{"global":{"lastError":{},"locale":"en","locales":{"data":[{"id":"de","name":"Deutsch"},{"id":"en","name":"English"}],"loading":false,"error":false},"currency":{"id":49,"name":"EUR"},"currencies":{"data":[{"id":49,"name":"EUR"},{"id":124,"name":"RUB"},{"id":153,"name":"UAH"},{"id":155,"name":"USD"}],"loading":false,"error":false},"translations":{"company":{"role-vendor":{"ru":"Производитель","_type":"localeString","en":"Vendor"},"role-supplier":{"ru":"Поставщик","_type":"localeString","en":"Supplier"},"products-popover":{"_type":"localeString","en":"Products","de":"die produkte","ru":"Продукты"},"introduction-popover":{"ru":"внедрения","_type":"localeString","en":"introduction"},"partners-popover":{"ru":"партнеры","_type":"localeString","en":"partners"},"update-profile-button":{"ru":"Обновить профиль","_type":"localeString","en":"Update profile"},"read-more-button":{"_type":"localeString","en":"Show more","ru":"Показать ещё"},"hide-button":{"ru":"Скрыть","_type":"localeString","en":"Hide"},"user-implementations":{"ru":"Внедрения","_type":"localeString","en":"Deployments"},"categories":{"ru":"Компетенции","_type":"localeString","en":"Categories"},"description":{"ru":"Описание","_type":"localeString","en":"Description"},"role-user":{"ru":"Пользователь","_type":"localeString","en":"User"},"partnership-vendors":{"en":"Partnership with vendors","ru":"Партнерство с производителями","_type":"localeString"},"partnership-suppliers":{"en":"Partnership with suppliers","ru":"Партнерство с поставщиками","_type":"localeString"},"reference-bonus":{"ru":"Бонус за референс","_type":"localeString","en":"Bonus 4 reference"},"partner-status":{"_type":"localeString","en":"Partner status","ru":"Статус партнёра"},"country":{"_type":"localeString","en":"Country","ru":"Страна"},"partner-types":{"ru":"Типы партнеров","_type":"localeString","en":"Partner types"},"branch-popover":{"en":"branch","ru":"область деятельности","_type":"localeString"},"employees-popover":{"_type":"localeString","en":"number of employees","ru":"количество сотрудников"},"partnership-programme":{"_type":"localeString","en":"Partnership program","ru":"Партнерская программа"},"partner-discounts":{"en":"Partner discounts","ru":"Партнерские скидки","_type":"localeString"},"registered-discounts":{"en":"Additional benefits for registering a deal","ru":"Дополнительные преимущества за регистрацию сделки","_type":"localeString"},"additional-advantages":{"ru":"Дополнительные преимущества","_type":"localeString","en":"Additional Benefits"},"additional-requirements":{"ru":"Требования к уровню партнера","_type":"localeString","en":"Partner level requirements"},"certifications":{"ru":"Сертификация технических специалистов","_type":"localeString","en":"Certification of technical specialists"},"sales-plan":{"en":"Annual Sales Plan","ru":"Годовой план продаж","_type":"localeString"},"partners-vendors":{"ru":"Партнеры-производители","_type":"localeString","en":"Partners-vendors"},"partners-suppliers":{"ru":"Партнеры-поставщики","_type":"localeString","en":"Partners-suppliers"},"all-countries":{"en":"All countries","ru":"Все страны","_type":"localeString"},"supplied-products":{"ru":"Поставляемые продукты","_type":"localeString","en":"Supplied products"},"vendored-products":{"ru":"Производимые продукты","_type":"localeString","en":"Produced products"},"vendor-implementations":{"ru":"Производимые внедрения","_type":"localeString","en":"Produced deployments"},"supplier-implementations":{"ru":"Поставляемые внедрения","_type":"localeString","en":"Supplied deployments"},"show-all":{"ru":"Показать все","_type":"localeString","en":"Show all"},"not-yet-converted":{"en":"Data is moderated and will be published soon. Please, try again later.","ru":"Данные модерируются и вскоре будут опубликованы. Попробуйте повторить переход через некоторое время.","_type":"localeString"},"schedule-event":{"_type":"localeString","en":"Events schedule","ru":"Pасписание событий"},"implementations":{"_type":"localeString","en":"Deployments","ru":"Внедрения"},"register":{"ru":"Регистрация ","_type":"localeString","en":"Register"},"login":{"en":"Login","ru":"Вход","_type":"localeString"},"auth-message":{"_type":"localeString","en":"To view company events please log in or register on the sit.","ru":"Для просмотра ивентов компании авторизируйтесь или зарегистрируйтесь на сайт."},"company-presentation":{"ru":"Презентация компании","_type":"localeString","en":"Company presentation"}},"header":{"help":{"_type":"localeString","en":"Help","de":"Hilfe","ru":"Помощь"},"how":{"en":"How does it works","de":"Wie funktioniert es","ru":"Как это работает","_type":"localeString"},"login":{"ru":"Вход","_type":"localeString","en":"Log in","de":"Einloggen"},"logout":{"en":"Sign out","ru":"Выйти","_type":"localeString"},"faq":{"de":"FAQ","ru":"FAQ","_type":"localeString","en":"FAQ"},"references":{"de":"References","ru":"Мои запросы","_type":"localeString","en":"Requests"},"solutions":{"ru":"Возможности","_type":"localeString","en":"Solutions"},"find-it-product":{"_type":"localeString","en":"Selection and comparison of IT product","ru":"Подбор и сравнение ИТ продукта"},"autoconfigurator":{"ru":"Калькулятор цены","_type":"localeString","en":" Price calculator"},"comparison-matrix":{"ru":"Матрица сравнения","_type":"localeString","en":"Comparison Matrix"},"roi-calculators":{"ru":"ROI калькуляторы","_type":"localeString","en":"ROI calculators"},"b4r":{"ru":"Бонус за референс","_type":"localeString","en":"Bonus for reference"},"business-booster":{"ru":"Развитие бизнеса","_type":"localeString","en":"Business boosting"},"catalogs":{"ru":"Каталоги","_type":"localeString","en":"Catalogs"},"products":{"ru":"Продукты","_type":"localeString","en":"Products"},"implementations":{"ru":"Внедрения","_type":"localeString","en":"Deployments"},"companies":{"en":"Companies","ru":"Компании","_type":"localeString"},"categories":{"en":"Categories","ru":"Категории","_type":"localeString"},"for-suppliers":{"ru":"Поставщикам","_type":"localeString","en":"For suppliers"},"blog":{"ru":"Блог","_type":"localeString","en":"Blog"},"agreements":{"_type":"localeString","en":"Deals","ru":"Сделки"},"my-account":{"ru":"Мой кабинет","_type":"localeString","en":"My account"},"register":{"ru":"Зарегистрироваться","_type":"localeString","en":"Register"},"comparison-deletion":{"_type":"localeString","en":"Deletion","ru":"Удаление"},"comparison-confirm":{"_type":"localeString","en":"Are you sure you want to delete","ru":"Подтвердите удаление"},"search-placeholder":{"ru":"Введите поисковый запрос","_type":"localeString","en":"Enter your search term"},"my-profile":{"ru":"Мои данные","_type":"localeString","en":"My profile"},"about":{"en":"About Us","_type":"localeString"},"it_catalogs":{"_type":"localeString","en":"IT catalogs"},"roi4presenter":{"_type":"localeString","en":"Roi4Presenter"},"roi4webinar":{"en":"Pitch Avatar","_type":"localeString"},"sub_it_catalogs":{"_type":"localeString","en":"Find IT product"},"sub_b4reference":{"en":"Get reference from user","_type":"localeString"},"sub_roi4presenter":{"_type":"localeString","en":"Make online presentations"},"sub_roi4webinar":{"_type":"localeString","en":"Create an avatar for the event"},"catalogs_new":{"en":"Products","_type":"localeString"},"b4reference":{"en":"Bonus4Reference","_type":"localeString"},"it_our_it_catalogs":{"en":"Our IT Catalogs","_type":"localeString"},"it_products":{"_type":"localeString","en":"Find and compare IT products"},"it_implementations":{"_type":"localeString","en":"Learn implementation reviews"},"it_companies":{"_type":"localeString","en":"Find vendor and company-supplier"},"it_categories":{"_type":"localeString","en":"Explore IT products by category"},"it_our_products":{"_type":"localeString","en":"Our Products"},"it_it_catalogs":{"_type":"localeString","en":"IT catalogs"}},"footer":{"copyright":{"en":"All rights reserved","de":"Alle rechte vorbehalten","ru":"Все права защищены","_type":"localeString"},"company":{"_type":"localeString","en":"My Company","de":"Über die Firma","ru":"О компании"},"about":{"ru":"О нас","_type":"localeString","en":"About us","de":"Über uns"},"infocenter":{"en":"Infocenter","de":"Infocenter","ru":"Инфоцентр","_type":"localeString"},"tariffs":{"ru":"Тарифы","_type":"localeString","en":"Subscriptions","de":"Tarife"},"contact":{"en":"Contact us","de":"Kontaktiere uns","ru":"Связаться с нами","_type":"localeString"},"marketplace":{"ru":"Marketplace","_type":"localeString","en":"Marketplace","de":"Marketplace"},"products":{"_type":"localeString","en":"Products","de":"Produkte","ru":"Продукты"},"compare":{"_type":"localeString","en":"Pick and compare","de":"Wähle und vergleiche","ru":"Подобрать и сравнить"},"calculate":{"_type":"localeString","en":"Calculate the cost","de":"Kosten berechnen","ru":"Расчитать стоимость"},"get_bonus":{"en":"Bonus for reference","de":"Holen Sie sich einen Rabatt","ru":"Бонус за референс","_type":"localeString"},"salestools":{"en":"Salestools","de":"Salestools","ru":"Salestools","_type":"localeString"},"automatization":{"de":"Abwicklungsautomatisierung","ru":"Автоматизация расчетов","_type":"localeString","en":"Settlement Automation"},"roi_calcs":{"de":"ROI-Rechner","ru":"ROI калькуляторы","_type":"localeString","en":"ROI calculators"},"matrix":{"en":"Comparison matrix","de":"Vergleichsmatrix","ru":"Матрица сравнения","_type":"localeString"},"b4r":{"de":"Rebate 4 Reference","ru":"Rebate 4 Reference","_type":"localeString","en":"Rebate 4 Reference"},"our_social":{"de":"Unsere sozialen Netzwerke","ru":"Наши социальные сети","_type":"localeString","en":"Our social networks"},"subscribe":{"de":"Melden Sie sich für den Newsletter an","ru":"Подпишитесь на рассылку","_type":"localeString","en":"Subscribe to newsletter"},"subscribe_info":{"_type":"localeString","en":"and be the first to know about promotions, new features and recent software reviews","ru":"и узнавайте первыми об акциях, новых возможностях и свежих обзорах софта"},"policy":{"en":"Privacy Policy","ru":"Политика конфиденциальности","_type":"localeString"},"user_agreement":{"en":"Agreement","ru":"Пользовательское соглашение ","_type":"localeString"},"solutions":{"en":"Solutions","ru":"Возможности","_type":"localeString"},"find":{"ru":"Подбор и сравнение ИТ продукта","_type":"localeString","en":"Selection and comparison of IT product"},"quote":{"ru":"Калькулятор цены","_type":"localeString","en":"Price calculator"},"boosting":{"en":"Business boosting","ru":"Развитие бизнеса","_type":"localeString"},"4vendors":{"en":"4 vendors","ru":"поставщикам","_type":"localeString"},"blog":{"en":"blog","ru":"блог","_type":"localeString"},"pay4content":{"ru":"платим за контент","_type":"localeString","en":"we pay for content"},"categories":{"_type":"localeString","en":"categories","ru":"категории"},"showForm":{"ru":"Показать форму","_type":"localeString","en":"Show form"},"subscribe__title":{"_type":"localeString","en":"We send a digest of actual news from the IT world once in a month!","ru":"Раз в месяц мы отправляем дайджест актуальных новостей ИТ мира!"},"subscribe__email-label":{"_type":"localeString","en":"Email","ru":"Email"},"subscribe__name-label":{"en":"Name","ru":"Имя","_type":"localeString"},"subscribe__required-message":{"en":"This field is required","ru":"Это поле обязательное","_type":"localeString"},"subscribe__notify-label":{"ru":"Да, пожалуйста уведомляйте меня о новостях, событиях и предложениях","_type":"localeString","en":"Yes, please, notify me about news, events and propositions"},"subscribe__agree-label":{"ru":"Подписываясь на рассылку, вы соглашаетесь с %TERMS% и %POLICY% и даете согласие на использование файлов cookie и передачу своих персональных данных*","_type":"localeString","en":"By subscribing to the newsletter, you agree to the %TERMS% and %POLICY% and agree to the use of cookies and the transfer of your personal data"},"subscribe__submit-label":{"en":"Subscribe","ru":"Подписаться","_type":"localeString"},"subscribe__email-message":{"ru":"Пожалуйста, введите корректный адрес электронной почты","_type":"localeString","en":"Please, enter the valid email"},"subscribe__email-placeholder":{"ru":"username@gmail.com","_type":"localeString","en":"username@gmail.com"},"subscribe__name-placeholder":{"_type":"localeString","en":"Last, first name","ru":"Имя Фамилия"},"subscribe__success":{"en":"You are successfully subscribed! Check you mailbox.","ru":"Вы успешно подписаны на рассылку. Проверьте свой почтовый ящик.","_type":"localeString"},"subscribe__error":{"ru":"Не удалось оформить подписку. Пожалуйста, попробуйте позднее.","_type":"localeString","en":"Subscription is unsuccessful. Please, try again later."},"roi4presenter":{"de":"roi4presenter","ru":"roi4presenter","_type":"localeString","en":"Roi4Presenter"},"it_catalogs":{"en":"IT catalogs","_type":"localeString"},"roi4webinar":{"en":"Pitch Avatar","_type":"localeString"},"b4reference":{"_type":"localeString","en":"Bonus4Reference"}},"breadcrumbs":{"home":{"_type":"localeString","en":"Home","ru":"Главная"},"companies":{"_type":"localeString","en":"Companies","ru":"Компании"},"products":{"ru":"Продукты","_type":"localeString","en":"Products"},"implementations":{"ru":"Внедрения","_type":"localeString","en":"Deployments"},"login":{"ru":"Вход","_type":"localeString","en":"Login"},"registration":{"ru":"Регистрация","_type":"localeString","en":"Registration"},"b2b-platform":{"ru":"Портал для покупателей, поставщиков и производителей ИТ","_type":"localeString","en":"B2B platform for IT buyers, vendors and suppliers"}},"comment-form":{"title":{"ru":"Оставить комментарий","_type":"localeString","en":"Leave comment"},"firstname":{"en":"First name","ru":"Имя","_type":"localeString"},"lastname":{"_type":"localeString","en":"Last name","ru":"Фамилия"},"company":{"_type":"localeString","en":"Company name","ru":"Компания"},"position":{"ru":"Должность","_type":"localeString","en":"Position"},"actual-cost":{"ru":"Фактическая стоимость","_type":"localeString","en":"Actual cost"},"received-roi":{"_type":"localeString","en":"Received ROI","ru":"Полученный ROI"},"saving-type":{"ru":"Тип экономии","_type":"localeString","en":"Saving type"},"comment":{"_type":"localeString","en":"Comment","ru":"Комментарий"},"your-rate":{"en":"Your rate","ru":"Ваша оценка","_type":"localeString"},"i-agree":{"_type":"localeString","en":"I agree","ru":"Я согласен"},"terms-of-use":{"_type":"localeString","en":"With user agreement and privacy policy","ru":"С пользовательским соглашением и политикой конфиденциальности"},"send":{"en":"Send","ru":"Отправить","_type":"localeString"},"required-message":{"ru":"{NAME} - это обязательное поле","_type":"localeString","en":"{NAME} is required filed"}},"maintenance":{"title":{"_type":"localeString","en":"Site under maintenance","ru":"На сайте проводятся технические работы"},"message":{"_type":"localeString","en":"Thank you for your understanding","ru":"Спасибо за ваше понимание"}}},"translationsStatus":{"company":"success"},"sections":{},"sectionsStatus":{},"pageMetaData":{"company":{"title":{"ru":"ROI4CIO: Компания","_type":"localeString","en":"ROI4CIO: Company"},"meta":[{"name":"og:image","content":"https://roi4cio.com/fileadmin/templates/roi4cio/image/roi4cio-logobig.jpg"},{"name":"og:type","content":"website"}],"translatable_meta":[{"translations":{"_type":"localeString","en":"Company","ru":"Компания"},"name":"title"},{"name":"description","translations":{"ru":"Описание компании","_type":"localeString","en":"Company description"}},{"name":"keywords","translations":{"_type":"localeString","en":"Company keywords","ru":"Ключевые слова для компании"}}]}},"pageMetaDataStatus":{"company":"success"},"subscribeInProgress":false,"subscribeError":false},"auth":{"inProgress":false,"error":false,"checked":true,"initialized":false,"user":{},"role":null,"expires":null},"products":{"productsByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null,"useProductLoading":false,"sellProductLoading":false,"templatesById":{},"comparisonByTemplateId":{}},"filters":{"filterCriterias":{"loading":false,"error":null,"data":{"price":{"min":0,"max":6000},"users":{"loading":false,"error":null,"ids":[],"values":{}},"suppliers":{"loading":false,"error":null,"ids":[],"values":{}},"vendors":{"loading":false,"error":null,"ids":[],"values":{}},"roles":{"id":200,"title":"Roles","values":{"1":{"id":1,"title":"User","translationKey":"user"},"2":{"id":2,"title":"Supplier","translationKey":"supplier"},"3":{"id":3,"title":"Vendor","translationKey":"vendor"}}},"categories":{"flat":[],"tree":[]},"countries":{"loading":false,"error":null,"ids":[],"values":{}}}},"showAIFilter":false},"companies":{"companiesByAlias":{"cofense":{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[{"id":2,"type":"supplier"},{"id":3,"type":"vendor"}],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":["supplier","vendor"],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[{"id":1111,"title":"Cofense PhishMe for ADT Security Services","description":"<span style=\"font-weight: bold; \">Background</span>\r\nAs one of the biggest home protection brands in North America, ADT Security Services is synonymous with security. When it came to building their enterprise-wide phishing defense program, the company knew it needed to partner with a proven leader with the ability to scale to meet ADT’s evolving security needs.\r\nCofense quickly became the clear choice as ADT’s partner in phishing defense. Jerry Magginnis, an ADT security architect, was familiar with Cofense’s phishing simulation and behavior conditioning technology, having worked with the vendor at a previous job. There, he had seen Cofense PhishMe® significantly decrease phishing attacks. <span style=\"font-style: italic; \">“When I joined ADT, I shared my previous experience and success with Cofense with my new management team,”</span> he recalls.\r\n\r\n<span style=\"font-weight: bold; \">Challenges</span>\r\nAs a large organization with more than 20,000 employees across North America, Magginnis says ADT needed an industrial-strength solution to help prevent phishing attacks.\r\n<span style=\"font-weight: bold; \">Cofense PhishMe is an easy-to-use and effective SaaS solution that instructs users on the dangers of phishing by periodically testing them with simulated phishes and supplying immersive training content for users during the simulation.</span> When users receive a simulated phish, they must decide whether the email is legitimate or report it as a suspected phish. This teaches them to recognize the telltale signs of phishing emails, and soon they become adept at identifying and reporting phishes.\r\nHaving worked with Cofense before, Magginnis was familiar with the content quality and scalability that Cofense provides, so he didn’t hesitate to recommend it when the subject was raised. Still, ADT had to issue an RFP as per company policy. Tom Dennison, Chief Information Security Officer at ADT was involved in the early RFP stages, but soon identified that Cofense stood out from the competition. <span style=\"font-style: italic; \">“It simply came down to who is the most advanced in the industry and who is the most effective,”</span> notes Dennison. <span style=\"font-style: italic; \">“We felt that Cofense is the clear leader in this space.”</span>\r\n\r\n<span style=\"font-weight: bold; \">Solutions</span>\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Smooth Rollout</span></span>\r\nHaving made the decision to implement Cofense PhishMe, ADT developed a phased rollout plan that included an initial implementation limited to the 20 members of the IT security department. A rollout to the 200-employee IT staff followed. The next phase covered about 1,000 employees at company headquarters, after which Cofense PhishMe was implemented company-wise. Currently 21,000 employees are using it, and another 4,000 from a recent acquisition soon will be added.\r\nThis methodical approach allowed the security team to evaluate users’ responses and make adjustments as needed. <span style=\"font-style: italic; \">“You want to make sure that you have a successful launch, and that you’ve worked out all the details,”</span> Magginnis says.\r\nThus, the user adoption for Cofense across the organization has been quite positive. If the launch went awry, it would irritate users, who would question the program’s value, he says. <span style=\"font-style: italic; \">“You really want people to embrace it and feel they’re getting value as opposed to being bothered by it. We involved all the tech teams, and the legal and HR staff as well. They all felt all involved. And since we did that early, they all felt like they were partners in the process.”</span>\r\nThat’s why the security team started small – and used itself as guinea pigs. <span style=\"font-style: italic; \">“Along the way, we kind of worked out any potential issues and decided what the future content of the program was going to be,”</span> Magginnis says.\r\nThe first simulation brought relief and confirmation because the solution worked <span style=\"font-style: italic; \">“exactly like you think it’s going to work”</span> and proved to be <span style=\"font-style: italic; \">“as easy as it looks,”</span> Magginnis adds. <span style=\"font-style: italic; \">“That’s a huge feeling of success.”</span>\r\n<span style=\"font-weight: bold; \">Crafting Successful Scenarios</span>\r\nThat first simulation targeted the security team and consisted of a fake email pretending to be an installation of Microsoft Office 365, which the company was in the midst of rolling out. It was a custom scenario created by the security team – one they knew would work well. ADT has since used a combination of custom and Cofense pre-set scenarios in subsequent simulations. With each one, Magginnis says, susceptibility to phishing has decreased.