easy to use, and helps visualize the value.
To give customers considering Webroot Security Awareness Training a better picture of how effective the solution is, Webroot shared some results customers have seen in the first six months of use:
Phishing click-through rates drop from an average of 37% to 12%
Results are doubly effective when organizations use both simulations and training, rather than just simulations
Running 11+ courses over 4-6 months shows only a 13% click through rate, meaning over a year the average click through rate goes down to just 5%
Here is a list of Key Features offered by Webroot Security Awareness Training:
Tailorable cyber awareness user education for MSP and SMBs with an integrated LMS (Learning Management Software) for highly automated, efficient, training management.
Multi-tenant campaign management dashboard enabling the launch and management of training across one or multiple clients in a single workflow and pane of glass interface.
Interactive cyber-awareness training courses designed to be engaging, interactive, and easy-to-consume to get users’ attention and achieve lasting results.
One-click access to launch all courses from any browser on a computer or mobile device and automated reminders to ensure users know about any outstanding coursework.
Customizable training course campaigns with the built-in LMS keeping track of every user’s participation, making all cybersecurity education accountable and measurable.
Five-Step Wizard reduces the time and cost of administering cybersecurity education programs with an automated campaign scheduler to organize ongoing programs and reports in minutes.
Phishing Simulator with ever-expanding, topical, phishing template ‘lure’ library regionalized for effectiveness and relevance and with training randomization to ensure realistic engagement and testing via realistic phishing scenarios.
Full course, campaign and contact management with training email templates, course library, and reporting centre enabling administrators to quickly and efficiently schedule and assign training.
Users import via Active Directory LDIF, CSV files, or web-based form, with ‘Tags’ to allow admins to group users by location, department, business unit, or other category to streamline assigning training.
Scheduled Reporting Centre receives phishing campaign statistics and generates per-user action and other reports to measure progress and ROI.
Campaign Executive Summary Report highlights the campaign data and results of the training.
About Expert Insights: Expert insights is an independent review platform for Cyber Security services. They offer to readers detailed and meticulously researched product information written by industry experts, and independent end user reviews. This helps customers looking for cyber security services make an informed buying decision.