THE SATT SERVICE

The purpose of the SATT service is to stop security incidents on your network. It is only by providing your end users with Security Awareness Training and regular Testing that you will achieve this goal.  SATT is a fully managed service that is bespoke and tailored to every individual organisation. It takes up none of your time or resources, and is guaranteed to make a difference.

The SATT service combats the weakest cyber security link in any organisation – your end users – and is delivered in three stages over a 12-month service agreement.  The total cost for the 12 month SATT service is far less than the cost of just one security incident.

Security Awareness Training and Testing (SATT) programs, are reinforced by frequent simulated, randomised phishing attacks, helping organisations create cultural change and build a human firewall of vigilant employees. Security incidents are stopped by having regular targeted emails sent to all staff, with additional more in-depth training provided at the desktop to any vulnerable end users. In conjunction with one of our partners, we are pleased to offer a cost effective and fully managed service to ensure your end users keep your system secure from cyber threats.  Vulnerable users are those who still click on potentially malicious links. With phishing scams on the increase it is vital that your employees are able to identify any scam  The consequences of failing to do so go well beyond bad headlines.  One significant Security Incident can lead to lost jobs, substantial legal costs, non-compliance penalties, loss of brand reputation, customer loss, and a catastrophic hit on the bottom line. The tactics of these scams are evolving and can easily be missed if you are not trained to identify them.

STAGE 1 BASELINE ALL USERS

A targeted email is sent to all users (it’s best you don’t tell them this is happening) and reported back to you on how many users would have put your security at risk. This provides a real life reflection on how vulnerable your end users are. (Typically this is around 40% to 70%).

STAGE 2 TRAINING

All users receive security awareness training. This is a 15-minute online video that each user watches at their desk and at their own convenience. The training covers everything that is relevant to modern cyber-crime and how not to fall victim to these threats.

STAGE 3 MONTHLY PHISHING (the most important stage)

At this stage your users will continue to receive regular (one per user per month) targeted emails. Anyone who clicks on the links is identified as vulnerable and receives additional more in-depth (40 min) training. This is an essential stage as the targeted emails keep your staff vigilant against cyber-crime. Most importantly though this means the users who are actually more of a security risk to your firm are identified and receive the additional training they need.

With the new regulations regarding Data Protection, it’s vital that you and your staff are fully aware of how this can effect your business.  This new additional module, ensures your employees fully understand how their role in the business can be affected by GDPR and is not to be ignored.  A cost effective training module which is a convenient and time-saving solution to raise awareness, whilst educating your employees on the new General Data Protection Regulations.  Comprising of a video and trackable quiz, this training will provide your employees with knowledge on how GDPR can impact your business, and their role within the organisation, as well as their own personal data.

We have found that Security Awareness Training makes an immediate difference to end users’ behaviour. However, what normally happens after completing any training, without continuous reinforcement, is that the message is gradually forgotten within a few weeks of returning to day to day activities.  This is where our fully managed service is unique and actually stops your users causing security incidents.  It is only by combining workplace Security Awareness Training with ongoing, random test phishing emails, supplemented by additional targeted training for those who are (still) vulnerable, will you build a human firewall. A firewall of vigilant, knowledgeable and empowered end users ready to protect themselves and your organisation. A human firewall ready to thwart potential security incidents.  Only our integrated Security Awareness Training and Testing service will help you build a relevant, robust security culture that stands the test of time.

Like most organisations, we expect your users are good at not clicking on obvious phishing emails (banking etc) but threats are constantly evolving and criminals are using new and advanced methods (targeted spear phishing and social engineering) to breach organisations. With our training and ongoing testing program your users will be able to spot and stay safe against these ever evolving, and ever more sophisticated threats. Please contact us for further information.