\r\nIn addition to Cofense PhishMe, ADT has rolled out Cofense Reporter®, which organizes and normalizes user reports of phishing attempts to strengthen threat-detection capabilities. Reporter works by placing a button on emails that users can click whenever they suspect a phish. The email is then routed to the security team, which checks if it is a simulation, a legitimate email or a phish.\r\nBefore deploying Cofense Reporter, users had to create attachments of suspicious emails that they then would send to the security team. <span style=\"font-style: italic; \">“That’s quite a bit to ask of most users – and not always done correctly.”</span> The button makes the whole process easier, and users get an immediate response after clicking it. When users correctly report a simulated or real phish, they receive a “job well done” acknowledgment.\r\n\r\n<span style=\"font-weight: bold; \">Business Results</span>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Quick ROI</span></span>\r\nThe anti-phishing program has been well received, Magginnis says. <span style=\"font-style: italic;\">“From our CEO on down, everyone recognizes the value of this because even the executives themselves have been subject to phishing attacks.”</span>\r\nDennison and other technology management have been so pleased with the initial anti-phishing program that approvals have been granted to expand the program. ADT is exploring adding Cofense Triage, which automates prioritization, analysis and response to phishing threats. <span style=\"font-style: italic;\">“Improving our incident response efforts is a major priority for us,”</span> notes Dennison. <span style=\"font-style: italic;\">“Cofense Triage provides opportunities to clearly automate and prioritize threats that could positively impact incident response times.”</span> The company also has augmented its anti-phishing efforts by asking users to take advantage of Cofense’s complimentary computer-based training modules explaining the dangers of phishing.\r\nAs for a return on investment, the Cofense solutions already have proven their worth by reducing staff time allocated to responding to phishing threats. According to Magginnis, those staff hours have been cut in half. <span style=\"font-style: italic;\">“This isn’t conjectured. We’ve made the calculations based on the lost productivity due to time spent by the mail, proxy and SOC groups on phishing attack responses.”</span>\r\n\r\n<span style=\"font-weight: bold;\">Conclusion</span>\r\nMagginnis enjoyed a positive experience working with Cofense staff and engineers taking the anti-phishing program from deployment to maturity. <span style=\"font-style: italic;\">“Since the initial rollout, the Cofense support team has proven always helpful and accessible, making sure we’re crossing all the Ts and dotting the Is. The results speak for themselves.”</span>\r\nMagginnis has high praise for the Cofense team. <span style=\"font-style: italic;\">“There seems to be a special culture at Cofense. You find people that genuinely care and put the word ‘partner’ back into the relationship. We’ve really partnered with Cofense because they’re willing to do whatever it takes to help us create an anti-phishing culture at ADT.”</span>\r\nThanks to the combination of technology and people, Magginnis would be glad to recommend Cofense to any of his peers.","alias":"cofense-phishme-for-adt-security-services","roi":0,"seo":{"title":"Cofense PhishMe for ADT Security Services","keywords":"","description":"<span style=\"font-weight: bold; \">Background</span>\r\nAs one of the biggest home protection brands in North America, ADT Security Services is synonymous with security. When it came to building their enterprise-wide phishing defense program, the company knew it ","og:title":"Cofense PhishMe for ADT Security Services","og:description":"<span style=\"font-weight: bold; \">Background</span>\r\nAs one of the biggest home protection brands in North America, ADT Security Services is synonymous with security. When it came to building their enterprise-wide phishing defense program, the company knew it "},"deal_info":"","user":{"id":8755,"title":"ADT by Telus (User)","logoURL":"https://old.roi4cio.com/uploads/roi/company/adt_logo.png","alias":"adt-by-telus-user","address":"","roles":[],"description":" At ADT by TELUS, helping to protect our customers has been our sole mission for over 125 years. We are the #1 home security company in Canada because more families trust ADT to help protect what matters most. Each day we make the commitment to bring peace of mind to our 650,000+ residential and business customers thanks to our 24/7 professional monitoring and 4 interconnected stations.\r\nADT by TELUS is built on the passion of over 1,400 moms, dads, sisters, brothers, aunts, uncles and friends, serving our customers from among our 15 corporate offices located across the country.\r\nSource: https://www.linkedin.com/company/adtbytelus/about/","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":1,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.adt.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"ADT by Telus (User)","keywords":"","description":" At ADT by TELUS, helping to protect our customers has been our sole mission for over 125 years. We are the #1 home security company in Canada because more families trust ADT to help protect what matters most. Each day we make the commitment to bring peace of ","og:title":"ADT by Telus (User)","og:description":" At ADT by TELUS, helping to protect our customers has been our sole mission for over 125 years. We are the #1 home security company in Canada because more families trust ADT to help protect what matters most. Each day we make the commitment to bring peace of ","og:image":"https://old.roi4cio.com/uploads/roi/company/adt_logo.png"},"eventUrl":""},"supplier":{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""},"vendors":[{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""}],"products":[{"id":5904,"logo":false,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"alias":"cofense-phishme","companyTypes":[],"description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[{"id":36,"title":"Canada","name":"CAN"}],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":6,"title":"Ensure Security and Business Continuity"},{"id":306,"title":"Manage Risks"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":177,"title":"Decentralized IT systems"},{"id":281,"title":"No IT security guidelines"},{"id":336,"title":"Risk or Leaks of confidential information"},{"id":346,"title":"Shortage of inhouse IT resources"},{"id":382,"title":"High costs of IT personnel"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"-1","projectWasPut":"","price":0,"source":{"url":"","title":"Web-site of vendor"}},"comments":[],"referencesCount":0},{"id":1113,"title":"Cofense PhishMe for AES Corporation","description":"<span style=\"font-weight: bold;\">Summary</span>\r\nAES turned to Cofense to support their awareness testing of 19,000 employees and contractors across 17 countries in multiple languages. Using a combination of Cofense PhishMe® and Cofense Reporter®, AES has seen strong improvements in the recognition of suspicious emails, decreasing its workforce’s susceptibility while increasing the reporting of real phishing threats.\r\n<span style=\"font-weight: bold;\">Background</span>\r\nThe AES Corporation is a Fortune 200 multinational energy company that generates and distributes electricity across 17 countries and four continents using a broad portfolio of fuels and technologies, including market-leading battery-based energy storage. With revenues of $14 billion and $36 billion in assets, AES has a workforce of 19,000 employees and contractors.\r\n<span style=\"font-weight: bold;\">Challenges</span>\r\nWith locations, employees and cyber-defenses scattered throughout the world, AES needed effective and easily customized anti-phishing training support. This meant running phishing simulations to condition employees who speak many different languages — English, Spanish, Portuguese, Vietnamese and Bulgarian, to name a few—and who work in diverse environments with varying cybersecurity regulations.\r\n<span style=\"font-style: italic;\">“Cofense recently reported that 91% of cyberattacks start with a phishing email,”</span> says David Badanes, Director of Cybersecurity Strategy at AES. <span style=\"font-style: italic;\">“On the defensive side, we have to be right 100 percent of the time. Conditioning our people not to click malicious emails is critical to our primary value of safety.”</span>\r\n<span style=\"font-weight: bold;\">The Cofense PhishMe Difference</span>\r\nBefore deploying Cofense PhishMe in 2016, AES worked with a different anti-phishing solutions provider. <span style=\"font-style: italic;\">“The results were unremarkable,”</span> recalls Goodhart. <span style=\"font-style: italic;\">“But then we were introduced to Cofense, and the level of sophistication in their approach was apparent. It’s the difference between saying something and building a culture around something. Because of our partnership with Cofense, I now have employees who are much more skilled at identifying phishing emails.”</span>\r\n<span style=\"font-weight: bold;\">Multi-language Support</span>\r\nCurrently, 19,000 people in 17 countries are being trained to recognize and report phishing threats. With each simulation, AES personnel become more adept at spotting potential phishing indicators such as misspellings, unnecessary hyperlinks and attempts to play on people’s emotions.\r\n<span style=\"font-style: italic;\">“What’s especially impressive is that AES has gradually increased the complexity of simulated phishes, and the level of awareness among employees has continued to grow,”</span> notes Goodhart. <span style=\"font-style: italic;\">“It’s no easy feat, considering the simulations cover people in different age groups with varying degrees of technical savvy as well as different languages and cultures. This requires each simulation to employ a fair amount of customization.”</span>\r\n<span style=\"font-weight: bold;\">Cofense Reporter and Cofense Professional Services</span>\r\nAES also uses Cofense Reporter, a solution that allows for quick user reports of phishing attempts. With Cofense Reporter, AES personnel simply click an icon to send suspicious emails to their company’s security team for analysis. This generates streams of human-based phishing intelligence to aid in threat detection and speed incident response for security operations teams.\r\nTo develop custom reports and further enhance their phishing defense program, AES relies on Cofense Professional Services. For example, a Cofense consultant showed the AES team how to use different tactics in creating phishing simulations and to tailor phishes by region and language.\r\n<span style=\"font-weight: bold;\">An “Exemplary” Approach to Cybersecurity</span>\r\nAccording to Badanes, if the company had to decide on only one cybersecurity training component to keep, it would be Cofense simulations. He believes these simulations exemplifies AES’ primary value of safety and the company’s approach to cybersecurity.\r\n<span style=\"font-style: italic;\">“Cyber events could cause physical damage and — potentially — loss of life,”</span> he says. <span style=\"font-style: italic;\">“With electrical power, you must put safety first. Meaning both physical safety and cybersecurity. We train every person in our organization to think about ways to be cyber safe because cybersecurity is everybody’s job.”</span> Attackers, he notes, will keep trying to come up with ways to get into networks. <span style=\"font-style: italic;\">“Cofense helps ensure they don’t succeed.”</span>","alias":"cofense-phishme-for-aes-corporation","roi":0,"seo":{"title":"Cofense PhishMe for AES Corporation","keywords":"","description":"<span style=\"font-weight: bold;\">Summary</span>\r\nAES turned to Cofense to support their awareness testing of 19,000 employees and contractors across 17 countries in multiple languages. Using a combination of Cofense PhishMe® and Cofense Reporter®, AES has seen","og:title":"Cofense PhishMe for AES Corporation","og:description":"<span style=\"font-weight: bold;\">Summary</span>\r\nAES turned to Cofense to support their awareness testing of 19,000 employees and contractors across 17 countries in multiple languages. Using a combination of Cofense PhishMe® and Cofense Reporter®, AES has seen"},"deal_info":"","user":{"id":8758,"title":"The AES Corporation (User)","logoURL":"https://old.roi4cio.com/uploads/roi/company/AES_Corporation_Logo.png","alias":"korporacija-aes-user","address":"","roles":[],"description":" The AES Corporation (NYSE: AES) is a Fortune 500 global power company. We provide affordable, sustainable energy to 14 countries through our diverse portfolio of distribution businesses as well as thermal and renewable generation facilities. Our workforce is committed to operational excellence and meeting the world’s changing power needs. Our 2018 revenues were $11 billion and we own and manage $33 billion in total assets.\r\nWe are dedicated to improving the lives of our customers by leveraging our energy solutions that encompass a broad range of technologies and fuel types, including coal, diesel, gas, oil, pet coke and renewables. Our people share a passion to help meet the world’s current and increasing energy needs while providing communities and countries the opportunity for economic growth due to the availability of reliable, affordable electric power.","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":1,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.aes.com/home/default.aspx","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"The AES Corporation (User)","keywords":"","description":" The AES Corporation (NYSE: AES) is a Fortune 500 global power company. We provide affordable, sustainable energy to 14 countries through our diverse portfolio of distribution businesses as well as thermal and renewable generation facilities. Our workforce is ","og:title":"The AES Corporation (User)","og:description":" The AES Corporation (NYSE: AES) is a Fortune 500 global power company. We provide affordable, sustainable energy to 14 countries through our diverse portfolio of distribution businesses as well as thermal and renewable generation facilities. Our workforce is ","og:image":"https://old.roi4cio.com/uploads/roi/company/AES_Corporation_Logo.png"},"eventUrl":""},"supplier":{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""},"vendors":[{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""}],"products":[{"id":5904,"logo":false,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"alias":"cofense-phishme","companyTypes":[],"description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[{"id":220,"title":"United States","name":"USA"}],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":6,"title":"Ensure Security and Business Continuity"},{"id":306,"title":"Manage Risks"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":177,"title":"Decentralized IT systems"},{"id":281,"title":"No IT security guidelines"},{"id":336,"title":"Risk or Leaks of confidential information"},{"id":346,"title":"Shortage of inhouse IT resources"},{"id":382,"title":"High costs of IT personnel"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"","title":"Web-site of vendor"}},"comments":[],"referencesCount":0},{"id":1115,"title":"Cofense PhishMe for Australian aviation company","description":"A leading Australian aviation company wasn’t going to wait for disaster to strike before strengthening its phishing defense.\r\n<span style=\"font-style: italic;\">“We were lucky enough to have forward-thinking management,”</span> said the General Manager of Technology and Innovation. <span style=\"font-style: italic;\">“We hadn’t suffered losses from phishing, but our board of directors grasped the threat, so they instructed us to launch an anti-phishing program.”</span>\r\nHe added, <span style=\"font-style: italic;\">“Because we’re in aviation, we have a lot of visibility. If a phish led to a security incident, our name would be in the headlines. We need to protect not only our data but our reputation.”</span>\r\n<span style=\"font-weight: bold;\">Solutions and Results</span>\r\nThe company implemented Cofense PhishMe to help users spot phishing and Cofense Reporter to enable one-click reporting. With Cofense PhishMe, program administrators are able to simulate phishes and educate users on how to recognize them.\r\nWhen the company announced the program, it clearly explained the goals and methods. The announcement also educated users about phishing, including a sample simulation. This transparency paid off. From the first round of simulation training to the next, user susceptibility dropped by 10%. And users who clicked an embedded link dropped by 9%.\r\n<span style=\"font-style: italic;\">“The results to date are encouraging,”</span> said the General Manager. <span style=\"font-style: italic;\">“We know that our metrics are affected by the complexity of simulations, the emotional levers they pull, and the user groups we target. As we continue to move forward, we’ll be basing our simulations on attacks we’ve actually seen.”</span>\r\n<span style=\"font-weight: bold;\">Next Steps</span>\r\nHe plans to further customize simulations by team and location, using Cofense PhishMe’s adaptable templates. <span style=\"font-style: italic;\">“We understand that the people and organizations behind these attacks are smart,”</span> he said. <span style=\"font-style: italic;\">“They mimic trusted people and brands and refine their deployment methods to evade automated safeguards. You can never become complacent.”</span>\r\nNow that Cofense Reporter is deployed across all teams, the company is better able to promote and track email reporting. <span style=\"font-style: italic;\">“To measure success, we first look at the number of users not opening and/or reporting potential threats,”</span> said the General Manager.\r\n<span style=\"font-style: italic;\">“Next, and possibly more important, we examine the number who report after they may have inadvertently opened an email. Basically, we identify employees that may be vulnerable, give them the training they need, and report this up to the board of directors.”</span>\r\nUnderscoring the point he added, <span style=\"font-style: italic;\">“Initially, some people at our company thought the program was unnecessary. They believed our automated systems and firewalls gave us enough protection. This was dispelled when security professionals fell prey to Cofense simulations.”</span>\r\nEven better, <span style=\"font-style: italic;\">“Our security teams are stopping attacks reported by employees.”</span>","alias":"cofense-phishme-dlja-avstraliiskoi-aviacionnoi-kompanii","roi":0,"seo":{"title":"Cofense PhishMe for Australian aviation company","keywords":"","description":"A leading Australian aviation company wasn’t going to wait for disaster to strike before strengthening its phishing defense.\r\n<span style=\"font-style: italic;\">“We were lucky enough to have forward-thinking management,”</span> said the General Manager of Techn","og:title":"Cofense PhishMe for Australian aviation company","og:description":"A leading Australian aviation company wasn’t going to wait for disaster to strike before strengthening its phishing defense.\r\n<span style=\"font-style: italic;\">“We were lucky enough to have forward-thinking management,”</span> said the General Manager of Techn"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""},"vendors":[{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""}],"products":[{"id":5904,"logo":false,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"alias":"cofense-phishme","companyTypes":[],"description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[{"id":14,"title":"Australia","name":"AUS"}],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":6,"title":"Ensure Security and Business Continuity"},{"id":306,"title":"Manage Risks"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":177,"title":"Decentralized IT systems"},{"id":281,"title":"No IT security guidelines"},{"id":336,"title":"Risk or Leaks of confidential information"},{"id":346,"title":"Shortage of inhouse IT resources"},{"id":382,"title":"High costs of IT personnel"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"-1","projectWasPut":"","price":0,"source":{"url":"","title":"Web-site of vendor"}},"comments":[],"referencesCount":0},{"id":1152,"title":"Cofense PhishMe for energy grid","description":"<b>Background.</b> A diversified energy and utility company with more than $30 billion in assets and operations in 25 states. The company operates regulated utilities and electricity generation through two primary lines of business and includes eight electric and natural gas utilities, serving 3.1 million customers in New York and New England. The organization operates 6.3 gigawatts of electricity capacity, primarily through wind power, across the United States, as well as employs 7,000 people.\r\n<b>Challenges.</b> Energy providers face a cybersecurity double whammy: An attack could cut power to thousands of customers and cause millions of dollars in damage. And, since the company is subject to North American Electric Reliability Corporation Critical Infrastructure Protection (NERC/CIP) regulations, it risks incurring fines up to $1 million per violation per day.\r\n<b>Solutions.</b> An anti-phishing solution had to meet several criteria – ease of use, a good value, compatibility with other systems, and actionable data delivery. After evaluating a handful of solutions, the company decided to conduct a limited proof of concept of Cofense PhishMe. The results sold the energy company on Cofense PhishMe.\r\nA cloud-based SaaS immersive learning platform, Cofense PhishMe works easily with all major web browsers. It instructs users on the dangers of phishing through periodic simulations. Users have to decide if suspected phishes are legitimate or report them as suspicious. “Because we are a global company, we looked for a phishing platform that was extensible. Cofense PhishMe fit that bill because of its worldwide presence and multi-language capabilities,” the cyber security manager says.\r\n<b>Results.</b> The energy company launched its simulation program on a small scale by targeting company executives and their assistants. Over an eight month period, they expanded it to include HR, customer service, legal, corporate security and finance personnel. Each time, the phishing team shared results and susceptibility levels with management. It soon became clear departments that had already experienced phishing simulations had lower susceptibility rates. This proved that training and simulations work. Since leveraging Cofense, the energy company has seen employee susceptibility trends decline.\r\n<b>Conclusion.</b> The manager says in theory, the energy company could lose $3 billion in market valuation if it suffered a serious data breach. “If Cofense can help us prevent that, and if it can help us keep the lights on and the natural gas flowing for our customers, that’s a big deal.” The company has calculated the cost of each simulation at approximately 60 cents per employee. That’s a reasonable price, considering the improvements in susceptibility rates and the attacks the company may have already averted thanks to heightened phishing awareness, the manager says. <i>“Because we work for an energy services company, we have a duty to protect the grid. One of the ways we do that is by encouraging our employees to step up and accept that higher responsibility – to teach them to stop and think before they download an attachment, for instance. And we believe Cofense will continue to help us do that and prevent bad things from happening.”</i>","alias":"cofense-phishme-dlja-ehnergeticheskoi-kompanii","roi":0,"seo":{"title":"Cofense PhishMe for energy grid","keywords":"","description":"<b>Background.</b> A diversified energy and utility company with more than $30 billion in assets and operations in 25 states. The company operates regulated utilities and electricity generation through two primary lines of business and includes eight electric ","og:title":"Cofense PhishMe for energy grid","og:description":"<b>Background.</b> A diversified energy and utility company with more than $30 billion in assets and operations in 25 states. The company operates regulated utilities and electricity generation through two primary lines of business and includes eight electric "},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""},"vendors":[{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""}],"products":[{"id":5904,"logo":false,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"alias":"cofense-phishme","companyTypes":[],"description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":5,"title":"Enhance Staff Productivity"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":346,"title":"Shortage of inhouse IT resources"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"","title":"Supplier's web site"}},"comments":[],"referencesCount":0},{"id":1154,"title":"Cofense PhishMe for Generali","description":"<b>Background.</b> With some 61 million customers, Generali is Italy’s largest insurance company and one of the world’s most recognizable financial services brands. As part of a comprehensive overhaul of its security programs, Generali decided to focus on phishing awareness. “The number of attacks targeting us was increasing,” said Francesco Nonni, Head of IT Operations & Security Risk at Generali. “We were seeing phishing attacks of all types and employees weren’t sure how to respond.”\r\n<b>Solutions and Results.</b> Generali chose to use Cofense PhishMe and Cofense Reporter to teach employees to recognize and report evolving phishing threats. Why Cofense? “You offer so many different templates for phishing simulations based on real threats,” Nonni said. “Also, the solutions are easy to implement.” “With Cofense PhishMe and Cofense Reporter, we can easily gather statistics on phishing resiliency and susceptibility,” he added. “By sharing results across the company, we created a shared understanding of our readiness and where to improve.”\r\nAre employees getting the message—are they reporting phish? “Absolutely yes,” he said, “both in simulations and in real life. Our simulation results are trending in the right direction—reporting is increasing and susceptibility is dropping. We use the Cofense benchmarks for our industry specifically and across verticals, so we can compare our level of awareness and exposure. We know where we stand and are able to put it in context.” Even better, “Employees are now helping security teams stop real phish,” he said. “Now it’s easy to report an email that might be part of a real attack. One click of Cofense Reporter is all it takes. When that happens, our security operations teams are able to respond faster.”\r\n<b>Implementation & Peer-to-Peer Advice.</b> Once Generali’s phishing defense program was up and running, Nonni launched their first simulation. While the solutions worked seamlessly, the results showed that the company had its work cut out. “A lot of people clicked,” he said, “and reporting levels were low. That wasn’t surprising, since it was our first campaign.” There was a silver lining, though. Armed with data, Nonni was able to further underscore the risks of phishing and generate more support from corporate leadership. He recently launched a simulation campaign in 11 countries across Europe and Asia. “The campaign is still ongoing, but the results are encouraging,” he said, “We’re learning that click rates often vary from country to country. We prepared content on a more global level and asked local offices to translate to their language and manage the rollout to their teams. Depending on the country and the culture, the local communications department might try different tactics to promote the awareness program and keep employees engaged.” As a global financial services leader, Generali continues to see high volumes of phishing emails—real attacks that trained employees are reporting more consistently. “We see a lot of spear phishing attacks targeted to our managers, along with crypto-lockers, credential phish, and business email compromise. We’ve started to model our simulations after attacks that we receive, for example, phishing emails with malicious attachments.”\r\n<b></b>","alias":"cofense-phishme-dlja-generali","roi":0,"seo":{"title":"Cofense PhishMe for Generali","keywords":"","description":"<b>Background.</b> With some 61 million customers, Generali is Italy’s largest insurance company and one of the world’s most recognizable financial services brands. As part of a comprehensive overhaul of its security programs, Generali decided to focus on phis","og:title":"Cofense PhishMe for Generali","og:description":"<b>Background.</b> With some 61 million customers, Generali is Italy’s largest insurance company and one of the world’s most recognizable financial services brands. As part of a comprehensive overhaul of its security programs, Generali decided to focus on phis"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""},"vendors":[{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""}],"products":[{"id":5904,"logo":false,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"alias":"cofense-phishme","companyTypes":[],"description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[{"id":104,"title":"Italy","name":"ITA"}],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":5,"title":"Enhance Staff Productivity"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":346,"title":"Shortage of inhouse IT resources"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"","title":"Supplier's web site"}},"comments":[],"referencesCount":0},{"id":1176,"title":"Cofense PhishMe for global consumer","description":"A few years ago, a global consumer product goods company with 40K employees in over 100 markets had no formal anti- phishing program. Knowing the threat was growing and its security team needed help, the business began using Cofense PhishMe to measure employee’s susceptibility to suspicious emails and Cofense Reporter to report them with one click. Later, the CPG firm deployed Cofense Triage to help incident responders recognize threats and remediate them faster.\r\nAccording to the company’s head of security awareness, 28 percent of employees, as well as third-party contractors, clicked on bad emails during initial Cofense simulations. “That was a wakeup call,” she said. “We knew we needed improvement, but thought we were in better shape than that.”\r\nImplemented simultaneously, Cofense PhishMe and Cofense Reporter proved a powerful combination. Cofense PhishMe tested employees’ susceptibility to phishing under simulated conditions. And Cofense Reporter “relieved employees of having to figure out whether and how to report a suspicious email,” said the head of security awareness. “If they had any doubts, they could report an email with a single click and get on with their day.” For that reason, the company installed Cofense Reporter on devices before deploying Cofense PhishMe.\r\n<p class=\"align-center\"><b>Companywide reporting climbed to 43 percent, with some key departments reporting at over 90 percent.</b></p>\r\nWhile metrics continue to improve, including phishing susceptibility rates under 10%, “Our leadership wants to know that we’re always getting better. Cofense lets us demonstrate that. We can’t just do the same basic simulations over and over. With Cofense PhishMe, it’s easy to customize more complex phishing scenarios. Over time, we’ve made the exercises more advanced, personalizing emails by name and company logo, to reflect what’s happening in the real world.” The company also needed a central storehouse where suspicious emails could be forwarded and automatically prioritized. With training and implementation help from Cofense professional services, the CPG leader now has a dedicated, purpose-built mailbox where employees can forward suspicious emails. Cofense Triage automates the process of distinguishing threats from noise.\r\n<p class=\"align-center\"><b>Before, incident responders spent hours sifting through emails. Now, 80 percent of reported emails are resolved automatically – just 20 percent require active attention.</b></p>\r\nThe solution’s clustering capability helps identify larger phishing campaigns, so the incident response team can address them swiftly. “Our incident responders are making much better use of their time now. They can recognize and respond to a real incident, instead of sifting through tons of emails before stumbling upon something important. Cofense Triage improves the quality of work our responders can do.” With low susceptibility rates and reporting rates steadily rising, the head of security awareness reports that “employees have become an important line of cyber defense.” And thanks to the automation and analytics of Cofense Triage, “we’re not drowning in information anymore and can act on threats right away.”","alias":"cofense-phishme-dlja-globalnoi-proizvodstvennoi-kampanii","roi":0,"seo":{"title":"Cofense PhishMe for global consumer","keywords":"","description":"A few years ago, a global consumer product goods company with 40K employees in over 100 markets had no formal anti- phishing program. Knowing the threat was growing and its security team needed help, the business began using Cofense PhishMe to measure employee","og:title":"Cofense PhishMe for global consumer","og:description":"A few years ago, a global consumer product goods company with 40K employees in over 100 markets had no formal anti- phishing program. Knowing the threat was growing and its security team needed help, the business began using Cofense PhishMe to measure employee"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""},"vendors":[{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""}],"products":[{"id":5904,"logo":false,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"alias":"cofense-phishme","companyTypes":[],"description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":5,"title":"Enhance Staff Productivity"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":346,"title":"Shortage of inhouse IT resources"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"","title":"Supplier's web site"}},"comments":[],"referencesCount":0},{"id":1148,"title":"Cofense PhishMe for Global CPG Leader","description":"<b>Background and Challenges.</b> In 2015, this consumer product goods (CPG) leader had no formal anti-phishing program. Knowing the threat was growing and its security team needed help, the business began using Cofense PhishMe® to measure employee’s susceptibility to suspicious emails and Cofense ReporterTM to report them with one click. Later, the CPG firm deployed Cofense TriageTM to help incident responders recognize threats and remediate them faster.\r\nAccording to the CPG company, 28 percent of employees, as well as third-party contractors, clicked on bad emails during initial Cofense simulations. “That was a wake- up call,” said the CPG company’s head of security awareness. “We knew we needed improvement, but thought we were in better shape than that.” Employees needed help in spotting potential phishes – especially critical departments more heavily targeted by attackers.\r\nMoreover, the company needed a central storehouse where suspicious emails could be forwarded and automatically prioritized. Incident responders had to spend hours sifting through 500 to 1000+ emails reported daily. Instead of focusing their efforts on dealing with real phishes – not to mention the myriad other security issues they faced – responders wasted time manually sorting through the clutter to distinguish threats from noise.\r\n<b>Solution and Results.</b> While metrics continue to improve, “Our leadership wants to know that we’re always getting better. Cofense lets us demonstrate that. We can’t just do the same basic simulations over and over. With Cofense PhishMe, it’s easy to customize more complex phishing scenarios. Over time, we’ve made the exercises more advanced, personalizing emails by name and company logo, to reflect what’s happening in the real world.”\r\n<ul> <li>Fewer than 1 in 10 employees now click on simulated phishes</li> <li>Up to 9 in 10 employees in some critical departments correctly report simulated phishes</li> <li>Just 20 percent of reported emails are personally triaged by incident responders – thanks to automation</li> </ul>\r\n<b>Conclusion.</b> With susceptibility rates in the single digits and reporting rates steadily rising, the head of cybersecurity reports that “employees have become an important line of cyber defense.” And thanks to the automation and analytics of Cofense Triage, “we’re not drowning in information anymore and can act on threats right away.”","alias":"cofense-phishme-dlja-globalnyi-lidera-cpg","roi":0,"seo":{"title":"Cofense PhishMe for Global CPG Leader","keywords":"","description":"<b>Background and Challenges.</b> In 2015, this consumer product goods (CPG) leader had no formal anti-phishing program. Knowing the threat was growing and its security team needed help, the business began using Cofense PhishMe® to measure employee’s susceptib","og:title":"Cofense PhishMe for Global CPG Leader","og:description":"<b>Background and Challenges.</b> In 2015, this consumer product goods (CPG) leader had no formal anti-phishing program. Knowing the threat was growing and its security team needed help, the business began using Cofense PhishMe® to measure employee’s susceptib"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""},"vendors":[{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""}],"products":[{"id":5904,"logo":false,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"alias":"cofense-phishme","companyTypes":[],"description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":5,"title":"Enhance Staff Productivity"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":346,"title":"Shortage of inhouse IT resources"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"","title":"Supplier's web site"}},"comments":[],"referencesCount":0},{"id":1180,"title":"Cofense PhishMe for global manufacturer","description":"I’ve managed our company’s security awareness program for three years now. We launched it after a handful of successful spear phishing attacks, realizing that we needed to do a better job of educating users. We wanted a solution to help them spot suspicious emails, one with strong metrics to help track progress. That’s why started using Cofense PhishMe and Reporter.\r\n<b>We now send monthly simulations to 60,000 users. Our reporting rate is often around 30 percent.</b>\r\nWe use PhishMe to run monthly simulations with our global users, all 60,000 of them. The first year of the program our click rate was up around 25 percent. Now we’re under 10 percent, so it’s definitely making a difference. In fact, we used to say that a click rate of 10 percent was good, but now we shoot for eight percent. I get a lot of positive feedback from people in different departments. They’re interested in the metrics: how is my team doing compared to other teams? For example, our legal department used to be dead last, but after working with me to educate their team their performance has really improved. The companywide results have been mostly good. In April of 2019 we did a Package Delivery scenario, which got a click rate of only 6 percent and reporting rate of 29.6. In July, we ran a Quarantine Email phish where 7.21 percent failed, with reporting just under 23 percent. I do a quarterly newsletter where I stress the importance of reporting suspected phish. We call it out prominently: ‘When in doubt, report!’ We want people to know that if they don’t report, the SOC won’t know about a possible phishing threat.\r\n<b>There are only so many ways to tell people what to look for in emails. The best way help them is through reiteration.</b>\r\nOur SOC tells us that user reporting definitely gives them better visibility to threats. The SOC now has Cofense Triage to sort through reported emails faster, filtering out the harmless ones—like my employee awareness newsletter!—from real phishing threats. They love it. They get thousands of email reports every single day, so Triage saves them a ton of time. The team no longer has to guess about the true nature of an email.\r\n<b>The SOC has blocked a lot of emails that users reported and Triage verified.</b>\r\nOur incident responders see all types of phishing emails, especially credential phish. Recently, there’s been a huge increase in sextortion emails, where the sender uses information from accounts that were compromised in breaches like the LinkedIn hack, to scare the recipient into making a payment. The SOC has also been seeing a rise in file-sharing malware as well, with emails containing links to box.com, SharePoint, We Transfer, and the like. Talking to the SOC is an important part of our awareness. I’m working on creating a process to get this information as a matter of course, so if something is a big concern we can work it into our simulations.","alias":"cofense-phishme-dlja-globalnogo-proizvoditelja","roi":0,"seo":{"title":"Cofense PhishMe for global manufacturer","keywords":"","description":"I’ve managed our company’s security awareness program for three years now. We launched it after a handful of successful spear phishing attacks, realizing that we needed to do a better job of educating users. We wanted a solution to help them spot suspicious em","og:title":"Cofense PhishMe for global manufacturer","og:description":"I’ve managed our company’s security awareness program for three years now. We launched it after a handful of successful spear phishing attacks, realizing that we needed to do a better job of educating users. We wanted a solution to help them spot suspicious em"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""},"vendors":[{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""}],"products":[{"id":5904,"logo":false,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"alias":"cofense-phishme","companyTypes":[],"description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":5,"title":"Enhance Staff Productivity"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":346,"title":"Shortage of inhouse IT resources"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"","title":"Supplier's web site"}},"comments":[],"referencesCount":0},{"id":1158,"title":"Cofense PhishMe for Healthcare Data and Technology Company","description":"<b>Background.</b> This company’s VP of Information Security inherited a strong anti-phishing program. The organization had been a Cofense client for about a year. It used Cofense PhishMeTM and Cofense ReporterTM to condition users to recognize and report suspicious emails, then added Cofense TriageTM and Cofense IntelligenceTM to shore up incident response.\r\n<b>Challenges.</b> When the VP came onboard, his challenge was to take phishing defense to the next level. How could the organization make its anti-phishing more complete? How could his team refine their strategies to stay ahead of evolving threats? The answers came in a number of innovations they rolled out.\r\n<b>Solutions.</b> Using Cofense PhishMe to run phishing simulations, the company mixed in harder scenarios to keep employees alert. The toughest one was an email titled “Time-Off Requests,” which told recipients they had gone over their limit for personal time. It asked employees to click a link to take care of the matter. Thirty-seven percent of recipients took the bait. When employees received a similar email a year later, the susceptibility rate dropped to 22%—still high, but a noticeable improvement. “We have the kind of culture that likes to push the envelope,” said the VP. “We want to make sure our anti-phishing tactics are challenging and relevant. So, we keep our eyes peeled for new and emerging threats.” His team sent another irresistible email during the 2016 presidential election. With emotions running high as Hillary Clinton and Donald Trump battled, the email, purportedly from HR, reminded employees of the company’s policies on political activities at work, asking them to click a link to show they understood and agreed. “It was a good reminder not to be complacent,” the VP said. “A lot of people bit on that one.” Other top- performing scenarios: “Package Delivery” and tax-related emails in the run-up to April 15. A best practice the VP recommends is to keep HR and other departments in the loop. “You can’t send a phish supposedly from HR without working it out with them beforehand,” he said. “They need to prepare for more calls and emails when certain simulations go out. Once they’re in your corner, everything goes more smoothly.” To keep email reporting rates high, the VP launched a Phishing Bounty Program. It gives rewards to employees who use Cofense Reporter to report a verified malicious email. “We’re really proud of this program,” said the VP. “Employees participate enthusiastically and the rewards are way cheaper than a breach or ransomware incident. Plus, we notify managers to give credit to vigilant people.”\r\n<b>Results.</b> By steadily innovating, the VP of Information Security is expanding and refining his company’s phishing defense. To bolster phishing awareness, his team will keep adding harder-to-identify phishing scenarios. To maintain high reporting rates, the Phishing Bounty Program will keep humming along. And the team has recently complemented Cofense Triage with capabilities to automate the retraction of malicious emails. Attackers looking to make a quick buck—who think healthcare security is softer than in, say, financial services—will always target the company. It’s one reason why an aggressive phishing defense is a must. Another reason: in healthcare, ransomware can be a matter of life or death. “We supply data to healthcare practitioners on, for example, medication or other supplies,” said the VP. “If a ransomware attack succeeded, we’d be in a difficult spot. By enlisting the entire organization in awareness and response, we can reduce this risk—and a host of other vulnerabilities, too.”","alias":"cofense-phishme-dlja-medicinskoi-informacionnoi-i-tekhnologicheskoi-kompanii","roi":0,"seo":{"title":"Cofense PhishMe for Healthcare Data and Technology Company","keywords":"","description":"<b>Background.</b> This company’s VP of Information Security inherited a strong anti-phishing program. The organization had been a Cofense client for about a year. It used Cofense PhishMeTM and Cofense ReporterTM to condition users to recognize and report susp","og:title":"Cofense PhishMe for Healthcare Data and Technology Company","og:description":"<b>Background.</b> This company’s VP of Information Security inherited a strong anti-phishing program. The organization had been a Cofense client for about a year. It used Cofense PhishMeTM and Cofense ReporterTM to condition users to recognize and report susp"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""},"vendors":[{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""}],"products":[{"id":5904,"logo":false,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"alias":"cofense-phishme","companyTypes":[],"description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":5,"title":"Enhance Staff Productivity"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":346,"title":"Shortage of inhouse IT resources"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"","title":"Supplier's web site"}},"comments":[],"referencesCount":0},{"id":1156,"title":"Cofense PhishMe for Large U.S. Health Plan Administrator","description":"<b>Background.</b> The company is the largest third-party administrator of employee health plans and benefits in its four-state region. In business for more than 20 years, the company employs about 130 people and administers plans for nearly 75,000 members.\r\n<b>Challenges.</b> As an employee benefits administrator, the company handles its members’ most sensitive data – personal health information (PHI) and employment benefits. Any phishing attack that compromises members’ private data could seriously hurt the business. “In our world, phishing and educating our users about phishing is the No. 1 priority. That means we need to get people more involved and give them more tools to help them understand and recognize a phishing email,” says the company’s manager of IT and infrastructure.\r\n<b>Solutions.</b> When the company ran its first simulation, more than one-third of its users failed the test, he recalls. Of 127 users tested, 46 clicked the simulated phish. “So, we knew we had a problem that needed to be addressed immediately.” The IT department followed up the simulation by disseminating instructional materials biweekly to users. “In the next six weeks, we went through the education process of shooting out education emails and having discussions internally with departments and departments heads,” he says. When the second simulation was conducted, the number of users who clicked the simulated phish dropped to 21, less than half the original number. Since then, the company has run simulations monthly, picking a different scenario each time. “With each scenario that we push out, we drop a couple more people off that list. However, I’m still seeing an issue with repeat offenders,” he says. To address the issue, the IT department has been sending extra educational materials to the repeat offenders and then testing them with a rerun of the simulations they fail. The process is working, he says. The overall number of users clicking simulated phishes is down to less than 10%, and he is working to shrink that to 1%. “We just continue to see the needle go the other direction, which is very good,” he says. Another positive result, he says, is an increase in users notifying the IT department of phishing emails. “We are feeling more confident in our users as a line of defense for keeping our company secure and safe.”\r\n<b>Results.</b> The company found that implementing Cofense PhishMe SBE was straightforward. The company had already loaded the solution for a trial, and the IT staff knew what to expect when it came time for the permanent installation. The biggest change was to organize the Cofense PhishMe SBE dashboard by department to help identify which groups of employees have the highest susceptibility rates and, as a result, require additional education.\r\n<b>Conclusion.</b> Company management has fully embraced the anti-phishing program. “The execs were on board from the beginning,” he says. He keeps them up to date on simulation results, sharing with them monthly reports that break down susceptibility rates by group. “I sit down with the executives and walk through what trends we’re starting to see, both negative and positive.” Preparing the reports is easy, requiring only a few clicks to compile the necessary information and then formatting it as a PDF. Based on his experience with Cofense PhishMe SBE thus far, the IT manager says he would gladly recommend it to peers. The educational and behavioral-conditioning components are especially valuable. “It’s so user friendly and makes life easier. Having the education piece that Cofense provides is fantastic, and that would be my biggest talking point if I were recommending Cofense to another company.”","alias":"cofense-phishme-dlja-krupnogo-amerikanskogo-administratora-medicinskogo-strakhovanija","roi":0,"seo":{"title":"Cofense PhishMe for Large U.S. Health Plan Administrator","keywords":"","description":"<b>Background.</b> The company is the largest third-party administrator of employee health plans and benefits in its four-state region. In business for more than 20 years, the company employs about 130 people and administers plans for nearly 75,000 members.\r\n<","og:title":"Cofense PhishMe for Large U.S. Health Plan Administrator","og:description":"<b>Background.</b> The company is the largest third-party administrator of employee health plans and benefits in its four-state region. In business for more than 20 years, the company employs about 130 people and administers plans for nearly 75,000 members.\r\n<"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""},"vendors":[{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""}],"products":[{"id":5904,"logo":false,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"alias":"cofense-phishme","companyTypes":[],"description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":5,"title":"Enhance Staff Productivity"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":346,"title":"Shortage of inhouse IT resources"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"","title":"Supplier's web site"}},"comments":[],"referencesCount":0},{"id":1170,"title":"Cofense PhishMe for the bank","description":"<b>Background.</b> United Community Bank (UCB) is a $10.4 billion regional banking institution with 140-plus branches across Tennessee, Georgia, South Carolina and North Carolina. The company employs nearly 2,000 people who use email throughout the business day. Management wanted to ensure all employees use email safely and have the ability to recognize a phishing attempt when one crosses their inboxes. Phishing defenses are especially critical to banks since they are a favorite cybercrime target.\r\n<b>Challenges.</b> UCB chief executives have seen their fair share of phishing attempts in their inboxes, according to UCB Chief Information Security Officer Jim Stewart. But while an executive may have a stronger nose for sniffing out phishing emails, management worried the majority of employees may be less attuned to the threat.\r\n“We decided we needed to condition our employees against phishing,” Stewart says. Doing so wasn’t without challenges because “there’s a fine line between security and service.” If you lean too far in one direction and block everything that looks suspicious, it could be at the expense of responding to customers. Since world-class customer service is what distinguishes UCB from larger competitors, the company needed the right vendor to provide a scalable phishing solution while saving UCB time and effort.\r\n<b>Results.</b> The first simulation targeted the bank’s 14-member technology steering committee. Ramp-up time was limited because the committee was scheduled to meet two weeks after deployment, but thanks to the ease of installation, UCB completed the test successfully. “With a lot of other security solutions, we just wouldn’t have tried to run a proof of concept in that short time frame,” noted Stewart. “It’s usually impossible. But with Cofense it was just easy.”\r\nAs simulations continued, department heads became invested in the program, even treating it as a competition. Our chief legal counsel, whose staff had scored particularly high, Hucko says, “sat everybody down, put them through extra training and really emphasized the importance of understanding the effects of a potential phishing attack on the company. Ever since that meeting, his group has had the lowest susceptibility in the company.”\r\nStewart credits the Cofense team with making the implementation straightforward. Whenever he’s had a question or request, the team has responded promptly and effectively. For instance, the team obliged his request to parse users by job title and location. Per Stewart, Cofense has provided solid guidance and support, “all the way from sales and demos to contract implementation to post implementation support. Time is of the essence in everything we implement so when something’s that easy, you start out of the gate with a very positive feeling about it.”\r\n<b>Conclusion.</b> Stewart initially had some misgivings about an anti-phishing campaign. “It feels a little bit devious, like you’re trying to trick your employees.” Then he realized while he was thinking about the situation “with a conscience,” attackers have no such moral quandaries. A company of 2,000 employees is a company with 2,000 potential vulnerabilities. Using a little deviousness to determine phishing susceptibility and which employees are the most likely to click suspicious emails is a small price to pay to prevent a phishing attack. Cofense, Stewart says, has helped turned those 2,000 vulnerabilities into 2,000 defenders.","alias":"cofense-phishme-dlja-banka","roi":0,"seo":{"title":"Cofense PhishMe for the bank","keywords":"","description":"<b>Background.</b> United Community Bank (UCB) is a $10.4 billion regional banking institution with 140-plus branches across Tennessee, Georgia, South Carolina and North Carolina. The company employs nearly 2,000 people who use email throughout the business da","og:title":"Cofense PhishMe for the bank","og:description":"<b>Background.</b> United Community Bank (UCB) is a $10.4 billion regional banking institution with 140-plus branches across Tennessee, Georgia, South Carolina and North Carolina. The company employs nearly 2,000 people who use email throughout the business da"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""},"vendors":[{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""}],"products":[{"id":5904,"logo":false,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"alias":"cofense-phishme","companyTypes":[],"description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":5,"title":"Enhance Staff Productivity"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":346,"title":"Shortage of inhouse IT resources"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"","title":"Supplier's web site"}},"comments":[],"referencesCount":0},{"id":1109,"title":"Cofense PhishMe for university","description":"In 2012, a phishing email triggered one of the largest cyber-attacks ever, aimed at a large Middle Eastern oil and gas company. In the wake of the attack, organizations worldwide redoubled security investments. One such organization was a top university whose students, faculty, and administrators hail from around the world.\r\nThe school’s Head of Information Security made antiphishing a top priority. He partnered with Cofense to train his users to recognize and report suspicious emails.\r\n<span style=\"font-weight: bold;\">Challenges</span>\r\n<span style=\"font-style: italic;\">“My mandate was to do everything necessary to protect the university community,”</span> said the Head of Information Security. <span style=\"font-style: italic;\">“We invested in technological solutions, but with thirty years of IT experience, I know that you need to invest in people, not just processes and technology. You need to make them human firewalls.”</span>\r\n<span style=\"font-style: italic;\">“Look at it this way,”</span> he added. <span style=\"font-style: italic;\">“You can put five locks on your door, but if you leave the keys under the doormat, the locks don’t do much good. Fortifying the human firewall is my utmost priority. The human element is the most important part of your defense.”</span>\r\n<span style=\"font-weight: bold;\">Cofense PhishMe and Cofense Reporter</span>\r\nThe Head of Information Security adopted a “use it well or lose it” approach to email and Internet access. <span style=\"font-style: italic;\">“My position is that access to online services is a privilege, like having a driver’s license,”</span> he said.\r\n<span style=\"font-style: italic;\">“You go to the DMV to get your license and the police monitors and enforces good behavior. If your behavior is lacking, you get negative points, or possibly even lose your license for a time. I decided that the best way to encourage good user behavior was through a similar points-based system.”</span>\r\nHe started using Cofense PhishMeTM to send simulated phishing emails to university users. He also introduced the Cofense ReporterTM button, a one-click way for users to report suspicious emails to the incident response team.\r\nThose who show good behavior, who recognize and report phishing, gain positive points and are eligible for gifts. Those who exhibit poor behavior accrue negative points. Too many of these could result in temporary loss of Internet access. To avoid that, users can take advantage of phishing education training, then pass a quiz to regain good standing.\r\n<span style=\"font-style: italic;\">“When we launched our anti-phishing program, our susceptibility rate was hovering around 55 percent,”</span> said the Head of Information Security. <span style=\"font-style: italic;\">“Now it’s 11 percent. And the reporting rate has gone from a pretty low number to 50 percent. We’ve made very good progress. The Cofense solutions work beautifully.”</span>\r\nHe occasionally sends trickier simulations to keep users on their toes. <span style=\"font-style: italic;\">“One recent scenario netted a 20 percent susceptibility rate, but the reporting rate was still at 50 percent. That’s our #1 KPI: keeping reporting well above susceptibility.”</span>\r\nHe noted, <span style=\"font-style: italic;\">“You need to remember certain factors to get an apples-to-apples comparison. That’s why when we benchmark our test results, we use what we call a ‘difficulty criteria model,’ which factors in the complexity of our various scenarios.”</span>\r\n<span style=\"font-weight: bold;\">Looking Ahead</span>\r\nSince the university launched its anti-phishing program, phishing attacks worldwide have grown. Researchers at the Anti-Phishing Work Group report the volume of attacks rose in 2017, targeting more organizations than ever. Nation-states continue to use phishing to pursue their goals.\r\nTo keep its phishing defenses strong, the university is continuing its simulation training, as well as the points-based system for promoting phishing awareness. The school has also recently purchased Cofense TriageTM, a platform that automates email analysis for faster threat response.\r\n<span style=\"font-style: italic;\">“Our team protects students and anyone else using the university’s systems,”</span> he said. <span style=\"font-style: italic;\">“We have users whose technical savvy and online habits vary a lot. It’s important to get everyone involved in cybersecurity, especially phishing defense. We have a lot at stake.”</span>","alias":"cofense-phishme-for-university","roi":0,"seo":{"title":"Cofense PhishMe for university","keywords":"","description":"In 2012, a phishing email triggered one of the largest cyber-attacks ever, aimed at a large Middle Eastern oil and gas company. In the wake of the attack, organizations worldwide redoubled security investments. One such organization was a top university whose ","og:title":"Cofense PhishMe for university","og:description":"In 2012, a phishing email triggered one of the largest cyber-attacks ever, aimed at a large Middle Eastern oil and gas company. In the wake of the attack, organizations worldwide redoubled security investments. One such organization was a top university whose "},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""},"vendors":[{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""}],"products":[{"id":5904,"logo":false,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"alias":"cofense-phishme","companyTypes":[],"description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[{"id":220,"title":"United States","name":"USA"}],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":6,"title":"Ensure Security and Business Continuity"},{"id":306,"title":"Manage Risks"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":177,"title":"Decentralized IT systems"},{"id":281,"title":"No IT security guidelines"},{"id":336,"title":"Risk or Leaks of confidential information"},{"id":346,"title":"Shortage of inhouse IT resources"},{"id":382,"title":"High costs of IT personnel"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"-1","projectWasPut":"","price":0,"source":{"url":"","title":"Web-site of vendor"}},"comments":[],"referencesCount":0},{"id":1166,"title":"Cofense PhisMe for cyber security services organisation","description":"<b>Background.</b> As a cyber security specialist and managed security solutions provider (MSSP), eSecure helps businesses of all sizes protect against cyberattacks. The company, which has offices in Australia and the UK, partners with Cofense to deliver phishing defense solutions. According to eSecure CEO CIinton Smith, the company decided on Cofense because, “The Cofense approach is a very practical and real way of educating a broad audience about cybersecurity threats. It enables us to demonstrate that we’re invested in understanding and strengthening our customers’ security by offering the very best-of-breed technology.”\r\n<b>Solutions and Results.</b> Cofense PhishMeTM, which simulates attacks to educate users, has been “stellar” in raising phishing awareness. “To succeed, we have to help our customers change their culture,” said Smith. “While most organizations are aware of phishing, levels of awareness vary amongst their own people. The security teams are naturally clued in, but individual users often expect that their employers are going to protect their mailboxes.” Smith noted that customers are seeing more phishing attacks on cloud services. “As organizations move their business operations to the cloud, those cloud-based applications like O365 and SharePoint become a natural target for exploitation,” he said. “Cofense helps our customers identify and respond to these attacks, and to other types of attacks, much faster. That’s a great benefit, since some of the attacks you see in the news have been quite devastating.” <b>“Budget pressures point to an outsourced solution. The economies of scale simply make sense. Plus, small and medium-sized businesses realize it’s smart to distribute their cybersecurity, instead of relying on one staffer to manage everything. When that person goes on annual leave, the gap becomes too risky.”</b> He added that customers are increasingly comfortable with a hybrid approach. “Often, customers manage certain security functions themselves and outsource other functions, for example, phishing defense,” he said.\r\n<b>In Summary.</b> The reaction to Cofense solutions: “Customers love them,” said Smith. “Again, the Cofense approach to phishing defense is quite practical and achieves real results. Let’s put it this way: customers know it’s better to have a good guy doing a security test, if you will, than a bad guy. “Having had long heart-to-heart discussions with CEOs about security incidents, I think it’s usually not a case of a single event exposing their vulnerability. It’s normally a series of events that show a lack of understanding about the threat and relative investment required for effective phishing defense. Once they understand how large the problem is, they realize they can’t afford to build an adequate solution. “That’s where eSecure and Cofense come in. We make it possible for businesses of every size to see and stop phishing.”","alias":"cofense-phisme-dlja-organizacii-po-uslugam-kiberbezopasnosti","roi":0,"seo":{"title":"Cofense PhisMe for cyber security services organisation","keywords":"","description":"<b>Background.</b> As a cyber security specialist and managed security solutions provider (MSSP), eSecure helps businesses of all sizes protect against cyberattacks. The company, which has offices in Australia and the UK, partners with Cofense to deliver phish","og:title":"Cofense PhisMe for cyber security services organisation","og:description":"<b>Background.</b> As a cyber security specialist and managed security solutions provider (MSSP), eSecure helps businesses of all sizes protect against cyberattacks. The company, which has offices in Australia and the UK, partners with Cofense to deliver phish"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""},"vendors":[{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""}],"products":[{"id":5904,"logo":false,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"alias":"cofense-phishme","companyTypes":[],"description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":5,"title":"Enhance Staff Productivity"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":346,"title":"Shortage of inhouse IT resources"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"","title":"Supplier's web site"}},"comments":[],"referencesCount":0},{"id":1150,"title":"Cofense PhisMe for defense and aerospace company","description":"<b>Background.</b> A large multinational company was the target of relentless phishing attacks intended to steal intellectual property. With growing alarm, the company kept throwing more people, technology and money at the problem to little effect, until it concluded the answer lay in raising user awareness. For most multinational companies, the issue of “phishing” is an everyday occurrence. For our case study, the company concerned was investing significantly in technology to help defend itself; however, company managers concluded that without engaging end-users as the first line of defense they were undermining this investment.\r\n<b>Challenges.</b> With 8,000 users dispersed through five continents and many other international locations, getting everyone on the same page to fight phishing seemed a huge challenge. In addition to the development of a global IT Security Awareness program, a method of assessing user susceptibility to phishing email was required.\r\n<b>Solutions.</b> As it happened, the company’s North America division was preparing to test an enterprise phishing defense solution, Cofense PhishMe®, so the global security awareness team watched for the results. Pleased with the outcome, the security team knew it had found its phishing defense solution. “We looked at the success in North America and decided to deploy Cofense PhishMe for the rest of the user population,” recalls the client’s security awareness leader. In the most recent test, the company’s susceptibility measured at just under 2%, a stunning drop from 21% before deploying Cofense PhishMe, including less than 1% for employees who took the simulation bait more than once.\r\n<b>Business Results</b>\r\n<b><i>Rehabilitating Chronic Offenders</i></b>\r\nThe approach is working. The company’s overall susceptibility score of 2% is remarkable considering the number of users. During the last year the average score dropped to 5% from 21%. “Our feeling is that if we are below 10%, we are doing well and certainly below average for susceptibility. Nevertheless, we recognize 2% of 8,000 is still a significant amount of people, so we can’t rest on our laurels too much.”\r\n<b><i>Choice of Bait</i></b>\r\nCofense PhishMe comes with prepackaged phishing scenarios, but customization is available. This client used a package delivery scenario in its first test because receiving a package is relatable to any user regardless of location or cultural customs. “So it’s quite a seductive piece of bait,” says the awareness leader. The company is mindful of cultural, religious and social considerations when choosing bait. The global security awareness team reviews the available scenarios then recommends which to use next. “I very much want my international leads to have the lead on “bait” selection. Rather than the corporate head office telling them what we are going to do, I ask them to suggest what we are going to do.”\r\n<b><i>Improved Reporting</i></b>\r\nGetting users to report suspicious emails is never easy, and this client’s experience was no different. “We had a process for them to follow. They had to follow a published process to ensure technical information within the email was preserved so that it could be examined by our experts. The manual nature of the process discouraged people. “It’s easier to just hit delete because they may figure we’re a big organization and someone else has reported it already, or, quite frankly, they just couldn’t be bothered,” says the team leader. Cofense Reporter changed all that by giving users a one- click process to report suspicious emails. “So it’s just as easy as clicking a delete button.” In response, users get a congratulatory message when they spot a phishing test email. If a reported email isn’t a phishing test, they receive a thank you for helping to keep the company safe. “One of the key benefits of this approach is when running a test, reported emails are not sent to the experts – reducing their workload.”\r\n<b>Conclusion.</b> The client couldn’t be more pleased with Cofense. The technology has delivered as promised, and when the company has needed help with troubleshooting or usability questions, Cofense’s tech support has proven responsive and helpful. “We’ve always found their response to be very good in terms of speed and quality.”","alias":"cofense-phisme-dlja-oboronno-aehrokosmicheskoi-kompanii","roi":0,"seo":{"title":"Cofense PhisMe for defense and aerospace company","keywords":"","description":"<b>Background.</b> A large multinational company was the target of relentless phishing attacks intended to steal intellectual property. With growing alarm, the company kept throwing more people, technology and money at the problem to little effect, until it co","og:title":"Cofense PhisMe for defense and aerospace company","og:description":"<b>Background.</b> A large multinational company was the target of relentless phishing attacks intended to steal intellectual property. With growing alarm, the company kept throwing more people, technology and money at the problem to little effect, until it co"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""},"vendors":[{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""}],"products":[{"id":5904,"logo":false,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"alias":"cofense-phishme","companyTypes":[],"description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":5,"title":"Enhance Staff Productivity"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":346,"title":"Shortage of inhouse IT resources"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"","title":"Supplier's web site"}},"comments":[],"referencesCount":0},{"id":1174,"title":"Cofense PhisMe for financial services","description":"The financial industry is constantly targeted by phishing attacks, so our company uses Cofense PhishMe to educate employees. We send monthly simulations because, in our experience, more frequent training helps to raise overall awareness. If you get in the habit of recognizing phishing emails, though you might not see a serious security threat very often, you’ll feel comfortable reporting one if it lands in your inbox. In general, we think that folks who are most at risk should be targeted more often, for example a finance organization that corresponds with outside vendors, versus a group of analysts who never interact externally due to regulations. We’ve found that targeted training is a better predictor than general simulations. These phishing scenarios might be more difficult, but making them tough isn’t the point—the point is to send simulations based on real attacks we’ve seen. It’s important that users understand this isn’t a game of “Gotcha!” We’re trying to help people, not fool them.\r\n<p class=\"align-center\"><b>We’ve been able to show the connection between phishing simulations and real threats that users report.</b></p>\r\nOur Cofense support analyst has helped us create reports that show the overlap between simulations and verified threats. We want to know how someone performs on a simulation versus a real phish. The idea is to identify groups that get attacked a lot and the ones reporting the most real phish. We want to see how that interplay works. We’ve used the data to educate people who fall susceptible to certain attacks. We’ve found that most of those users aren’t susceptible in later simulations. They’re paying more attention and reporting at much higher rates. For example, we’ve been able to run targeted custom campaigns using domains and executive spoofing, based on real attacks we’ve seen in our environment.\r\n<p class=\"align-center\"><b>We’ve found that running targeted campaigns resulted in more than 25 percent higher reporting rates, compared to the average user over the next three months.</b></p>\r\nIt’s really exciting to track data and show how it relates to performance, plus how it can shape the next round of simulations. We let repeat clickers practice as much as they need. If an employee clicks on a simulation, rather than just relying on a pop-up page to teach them, we send another phish. If the user clicks again, that’s the learning moment. That person will ask, “What signs did I miss?” They’ll be more aware. To identify real threats, we use the managed version of Cofense Triage. Cofense analysts look at everything that’s reported, pull out any IOCs, and send them back to our SOC. It eliminates a layer of analysis and enables the SOC to scope the campaign immediately. Who else in the organization got the phishing email? Then the SOC can pull those emails from inboxes, so users can’t click on them, and block the sender’s IP address, at least temporarily.\r\n<p class=\"align-center\"><b>One recent phishing email said, “I’m in a meeting and can’t be contacted. Can you help me out?”’....Luckily, some recipients reported it.</b></p>\r\nThat email, a real phish, involved a typo squatted domain, which looked like our domain with one letter changed. The email purportedly came from a senior executive, using a signature block that looked very close to ours. A bunch of users throughout the organization received the phishing campaign and, while some started responding to it, others began reporting. We were able to stop the campaign before any real damaged was done. That was a huge win for us. It was a very sophisticated campaign, so it shows that our training is working. Of course, you’ll never get to zero clicks, so there’s always work to be done.","alias":"cofense-phisme-for-financial-services","roi":0,"seo":{"title":"Cofense PhisMe for financial services","keywords":"","description":"The financial industry is constantly targeted by phishing attacks, so our company uses Cofense PhishMe to educate employees. We send monthly simulations because, in our experience, more frequent training helps to raise overall awareness. If you get in the habi","og:title":"Cofense PhisMe for financial services","og:description":"The financial industry is constantly targeted by phishing attacks, so our company uses Cofense PhishMe to educate employees. We send monthly simulations because, in our experience, more frequent training helps to raise overall awareness. If you get in the habi"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""},"vendors":[{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""}],"products":[{"id":5904,"logo":false,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"alias":"cofense-phishme","companyTypes":[],"description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":5,"title":"Enhance Staff Productivity"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":346,"title":"Shortage of inhouse IT resources"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"","title":"Supplier's web site"}},"comments":[],"referencesCount":0},{"id":1168,"title":"Cofense PhisMe for multinational imaging and optical manufacturer","description":"<b>Background.</b> Phishing attacks continue to spike year after year. Recognizing their employees were vulnerable to phishing attacks, a multinational manufacturer of imaging and optical products with more than 18,000 employees in the EMEA region concluded it was only a matter of time before a phishing attack would cause serious damage.\r\n<b>Security Challenges.</b> Phishing is successful because it baits users to open tainted emails that often bypass stringent technology layers to reach the user’s inbox. Employees can be too busy, distracted or trusting to give much thought to possible risks. “There’s always a way to penetrate the organization, or use an employee to get access because, for employees, security is not normally their area of expertise,” says the Information Security Manager at the global manufacturer. “If they see an email, they may not be able to recognize it as legitimate or malicious.” The company decided to strengthen its phishing defenses since most of its efforts to raise awareness about phishing through video and classroom presentations so far had proven unsatisfactory, the company turned to Cofense to help strengthen their anti-phishing programs. “The whole concept of phishing as a service just struck us as genius.”\r\n<b>Conclusion.</b> The client’s ability to catch phishing emails has vastly improved since implementing Cofense PhishMe and Cofense Reporter. According to the client, Cofense’s technical support has remained accessible and responsive throughout the adoption process. “They give results in a couple of hours and they’re very nice people – all of them.” The client notes that compared with other vendors getting support from Cofense is definitely easier. Based on that success, and the technology’s tangible results. The Information Security Manager says he’d have no qualms about recommending Cofense to his peers. When anyone asks him how to deal with phishing, his answer is simple: “Buy Cofense.”","alias":"cofense-phisme-dlja-mnogonacionalnogo-proizvoditelja-izobrazhenii-i-optiki","roi":0,"seo":{"title":"Cofense PhisMe for multinational imaging and optical manufacturer","keywords":"","description":"<b>Background.</b> Phishing attacks continue to spike year after year. Recognizing their employees were vulnerable to phishing attacks, a multinational manufacturer of imaging and optical products with more than 18,000 employees in the EMEA region concluded it","og:title":"Cofense PhisMe for multinational imaging and optical manufacturer","og:description":"<b>Background.</b> Phishing attacks continue to spike year after year. Recognizing their employees were vulnerable to phishing attacks, a multinational manufacturer of imaging and optical products with more than 18,000 employees in the EMEA region concluded it"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""},"vendors":[{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""}],"products":[{"id":5904,"logo":false,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"alias":"cofense-phishme","companyTypes":[],"description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":5,"title":"Enhance Staff Productivity"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":346,"title":"Shortage of inhouse IT resources"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"","title":"Supplier's web site"}},"comments":[],"referencesCount":0}],"vendorImplementations":[{"id":1111,"title":"Cofense PhishMe for ADT Security Services","description":"<span style=\"font-weight: bold; \">Background</span>\r\nAs one of the biggest home protection brands in North America, ADT Security Services is synonymous with security. When it came to building their enterprise-wide phishing defense program, the company knew it needed to partner with a proven leader with the ability to scale to meet ADT’s evolving security needs.\r\nCofense quickly became the clear choice as ADT’s partner in phishing defense. Jerry Magginnis, an ADT security architect, was familiar with Cofense’s phishing simulation and behavior conditioning technology, having worked with the vendor at a previous job. There, he had seen Cofense PhishMe® significantly decrease phishing attacks. <span style=\"font-style: italic; \">“When I joined ADT, I shared my previous experience and success with Cofense with my new management team,”</span> he recalls.\r\n\r\n<span style=\"font-weight: bold; \">Challenges</span>\r\nAs a large organization with more than 20,000 employees across North America, Magginnis says ADT needed an industrial-strength solution to help prevent phishing attacks.\r\n<span style=\"font-weight: bold; \">Cofense PhishMe is an easy-to-use and effective SaaS solution that instructs users on the dangers of phishing by periodically testing them with simulated phishes and supplying immersive training content for users during the simulation.</span> When users receive a simulated phish, they must decide whether the email is legitimate or report it as a suspected phish. This teaches them to recognize the telltale signs of phishing emails, and soon they become adept at identifying and reporting phishes.\r\nHaving worked with Cofense before, Magginnis was familiar with the content quality and scalability that Cofense provides, so he didn’t hesitate to recommend it when the subject was raised. Still, ADT had to issue an RFP as per company policy. Tom Dennison, Chief Information Security Officer at ADT was involved in the early RFP stages, but soon identified that Cofense stood out from the competition. <span style=\"font-style: italic; \">“It simply came down to who is the most advanced in the industry and who is the most effective,”</span> notes Dennison. <span style=\"font-style: italic; \">“We felt that Cofense is the clear leader in this space.”</span>\r\n\r\n<span style=\"font-weight: bold; \">Solutions</span>\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Smooth Rollout</span></span>\r\nHaving made the decision to implement Cofense PhishMe, ADT developed a phased rollout plan that included an initial implementation limited to the 20 members of the IT security department. A rollout to the 200-employee IT staff followed. The next phase covered about 1,000 employees at company headquarters, after which Cofense PhishMe was implemented company-wise. Currently 21,000 employees are using it, and another 4,000 from a recent acquisition soon will be added.\r\nThis methodical approach allowed the security team to evaluate users’ responses and make adjustments as needed. <span style=\"font-style: italic; \">“You want to make sure that you have a successful launch, and that you’ve worked out all the details,”</span> Magginnis says.\r\nThus, the user adoption for Cofense across the organization has been quite positive. If the launch went awry, it would irritate users, who would question the program’s value, he says. <span style=\"font-style: italic; \">“You really want people to embrace it and feel they’re getting value as opposed to being bothered by it. We involved all the tech teams, and the legal and HR staff as well. They all felt all involved. And since we did that early, they all felt like they were partners in the process.”</span>\r\nThat’s why the security team started small – and used itself as guinea pigs. <span style=\"font-style: italic; \">“Along the way, we kind of worked out any potential issues and decided what the future content of the program was going to be,”</span> Magginnis says.\r\nThe first simulation brought relief and confirmation because the solution worked <span style=\"font-style: italic; \">“exactly like you think it’s going to work”</span> and proved to be <span style=\"font-style: italic; \">“as easy as it looks,”</span> Magginnis adds. <span style=\"font-style: italic; \">“That’s a huge feeling of success.”</span>\r\n<span style=\"font-weight: bold; \">Crafting Successful Scenarios</span>\r\nThat first simulation targeted the security team and consisted of a fake email pretending to be an installation of Microsoft Office 365, which the company was in the midst of rolling out. It was a custom scenario created by the security team – one they knew would work well. ADT has since used a combination of custom and Cofense pre-set scenarios in subsequent simulations. With each one, Magginnis says, susceptibility to phishing has decreased.\r\nIn addition to Cofense PhishMe, ADT has rolled out Cofense Reporter®, which organizes and normalizes user reports of phishing attempts to strengthen threat-detection capabilities. Reporter works by placing a button on emails that users can click whenever they suspect a phish. The email is then routed to the security team, which checks if it is a simulation, a legitimate email or a phish.\r\nBefore deploying Cofense Reporter, users had to create attachments of suspicious emails that they then would send to the security team. <span style=\"font-style: italic; \">“That’s quite a bit to ask of most users – and not always done correctly.”</span> The button makes the whole process easier, and users get an immediate response after clicking it. When users correctly report a simulated or real phish, they receive a “job well done” acknowledgment.\r\n\r\n<span style=\"font-weight: bold; \">Business Results</span>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Quick ROI</span></span>\r\nThe anti-phishing program has been well received, Magginnis says. <span style=\"font-style: italic;\">“From our CEO on down, everyone recognizes the value of this because even the executives themselves have been subject to phishing attacks.”</span>\r\nDennison and other technology management have been so pleased with the initial anti-phishing program that approvals have been granted to expand the program. ADT is exploring adding Cofense Triage, which automates prioritization, analysis and response to phishing threats. <span style=\"font-style: italic;\">“Improving our incident response efforts is a major priority for us,”</span> notes Dennison. <span style=\"font-style: italic;\">“Cofense Triage provides opportunities to clearly automate and prioritize threats that could positively impact incident response times.”</span> The company also has augmented its anti-phishing efforts by asking users to take advantage of Cofense’s complimentary computer-based training modules explaining the dangers of phishing.\r\nAs for a return on investment, the Cofense solutions already have proven their worth by reducing staff time allocated to responding to phishing threats. According to Magginnis, those staff hours have been cut in half. <span style=\"font-style: italic;\">“This isn’t conjectured. We’ve made the calculations based on the lost productivity due to time spent by the mail, proxy and SOC groups on phishing attack responses.”</span>\r\n\r\n<span style=\"font-weight: bold;\">Conclusion</span>\r\nMagginnis enjoyed a positive experience working with Cofense staff and engineers taking the anti-phishing program from deployment to maturity. <span style=\"font-style: italic;\">“Since the initial rollout, the Cofense support team has proven always helpful and accessible, making sure we’re crossing all the Ts and dotting the Is. The results speak for themselves.”</span>\r\nMagginnis has high praise for the Cofense team. <span style=\"font-style: italic;\">“There seems to be a special culture at Cofense. You find people that genuinely care and put the word ‘partner’ back into the relationship. We’ve really partnered with Cofense because they’re willing to do whatever it takes to help us create an anti-phishing culture at ADT.”</span>\r\nThanks to the combination of technology and people, Magginnis would be glad to recommend Cofense to any of his peers.","alias":"cofense-phishme-for-adt-security-services","roi":0,"seo":{"title":"Cofense PhishMe for ADT Security Services","keywords":"","description":"<span style=\"font-weight: bold; \">Background</span>\r\nAs one of the biggest home protection brands in North America, ADT Security Services is synonymous with security. When it came to building their enterprise-wide phishing defense program, the company knew it ","og:title":"Cofense PhishMe for ADT Security Services","og:description":"<span style=\"font-weight: bold; \">Background</span>\r\nAs one of the biggest home protection brands in North America, ADT Security Services is synonymous with security. When it came to building their enterprise-wide phishing defense program, the company knew it "},"deal_info":"","user":{"id":8755,"title":"ADT by Telus (User)","logoURL":"https://old.roi4cio.com/uploads/roi/company/adt_logo.png","alias":"adt-by-telus-user","address":"","roles":[],"description":" At ADT by TELUS, helping to protect our customers has been our sole mission for over 125 years. We are the #1 home security company in Canada because more families trust ADT to help protect what matters most. Each day we make the commitment to bring peace of mind to our 650,000+ residential and business customers thanks to our 24/7 professional monitoring and 4 interconnected stations.\r\nADT by TELUS is built on the passion of over 1,400 moms, dads, sisters, brothers, aunts, uncles and friends, serving our customers from among our 15 corporate offices located across the country.\r\nSource: https://www.linkedin.com/company/adtbytelus/about/","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":1,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.adt.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"ADT by Telus (User)","keywords":"","description":" At ADT by TELUS, helping to protect our customers has been our sole mission for over 125 years. We are the #1 home security company in Canada because more families trust ADT to help protect what matters most. Each day we make the commitment to bring peace of ","og:title":"ADT by Telus (User)","og:description":" At ADT by TELUS, helping to protect our customers has been our sole mission for over 125 years. We are the #1 home security company in Canada because more families trust ADT to help protect what matters most. Each day we make the commitment to bring peace of ","og:image":"https://old.roi4cio.com/uploads/roi/company/adt_logo.png"},"eventUrl":""},"supplier":{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""},"vendors":[{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""}],"products":[{"id":5904,"logo":false,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"alias":"cofense-phishme","companyTypes":[],"description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[{"id":36,"title":"Canada","name":"CAN"}],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":6,"title":"Ensure Security and Business Continuity"},{"id":306,"title":"Manage Risks"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":177,"title":"Decentralized IT systems"},{"id":281,"title":"No IT security guidelines"},{"id":336,"title":"Risk or Leaks of confidential information"},{"id":346,"title":"Shortage of inhouse IT resources"},{"id":382,"title":"High costs of IT personnel"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"-1","projectWasPut":"","price":0,"source":{"url":"","title":"Web-site of vendor"}},"comments":[],"referencesCount":0},{"id":1113,"title":"Cofense PhishMe for AES Corporation","description":"<span style=\"font-weight: bold;\">Summary</span>\r\nAES turned to Cofense to support their awareness testing of 19,000 employees and contractors across 17 countries in multiple languages. Using a combination of Cofense PhishMe® and Cofense Reporter®, AES has seen strong improvements in the recognition of suspicious emails, decreasing its workforce’s susceptibility while increasing the reporting of real phishing threats.\r\n<span style=\"font-weight: bold;\">Background</span>\r\nThe AES Corporation is a Fortune 200 multinational energy company that generates and distributes electricity across 17 countries and four continents using a broad portfolio of fuels and technologies, including market-leading battery-based energy storage. With revenues of $14 billion and $36 billion in assets, AES has a workforce of 19,000 employees and contractors.\r\n<span style=\"font-weight: bold;\">Challenges</span>\r\nWith locations, employees and cyber-defenses scattered throughout the world, AES needed effective and easily customized anti-phishing training support. This meant running phishing simulations to condition employees who speak many different languages — English, Spanish, Portuguese, Vietnamese and Bulgarian, to name a few—and who work in diverse environments with varying cybersecurity regulations.\r\n<span style=\"font-style: italic;\">“Cofense recently reported that 91% of cyberattacks start with a phishing email,”</span> says David Badanes, Director of Cybersecurity Strategy at AES. <span style=\"font-style: italic;\">“On the defensive side, we have to be right 100 percent of the time. Conditioning our people not to click malicious emails is critical to our primary value of safety.”</span>\r\n<span style=\"font-weight: bold;\">The Cofense PhishMe Difference</span>\r\nBefore deploying Cofense PhishMe in 2016, AES worked with a different anti-phishing solutions provider. <span style=\"font-style: italic;\">“The results were unremarkable,”</span> recalls Goodhart. <span style=\"font-style: italic;\">“But then we were introduced to Cofense, and the level of sophistication in their approach was apparent. It’s the difference between saying something and building a culture around something. Because of our partnership with Cofense, I now have employees who are much more skilled at identifying phishing emails.”</span>\r\n<span style=\"font-weight: bold;\">Multi-language Support</span>\r\nCurrently, 19,000 people in 17 countries are being trained to recognize and report phishing threats. With each simulation, AES personnel become more adept at spotting potential phishing indicators such as misspellings, unnecessary hyperlinks and attempts to play on people’s emotions.\r\n<span style=\"font-style: italic;\">“What’s especially impressive is that AES has gradually increased the complexity of simulated phishes, and the level of awareness among employees has continued to grow,”</span> notes Goodhart. <span style=\"font-style: italic;\">“It’s no easy feat, considering the simulations cover people in different age groups with varying degrees of technical savvy as well as different languages and cultures. This requires each simulation to employ a fair amount of customization.”</span>\r\n<span style=\"font-weight: bold;\">Cofense Reporter and Cofense Professional Services</span>\r\nAES also uses Cofense Reporter, a solution that allows for quick user reports of phishing attempts. With Cofense Reporter, AES personnel simply click an icon to send suspicious emails to their company’s security team for analysis. This generates streams of human-based phishing intelligence to aid in threat detection and speed incident response for security operations teams.\r\nTo develop custom reports and further enhance their phishing defense program, AES relies on Cofense Professional Services. For example, a Cofense consultant showed the AES team how to use different tactics in creating phishing simulations and to tailor phishes by region and language.\r\n<span style=\"font-weight: bold;\">An “Exemplary” Approach to Cybersecurity</span>\r\nAccording to Badanes, if the company had to decide on only one cybersecurity training component to keep, it would be Cofense simulations. He believes these simulations exemplifies AES’ primary value of safety and the company’s approach to cybersecurity.\r\n<span style=\"font-style: italic;\">“Cyber events could cause physical damage and — potentially — loss of life,”</span> he says. <span style=\"font-style: italic;\">“With electrical power, you must put safety first. Meaning both physical safety and cybersecurity. We train every person in our organization to think about ways to be cyber safe because cybersecurity is everybody’s job.”</span> Attackers, he notes, will keep trying to come up with ways to get into networks. <span style=\"font-style: italic;\">“Cofense helps ensure they don’t succeed.”</span>","alias":"cofense-phishme-for-aes-corporation","roi":0,"seo":{"title":"Cofense PhishMe for AES Corporation","keywords":"","description":"<span style=\"font-weight: bold;\">Summary</span>\r\nAES turned to Cofense to support their awareness testing of 19,000 employees and contractors across 17 countries in multiple languages. Using a combination of Cofense PhishMe® and Cofense Reporter®, AES has seen","og:title":"Cofense PhishMe for AES Corporation","og:description":"<span style=\"font-weight: bold;\">Summary</span>\r\nAES turned to Cofense to support their awareness testing of 19,000 employees and contractors across 17 countries in multiple languages. Using a combination of Cofense PhishMe® and Cofense Reporter®, AES has seen"},"deal_info":"","user":{"id":8758,"title":"The AES Corporation (User)","logoURL":"https://old.roi4cio.com/uploads/roi/company/AES_Corporation_Logo.png","alias":"korporacija-aes-user","address":"","roles":[],"description":" The AES Corporation (NYSE: AES) is a Fortune 500 global power company. We provide affordable, sustainable energy to 14 countries through our diverse portfolio of distribution businesses as well as thermal and renewable generation facilities. Our workforce is committed to operational excellence and meeting the world’s changing power needs. Our 2018 revenues were $11 billion and we own and manage $33 billion in total assets.\r\nWe are dedicated to improving the lives of our customers by leveraging our energy solutions that encompass a broad range of technologies and fuel types, including coal, diesel, gas, oil, pet coke and renewables. Our people share a passion to help meet the world’s current and increasing energy needs while providing communities and countries the opportunity for economic growth due to the availability of reliable, affordable electric power.","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":1,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.aes.com/home/default.aspx","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"The AES Corporation (User)","keywords":"","description":" The AES Corporation (NYSE: AES) is a Fortune 500 global power company. We provide affordable, sustainable energy to 14 countries through our diverse portfolio of distribution businesses as well as thermal and renewable generation facilities. Our workforce is ","og:title":"The AES Corporation (User)","og:description":" The AES Corporation (NYSE: AES) is a Fortune 500 global power company. We provide affordable, sustainable energy to 14 countries through our diverse portfolio of distribution businesses as well as thermal and renewable generation facilities. Our workforce is ","og:image":"https://old.roi4cio.com/uploads/roi/company/AES_Corporation_Logo.png"},"eventUrl":""},"supplier":{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""},"vendors":[{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""}],"products":[{"id":5904,"logo":false,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"alias":"cofense-phishme","companyTypes":[],"description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[{"id":220,"title":"United States","name":"USA"}],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":6,"title":"Ensure Security and Business Continuity"},{"id":306,"title":"Manage Risks"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":177,"title":"Decentralized IT systems"},{"id":281,"title":"No IT security guidelines"},{"id":336,"title":"Risk or Leaks of confidential information"},{"id":346,"title":"Shortage of inhouse IT resources"},{"id":382,"title":"High costs of IT personnel"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"","title":"Web-site of vendor"}},"comments":[],"referencesCount":0},{"id":1115,"title":"Cofense PhishMe for Australian aviation company","description":"A leading Australian aviation company wasn’t going to wait for disaster to strike before strengthening its phishing defense.\r\n<span style=\"font-style: italic;\">“We were lucky enough to have forward-thinking management,”</span> said the General Manager of Technology and Innovation. <span style=\"font-style: italic;\">“We hadn’t suffered losses from phishing, but our board of directors grasped the threat, so they instructed us to launch an anti-phishing program.”</span>\r\nHe added, <span style=\"font-style: italic;\">“Because we’re in aviation, we have a lot of visibility. If a phish led to a security incident, our name would be in the headlines. We need to protect not only our data but our reputation.”</span>\r\n<span style=\"font-weight: bold;\">Solutions and Results</span>\r\nThe company implemented Cofense PhishMe to help users spot phishing and Cofense Reporter to enable one-click reporting. With Cofense PhishMe, program administrators are able to simulate phishes and educate users on how to recognize them.\r\nWhen the company announced the program, it clearly explained the goals and methods. The announcement also educated users about phishing, including a sample simulation. This transparency paid off. From the first round of simulation training to the next, user susceptibility dropped by 10%. And users who clicked an embedded link dropped by 9%.\r\n<span style=\"font-style: italic;\">“The results to date are encouraging,”</span> said the General Manager. <span style=\"font-style: italic;\">“We know that our metrics are affected by the complexity of simulations, the emotional levers they pull, and the user groups we target. As we continue to move forward, we’ll be basing our simulations on attacks we’ve actually seen.”</span>\r\n<span style=\"font-weight: bold;\">Next Steps</span>\r\nHe plans to further customize simulations by team and location, using Cofense PhishMe’s adaptable templates. <span style=\"font-style: italic;\">“We understand that the people and organizations behind these attacks are smart,”</span> he said. <span style=\"font-style: italic;\">“They mimic trusted people and brands and refine their deployment methods to evade automated safeguards. You can never become complacent.”</span>\r\nNow that Cofense Reporter is deployed across all teams, the company is better able to promote and track email reporting. <span style=\"font-style: italic;\">“To measure success, we first look at the number of users not opening and/or reporting potential threats,”</span> said the General Manager.\r\n<span style=\"font-style: italic;\">“Next, and possibly more important, we examine the number who report after they may have inadvertently opened an email. Basically, we identify employees that may be vulnerable, give them the training they need, and report this up to the board of directors.”</span>\r\nUnderscoring the point he added, <span style=\"font-style: italic;\">“Initially, some people at our company thought the program was unnecessary. They believed our automated systems and firewalls gave us enough protection. This was dispelled when security professionals fell prey to Cofense simulations.”</span>\r\nEven better, <span style=\"font-style: italic;\">“Our security teams are stopping attacks reported by employees.”</span>","alias":"cofense-phishme-dlja-avstraliiskoi-aviacionnoi-kompanii","roi":0,"seo":{"title":"Cofense PhishMe for Australian aviation company","keywords":"","description":"A leading Australian aviation company wasn’t going to wait for disaster to strike before strengthening its phishing defense.\r\n<span style=\"font-style: italic;\">“We were lucky enough to have forward-thinking management,”</span> said the General Manager of Techn","og:title":"Cofense PhishMe for Australian aviation company","og:description":"A leading Australian aviation company wasn’t going to wait for disaster to strike before strengthening its phishing defense.\r\n<span style=\"font-style: italic;\">“We were lucky enough to have forward-thinking management,”</span> said the General Manager of Techn"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""},"vendors":[{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""}],"products":[{"id":5904,"logo":false,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"alias":"cofense-phishme","companyTypes":[],"description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[{"id":14,"title":"Australia","name":"AUS"}],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":6,"title":"Ensure Security and Business Continuity"},{"id":306,"title":"Manage Risks"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":177,"title":"Decentralized IT systems"},{"id":281,"title":"No IT security guidelines"},{"id":336,"title":"Risk or Leaks of confidential information"},{"id":346,"title":"Shortage of inhouse IT resources"},{"id":382,"title":"High costs of IT personnel"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"-1","projectWasPut":"","price":0,"source":{"url":"","title":"Web-site of vendor"}},"comments":[],"referencesCount":0},{"id":1152,"title":"Cofense PhishMe for energy grid","description":"<b>Background.</b> A diversified energy and utility company with more than $30 billion in assets and operations in 25 states. The company operates regulated utilities and electricity generation through two primary lines of business and includes eight electric and natural gas utilities, serving 3.1 million customers in New York and New England. The organization operates 6.3 gigawatts of electricity capacity, primarily through wind power, across the United States, as well as employs 7,000 people.\r\n<b>Challenges.</b> Energy providers face a cybersecurity double whammy: An attack could cut power to thousands of customers and cause millions of dollars in damage. And, since the company is subject to North American Electric Reliability Corporation Critical Infrastructure Protection (NERC/CIP) regulations, it risks incurring fines up to $1 million per violation per day.\r\n<b>Solutions.</b> An anti-phishing solution had to meet several criteria – ease of use, a good value, compatibility with other systems, and actionable data delivery. After evaluating a handful of solutions, the company decided to conduct a limited proof of concept of Cofense PhishMe. The results sold the energy company on Cofense PhishMe.\r\nA cloud-based SaaS immersive learning platform, Cofense PhishMe works easily with all major web browsers. It instructs users on the dangers of phishing through periodic simulations. Users have to decide if suspected phishes are legitimate or report them as suspicious. “Because we are a global company, we looked for a phishing platform that was extensible. Cofense PhishMe fit that bill because of its worldwide presence and multi-language capabilities,” the cyber security manager says.\r\n<b>Results.</b> The energy company launched its simulation program on a small scale by targeting company executives and their assistants. Over an eight month period, they expanded it to include HR, customer service, legal, corporate security and finance personnel. Each time, the phishing team shared results and susceptibility levels with management. It soon became clear departments that had already experienced phishing simulations had lower susceptibility rates. This proved that training and simulations work. Since leveraging Cofense, the energy company has seen employee susceptibility trends decline.\r\n<b>Conclusion.</b> The manager says in theory, the energy company could lose $3 billion in market valuation if it suffered a serious data breach. “If Cofense can help us prevent that, and if it can help us keep the lights on and the natural gas flowing for our customers, that’s a big deal.” The company has calculated the cost of each simulation at approximately 60 cents per employee. That’s a reasonable price, considering the improvements in susceptibility rates and the attacks the company may have already averted thanks to heightened phishing awareness, the manager says. <i>“Because we work for an energy services company, we have a duty to protect the grid. One of the ways we do that is by encouraging our employees to step up and accept that higher responsibility – to teach them to stop and think before they download an attachment, for instance. And we believe Cofense will continue to help us do that and prevent bad things from happening.”</i>","alias":"cofense-phishme-dlja-ehnergeticheskoi-kompanii","roi":0,"seo":{"title":"Cofense PhishMe for energy grid","keywords":"","description":"<b>Background.</b> A diversified energy and utility company with more than $30 billion in assets and operations in 25 states. The company operates regulated utilities and electricity generation through two primary lines of business and includes eight electric ","og:title":"Cofense PhishMe for energy grid","og:description":"<b>Background.</b> A diversified energy and utility company with more than $30 billion in assets and operations in 25 states. The company operates regulated utilities and electricity generation through two primary lines of business and includes eight electric "},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""},"vendors":[{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""}],"products":[{"id":5904,"logo":false,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"alias":"cofense-phishme","companyTypes":[],"description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":5,"title":"Enhance Staff Productivity"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":346,"title":"Shortage of inhouse IT resources"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"","title":"Supplier's web site"}},"comments":[],"referencesCount":0},{"id":1154,"title":"Cofense PhishMe for Generali","description":"<b>Background.</b> With some 61 million customers, Generali is Italy’s largest insurance company and one of the world’s most recognizable financial services brands. As part of a comprehensive overhaul of its security programs, Generali decided to focus on phishing awareness. “The number of attacks targeting us was increasing,” said Francesco Nonni, Head of IT Operations & Security Risk at Generali. “We were seeing phishing attacks of all types and employees weren’t sure how to respond.”\r\n<b>Solutions and Results.</b> Generali chose to use Cofense PhishMe and Cofense Reporter to teach employees to recognize and report evolving phishing threats. Why Cofense? “You offer so many different templates for phishing simulations based on real threats,” Nonni said. “Also, the solutions are easy to implement.” “With Cofense PhishMe and Cofense Reporter, we can easily gather statistics on phishing resiliency and susceptibility,” he added. “By sharing results across the company, we created a shared understanding of our readiness and where to improve.”\r\nAre employees getting the message—are they reporting phish? “Absolutely yes,” he said, “both in simulations and in real life. Our simulation results are trending in the right direction—reporting is increasing and susceptibility is dropping. We use the Cofense benchmarks for our industry specifically and across verticals, so we can compare our level of awareness and exposure. We know where we stand and are able to put it in context.” Even better, “Employees are now helping security teams stop real phish,” he said. “Now it’s easy to report an email that might be part of a real attack. One click of Cofense Reporter is all it takes. When that happens, our security operations teams are able to respond faster.”\r\n<b>Implementation & Peer-to-Peer Advice.</b> Once Generali’s phishing defense program was up and running, Nonni launched their first simulation. While the solutions worked seamlessly, the results showed that the company had its work cut out. “A lot of people clicked,” he said, “and reporting levels were low. That wasn’t surprising, since it was our first campaign.” There was a silver lining, though. Armed with data, Nonni was able to further underscore the risks of phishing and generate more support from corporate leadership. He recently launched a simulation campaign in 11 countries across Europe and Asia. “The campaign is still ongoing, but the results are encouraging,” he said, “We’re learning that click rates often vary from country to country. We prepared content on a more global level and asked local offices to translate to their language and manage the rollout to their teams. Depending on the country and the culture, the local communications department might try different tactics to promote the awareness program and keep employees engaged.” As a global financial services leader, Generali continues to see high volumes of phishing emails—real attacks that trained employees are reporting more consistently. “We see a lot of spear phishing attacks targeted to our managers, along with crypto-lockers, credential phish, and business email compromise. We’ve started to model our simulations after attacks that we receive, for example, phishing emails with malicious attachments.”\r\n<b></b>","alias":"cofense-phishme-dlja-generali","roi":0,"seo":{"title":"Cofense PhishMe for Generali","keywords":"","description":"<b>Background.</b> With some 61 million customers, Generali is Italy’s largest insurance company and one of the world’s most recognizable financial services brands. As part of a comprehensive overhaul of its security programs, Generali decided to focus on phis","og:title":"Cofense PhishMe for Generali","og:description":"<b>Background.</b> With some 61 million customers, Generali is Italy’s largest insurance company and one of the world’s most recognizable financial services brands. As part of a comprehensive overhaul of its security programs, Generali decided to focus on phis"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""},"vendors":[{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""}],"products":[{"id":5904,"logo":false,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"alias":"cofense-phishme","companyTypes":[],"description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[{"id":104,"title":"Italy","name":"ITA"}],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":5,"title":"Enhance Staff Productivity"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":346,"title":"Shortage of inhouse IT resources"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"","title":"Supplier's web site"}},"comments":[],"referencesCount":0},{"id":1176,"title":"Cofense PhishMe for global consumer","description":"A few years ago, a global consumer product goods company with 40K employees in over 100 markets had no formal anti- phishing program. Knowing the threat was growing and its security team needed help, the business began using Cofense PhishMe to measure employee’s susceptibility to suspicious emails and Cofense Reporter to report them with one click. Later, the CPG firm deployed Cofense Triage to help incident responders recognize threats and remediate them faster.\r\nAccording to the company’s head of security awareness, 28 percent of employees, as well as third-party contractors, clicked on bad emails during initial Cofense simulations. “That was a wakeup call,” she said. “We knew we needed improvement, but thought we were in better shape than that.”\r\nImplemented simultaneously, Cofense PhishMe and Cofense Reporter proved a powerful combination. Cofense PhishMe tested employees’ susceptibility to phishing under simulated conditions. And Cofense Reporter “relieved employees of having to figure out whether and how to report a suspicious email,” said the head of security awareness. “If they had any doubts, they could report an email with a single click and get on with their day.” For that reason, the company installed Cofense Reporter on devices before deploying Cofense PhishMe.\r\n<p class=\"align-center\"><b>Companywide reporting climbed to 43 percent, with some key departments reporting at over 90 percent.</b></p>\r\nWhile metrics continue to improve, including phishing susceptibility rates under 10%, “Our leadership wants to know that we’re always getting better. Cofense lets us demonstrate that. We can’t just do the same basic simulations over and over. With Cofense PhishMe, it’s easy to customize more complex phishing scenarios. Over time, we’ve made the exercises more advanced, personalizing emails by name and company logo, to reflect what’s happening in the real world.” The company also needed a central storehouse where suspicious emails could be forwarded and automatically prioritized. With training and implementation help from Cofense professional services, the CPG leader now has a dedicated, purpose-built mailbox where employees can forward suspicious emails. Cofense Triage automates the process of distinguishing threats from noise.\r\n<p class=\"align-center\"><b>Before, incident responders spent hours sifting through emails. Now, 80 percent of reported emails are resolved automatically – just 20 percent require active attention.</b></p>\r\nThe solution’s clustering capability helps identify larger phishing campaigns, so the incident response team can address them swiftly. “Our incident responders are making much better use of their time now. They can recognize and respond to a real incident, instead of sifting through tons of emails before stumbling upon something important. Cofense Triage improves the quality of work our responders can do.” With low susceptibility rates and reporting rates steadily rising, the head of security awareness reports that “employees have become an important line of cyber defense.” And thanks to the automation and analytics of Cofense Triage, “we’re not drowning in information anymore and can act on threats right away.”","alias":"cofense-phishme-dlja-globalnoi-proizvodstvennoi-kampanii","roi":0,"seo":{"title":"Cofense PhishMe for global consumer","keywords":"","description":"A few years ago, a global consumer product goods company with 40K employees in over 100 markets had no formal anti- phishing program. Knowing the threat was growing and its security team needed help, the business began using Cofense PhishMe to measure employee","og:title":"Cofense PhishMe for global consumer","og:description":"A few years ago, a global consumer product goods company with 40K employees in over 100 markets had no formal anti- phishing program. Knowing the threat was growing and its security team needed help, the business began using Cofense PhishMe to measure employee"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""},"vendors":[{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""}],"products":[{"id":5904,"logo":false,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"alias":"cofense-phishme","companyTypes":[],"description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":5,"title":"Enhance Staff Productivity"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":346,"title":"Shortage of inhouse IT resources"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"","title":"Supplier's web site"}},"comments":[],"referencesCount":0},{"id":1148,"title":"Cofense PhishMe for Global CPG Leader","description":"<b>Background and Challenges.</b> In 2015, this consumer product goods (CPG) leader had no formal anti-phishing program. Knowing the threat was growing and its security team needed help, the business began using Cofense PhishMe® to measure employee’s susceptibility to suspicious emails and Cofense ReporterTM to report them with one click. Later, the CPG firm deployed Cofense TriageTM to help incident responders recognize threats and remediate them faster.\r\nAccording to the CPG company, 28 percent of employees, as well as third-party contractors, clicked on bad emails during initial Cofense simulations. “That was a wake- up call,” said the CPG company’s head of security awareness. “We knew we needed improvement, but thought we were in better shape than that.” Employees needed help in spotting potential phishes – especially critical departments more heavily targeted by attackers.\r\nMoreover, the company needed a central storehouse where suspicious emails could be forwarded and automatically prioritized. Incident responders had to spend hours sifting through 500 to 1000+ emails reported daily. Instead of focusing their efforts on dealing with real phishes – not to mention the myriad other security issues they faced – responders wasted time manually sorting through the clutter to distinguish threats from noise.\r\n<b>Solution and Results.</b> While metrics continue to improve, “Our leadership wants to know that we’re always getting better. Cofense lets us demonstrate that. We can’t just do the same basic simulations over and over. With Cofense PhishMe, it’s easy to customize more complex phishing scenarios. Over time, we’ve made the exercises more advanced, personalizing emails by name and company logo, to reflect what’s happening in the real world.”\r\n<ul> <li>Fewer than 1 in 10 employees now click on simulated phishes</li> <li>Up to 9 in 10 employees in some critical departments correctly report simulated phishes</li> <li>Just 20 percent of reported emails are personally triaged by incident responders – thanks to automation</li> </ul>\r\n<b>Conclusion.</b> With susceptibility rates in the single digits and reporting rates steadily rising, the head of cybersecurity reports that “employees have become an important line of cyber defense.” And thanks to the automation and analytics of Cofense Triage, “we’re not drowning in information anymore and can act on threats right away.”","alias":"cofense-phishme-dlja-globalnyi-lidera-cpg","roi":0,"seo":{"title":"Cofense PhishMe for Global CPG Leader","keywords":"","description":"<b>Background and Challenges.</b> In 2015, this consumer product goods (CPG) leader had no formal anti-phishing program. Knowing the threat was growing and its security team needed help, the business began using Cofense PhishMe® to measure employee’s susceptib","og:title":"Cofense PhishMe for Global CPG Leader","og:description":"<b>Background and Challenges.</b> In 2015, this consumer product goods (CPG) leader had no formal anti-phishing program. Knowing the threat was growing and its security team needed help, the business began using Cofense PhishMe® to measure employee’s susceptib"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""},"vendors":[{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""}],"products":[{"id":5904,"logo":false,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"alias":"cofense-phishme","companyTypes":[],"description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":5,"title":"Enhance Staff Productivity"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":346,"title":"Shortage of inhouse IT resources"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"","title":"Supplier's web site"}},"comments":[],"referencesCount":0},{"id":1107,"title":"Cofense PhishMe for Global Financial Services Company","description":"Our company started working with Cofense several years ago. We began to launch phishing simulations and also deployed the Reporter button. We saw our phishing susceptibility rate drop steadily and user reporting go up. Today, our reporting rate in simulations is around 60%.<br />Even better, team members are reporting real phishing emails that got past tools like secure email gateways (SEGs). With such good results, we went straightaway into using Cofense Triage and Intelligence as well.\r\nWe don’t want team members to spend a moment thinking, okay, this email I got — is it really a phish? Even if it’s an internal email, we tell them to report it and Triage will take care of it.\r\nCofense Reporter sends our SOC analysts a clean set of emails, properly formatted, with all the information they need. Then Triage handles noise reduction, so analysts spend time only on genuine phishing threats.<br />When they look at an email, they can easily see which other team members received it and, if necessary, pull it from their inboxes.\r\nWe also sometimes see clients whose emails have been compromised and used in phishing attacks. Our team members are familiar with the email addresses but they don’t click, because they know the language is odd or something else is off. In one instance, when we notified the client they were able to alert their entire customer base within a day.\r\nNormally, when we reach out to compromised clients they aren’t aware of the problem. This has happened often enough that our clients, along with our internal teams, see the benefit of what we’re doing.\r\nOur security team likes the Intelligence product because it’s based on emails that bypassed security rules. The team also says the intel correlates with what they see. Some intelligence products flag these same threats, but not as quickly. The team’s overall opinion is they love the product—it’s really useful.\r\nMy team in security awareness feels the same about Cofense PhishMe. We had used products from other vendors with not much success. We weren’t able to do monthly phishing simulations, so we had to settle for periodic simulations. As soon as we got on board with Cofense, we could easily run monthly exercises. That dropped our susceptibility rates pretty rapidly.\r\nWhy is it important to do monthly exercises? Well, not doing it every month wasn’t working. We used to have susceptibility rates around 25%. While our rates have dropped, we also realized we would never get to zero clicks, so reporting is the key metric.\r\nWorking with Cofense, we show value by helping to stop phishing attacks technology missed. It’s hard to get a dedicated budget for security awareness. But teams across the company understand what we’re doing. People talk about it, including the board of directors. They know that data protection is our number one risk.<br />Our program has received a lot of visibility and that’s been awesome. It’s really driven security awareness and made our company much more secure.\r\n\r\nBy: Information Security Analyst, Global Financial Services Company","alias":"cofense-phishme-dlja-global-financial-services-company","roi":0,"seo":{"title":"Cofense PhishMe for Global Financial Services Company","keywords":"","description":"Our company started working with Cofense several years ago. We began to launch phishing simulations and also deployed the Reporter button. We saw our phishing susceptibility rate drop steadily and user reporting go up. Today, our reporting rate in simulations ","og:title":"Cofense PhishMe for Global Financial Services Company","og:description":"Our company started working with Cofense several years ago. We began to launch phishing simulations and also deployed the Reporter button. We saw our phishing susceptibility rate drop steadily and user reporting go up. Today, our reporting rate in simulations "},"deal_info":"","user":{"id":8754,"title":"Global Financial Services, Inc.","logoURL":"https://old.roi4cio.com/uploads/roi/company/Global_Financial_Services__Inc._Logo.png","alias":"global-financial-services-inc","address":"","roles":[],"description":" Global Financial Services is composed of a group of highly experienced and seasoned, certified, financial professionals. With our knowledge and expertise, we can usually find a solution for all your financing needs. Unlike a bank, or local lending institution, which only lend to the most credit-worthy businesses, Global Financial Services, with its relationships with national lenders, can usually find you the financing you need.","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":1,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.globaleasing.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Global Financial Services, Inc.","keywords":"","description":" Global Financial Services is composed of a group of highly experienced and seasoned, certified, financial professionals. With our knowledge and expertise, we can usually find a solution for all your financing needs. Unlike a bank, or local lending institution","og:title":"Global Financial Services, Inc.","og:description":" Global Financial Services is composed of a group of highly experienced and seasoned, certified, financial professionals. With our knowledge and expertise, we can usually find a solution for all your financing needs. Unlike a bank, or local lending institution","og:image":"https://old.roi4cio.com/uploads/roi/company/Global_Financial_Services__Inc._Logo.png"},"eventUrl":""},"supplier":{"id":8760,"title":"Hidden supplier","logoURL":"https://old.roi4cio.com/uploads/roi/company/znachok_postavshchik.jpg","alias":"skrytyi-postavshchik","address":"","roles":[],"description":" Supplier Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":76,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden supplier","keywords":"","description":" Supplier Information is confidential ","og:title":"Hidden supplier","og:description":" Supplier Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/znachok_postavshchik.jpg"},"eventUrl":""},"vendors":[{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""}],"products":[{"id":5904,"logo":false,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"alias":"cofense-phishme","companyTypes":[],"description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":6,"title":"Ensure Security and Business Continuity"},{"id":306,"title":"Manage Risks"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":281,"title":"No IT security guidelines"},{"id":336,"title":"Risk or Leaks of confidential information"},{"id":346,"title":"Shortage of inhouse IT resources"},{"id":382,"title":"High costs of IT personnel"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"-1","projectWasPut":"","price":0,"source":{"url":"","title":"Web-site of vendor"}},"comments":[],"referencesCount":0},{"id":1180,"title":"Cofense PhishMe for global manufacturer","description":"I’ve managed our company’s security awareness program for three years now. We launched it after a handful of successful spear phishing attacks, realizing that we needed to do a better job of educating users. We wanted a solution to help them spot suspicious emails, one with strong metrics to help track progress. That’s why started using Cofense PhishMe and Reporter.\r\n<b>We now send monthly simulations to 60,000 users. Our reporting rate is often around 30 percent.</b>\r\nWe use PhishMe to run monthly simulations with our global users, all 60,000 of them. The first year of the program our click rate was up around 25 percent. Now we’re under 10 percent, so it’s definitely making a difference. In fact, we used to say that a click rate of 10 percent was good, but now we shoot for eight percent. I get a lot of positive feedback from people in different departments. They’re interested in the metrics: how is my team doing compared to other teams? For example, our legal department used to be dead last, but after working with me to educate their team their performance has really improved. The companywide results have been mostly good. In April of 2019 we did a Package Delivery scenario, which got a click rate of only 6 percent and reporting rate of 29.6. In July, we ran a Quarantine Email phish where 7.21 percent failed, with reporting just under 23 percent. I do a quarterly newsletter where I stress the importance of reporting suspected phish. We call it out prominently: ‘When in doubt, report!’ We want people to know that if they don’t report, the SOC won’t know about a possible phishing threat.\r\n<b>There are only so many ways to tell people what to look for in emails. The best way help them is through reiteration.</b>\r\nOur SOC tells us that user reporting definitely gives them better visibility to threats. The SOC now has Cofense Triage to sort through reported emails faster, filtering out the harmless ones—like my employee awareness newsletter!—from real phishing threats. They love it. They get thousands of email reports every single day, so Triage saves them a ton of time. The team no longer has to guess about the true nature of an email.\r\n<b>The SOC has blocked a lot of emails that users reported and Triage verified.</b>\r\nOur incident responders see all types of phishing emails, especially credential phish. Recently, there’s been a huge increase in sextortion emails, where the sender uses information from accounts that were compromised in breaches like the LinkedIn hack, to scare the recipient into making a payment. The SOC has also been seeing a rise in file-sharing malware as well, with emails containing links to box.com, SharePoint, We Transfer, and the like. Talking to the SOC is an important part of our awareness. I’m working on creating a process to get this information as a matter of course, so if something is a big concern we can work it into our simulations.","alias":"cofense-phishme-dlja-globalnogo-proizvoditelja","roi":0,"seo":{"title":"Cofense PhishMe for global manufacturer","keywords":"","description":"I’ve managed our company’s security awareness program for three years now. We launched it after a handful of successful spear phishing attacks, realizing that we needed to do a better job of educating users. We wanted a solution to help them spot suspicious em","og:title":"Cofense PhishMe for global manufacturer","og:description":"I’ve managed our company’s security awareness program for three years now. We launched it after a handful of successful spear phishing attacks, realizing that we needed to do a better job of educating users. We wanted a solution to help them spot suspicious em"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""},"vendors":[{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""}],"products":[{"id":5904,"logo":false,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"alias":"cofense-phishme","companyTypes":[],"description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":5,"title":"Enhance Staff Productivity"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":346,"title":"Shortage of inhouse IT resources"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"","title":"Supplier's web site"}},"comments":[],"referencesCount":0},{"id":1158,"title":"Cofense PhishMe for Healthcare Data and Technology Company","description":"<b>Background.</b> This company’s VP of Information Security inherited a strong anti-phishing program. The organization had been a Cofense client for about a year. It used Cofense PhishMeTM and Cofense ReporterTM to condition users to recognize and report suspicious emails, then added Cofense TriageTM and Cofense IntelligenceTM to shore up incident response.\r\n<b>Challenges.</b> When the VP came onboard, his challenge was to take phishing defense to the next level. How could the organization make its anti-phishing more complete? How could his team refine their strategies to stay ahead of evolving threats? The answers came in a number of innovations they rolled out.\r\n<b>Solutions.</b> Using Cofense PhishMe to run phishing simulations, the company mixed in harder scenarios to keep employees alert. The toughest one was an email titled “Time-Off Requests,” which told recipients they had gone over their limit for personal time. It asked employees to click a link to take care of the matter. Thirty-seven percent of recipients took the bait. When employees received a similar email a year later, the susceptibility rate dropped to 22%—still high, but a noticeable improvement. “We have the kind of culture that likes to push the envelope,” said the VP. “We want to make sure our anti-phishing tactics are challenging and relevant. So, we keep our eyes peeled for new and emerging threats.” His team sent another irresistible email during the 2016 presidential election. With emotions running high as Hillary Clinton and Donald Trump battled, the email, purportedly from HR, reminded employees of the company’s policies on political activities at work, asking them to click a link to show they understood and agreed. “It was a good reminder not to be complacent,” the VP said. “A lot of people bit on that one.” Other top- performing scenarios: “Package Delivery” and tax-related emails in the run-up to April 15. A best practice the VP recommends is to keep HR and other departments in the loop. “You can’t send a phish supposedly from HR without working it out with them beforehand,” he said. “They need to prepare for more calls and emails when certain simulations go out. Once they’re in your corner, everything goes more smoothly.” To keep email reporting rates high, the VP launched a Phishing Bounty Program. It gives rewards to employees who use Cofense Reporter to report a verified malicious email. “We’re really proud of this program,” said the VP. “Employees participate enthusiastically and the rewards are way cheaper than a breach or ransomware incident. Plus, we notify managers to give credit to vigilant people.”\r\n<b>Results.</b> By steadily innovating, the VP of Information Security is expanding and refining his company’s phishing defense. To bolster phishing awareness, his team will keep adding harder-to-identify phishing scenarios. To maintain high reporting rates, the Phishing Bounty Program will keep humming along. And the team has recently complemented Cofense Triage with capabilities to automate the retraction of malicious emails. Attackers looking to make a quick buck—who think healthcare security is softer than in, say, financial services—will always target the company. It’s one reason why an aggressive phishing defense is a must. Another reason: in healthcare, ransomware can be a matter of life or death. “We supply data to healthcare practitioners on, for example, medication or other supplies,” said the VP. “If a ransomware attack succeeded, we’d be in a difficult spot. By enlisting the entire organization in awareness and response, we can reduce this risk—and a host of other vulnerabilities, too.”","alias":"cofense-phishme-dlja-medicinskoi-informacionnoi-i-tekhnologicheskoi-kompanii","roi":0,"seo":{"title":"Cofense PhishMe for Healthcare Data and Technology Company","keywords":"","description":"<b>Background.</b> This company’s VP of Information Security inherited a strong anti-phishing program. The organization had been a Cofense client for about a year. It used Cofense PhishMeTM and Cofense ReporterTM to condition users to recognize and report susp","og:title":"Cofense PhishMe for Healthcare Data and Technology Company","og:description":"<b>Background.</b> This company’s VP of Information Security inherited a strong anti-phishing program. The organization had been a Cofense client for about a year. It used Cofense PhishMeTM and Cofense ReporterTM to condition users to recognize and report susp"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""},"vendors":[{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""}],"products":[{"id":5904,"logo":false,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"alias":"cofense-phishme","companyTypes":[],"description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":5,"title":"Enhance Staff Productivity"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":346,"title":"Shortage of inhouse IT resources"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"","title":"Supplier's web site"}},"comments":[],"referencesCount":0},{"id":1156,"title":"Cofense PhishMe for Large U.S. Health Plan Administrator","description":"<b>Background.</b> The company is the largest third-party administrator of employee health plans and benefits in its four-state region. In business for more than 20 years, the company employs about 130 people and administers plans for nearly 75,000 members.\r\n<b>Challenges.</b> As an employee benefits administrator, the company handles its members’ most sensitive data – personal health information (PHI) and employment benefits. Any phishing attack that compromises members’ private data could seriously hurt the business. “In our world, phishing and educating our users about phishing is the No. 1 priority. That means we need to get people more involved and give them more tools to help them understand and recognize a phishing email,” says the company’s manager of IT and infrastructure.\r\n<b>Solutions.</b> When the company ran its first simulation, more than one-third of its users failed the test, he recalls. Of 127 users tested, 46 clicked the simulated phish. “So, we knew we had a problem that needed to be addressed immediately.” The IT department followed up the simulation by disseminating instructional materials biweekly to users. “In the next six weeks, we went through the education process of shooting out education emails and having discussions internally with departments and departments heads,” he says. When the second simulation was conducted, the number of users who clicked the simulated phish dropped to 21, less than half the original number. Since then, the company has run simulations monthly, picking a different scenario each time. “With each scenario that we push out, we drop a couple more people off that list. However, I’m still seeing an issue with repeat offenders,” he says. To address the issue, the IT department has been sending extra educational materials to the repeat offenders and then testing them with a rerun of the simulations they fail. The process is working, he says. The overall number of users clicking simulated phishes is down to less than 10%, and he is working to shrink that to 1%. “We just continue to see the needle go the other direction, which is very good,” he says. Another positive result, he says, is an increase in users notifying the IT department of phishing emails. “We are feeling more confident in our users as a line of defense for keeping our company secure and safe.”\r\n<b>Results.</b> The company found that implementing Cofense PhishMe SBE was straightforward. The company had already loaded the solution for a trial, and the IT staff knew what to expect when it came time for the permanent installation. The biggest change was to organize the Cofense PhishMe SBE dashboard by department to help identify which groups of employees have the highest susceptibility rates and, as a result, require additional education.\r\n<b>Conclusion.</b> Company management has fully embraced the anti-phishing program. “The execs were on board from the beginning,” he says. He keeps them up to date on simulation results, sharing with them monthly reports that break down susceptibility rates by group. “I sit down with the executives and walk through what trends we’re starting to see, both negative and positive.” Preparing the reports is easy, requiring only a few clicks to compile the necessary information and then formatting it as a PDF. Based on his experience with Cofense PhishMe SBE thus far, the IT manager says he would gladly recommend it to peers. The educational and behavioral-conditioning components are especially valuable. “It’s so user friendly and makes life easier. Having the education piece that Cofense provides is fantastic, and that would be my biggest talking point if I were recommending Cofense to another company.”","alias":"cofense-phishme-dlja-krupnogo-amerikanskogo-administratora-medicinskogo-strakhovanija","roi":0,"seo":{"title":"Cofense PhishMe for Large U.S. Health Plan Administrator","keywords":"","description":"<b>Background.</b> The company is the largest third-party administrator of employee health plans and benefits in its four-state region. In business for more than 20 years, the company employs about 130 people and administers plans for nearly 75,000 members.\r\n<","og:title":"Cofense PhishMe for Large U.S. Health Plan Administrator","og:description":"<b>Background.</b> The company is the largest third-party administrator of employee health plans and benefits in its four-state region. In business for more than 20 years, the company employs about 130 people and administers plans for nearly 75,000 members.\r\n<"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""},"vendors":[{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""}],"products":[{"id":5904,"logo":false,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"alias":"cofense-phishme","companyTypes":[],"description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":5,"title":"Enhance Staff Productivity"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":346,"title":"Shortage of inhouse IT resources"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"","title":"Supplier's web site"}},"comments":[],"referencesCount":0},{"id":1170,"title":"Cofense PhishMe for the bank","description":"<b>Background.</b> United Community Bank (UCB) is a $10.4 billion regional banking institution with 140-plus branches across Tennessee, Georgia, South Carolina and North Carolina. The company employs nearly 2,000 people who use email throughout the business day. Management wanted to ensure all employees use email safely and have the ability to recognize a phishing attempt when one crosses their inboxes. Phishing defenses are especially critical to banks since they are a favorite cybercrime target.\r\n<b>Challenges.</b> UCB chief executives have seen their fair share of phishing attempts in their inboxes, according to UCB Chief Information Security Officer Jim Stewart. But while an executive may have a stronger nose for sniffing out phishing emails, management worried the majority of employees may be less attuned to the threat.\r\n“We decided we needed to condition our employees against phishing,” Stewart says. Doing so wasn’t without challenges because “there’s a fine line between security and service.” If you lean too far in one direction and block everything that looks suspicious, it could be at the expense of responding to customers. Since world-class customer service is what distinguishes UCB from larger competitors, the company needed the right vendor to provide a scalable phishing solution while saving UCB time and effort.\r\n<b>Results.</b> The first simulation targeted the bank’s 14-member technology steering committee. Ramp-up time was limited because the committee was scheduled to meet two weeks after deployment, but thanks to the ease of installation, UCB completed the test successfully. “With a lot of other security solutions, we just wouldn’t have tried to run a proof of concept in that short time frame,” noted Stewart. “It’s usually impossible. But with Cofense it was just easy.”\r\nAs simulations continued, department heads became invested in the program, even treating it as a competition. Our chief legal counsel, whose staff had scored particularly high, Hucko says, “sat everybody down, put them through extra training and really emphasized the importance of understanding the effects of a potential phishing attack on the company. Ever since that meeting, his group has had the lowest susceptibility in the company.”\r\nStewart credits the Cofense team with making the implementation straightforward. Whenever he’s had a question or request, the team has responded promptly and effectively. For instance, the team obliged his request to parse users by job title and location. Per Stewart, Cofense has provided solid guidance and support, “all the way from sales and demos to contract implementation to post implementation support. Time is of the essence in everything we implement so when something’s that easy, you start out of the gate with a very positive feeling about it.”\r\n<b>Conclusion.</b> Stewart initially had some misgivings about an anti-phishing campaign. “It feels a little bit devious, like you’re trying to trick your employees.” Then he realized while he was thinking about the situation “with a conscience,” attackers have no such moral quandaries. A company of 2,000 employees is a company with 2,000 potential vulnerabilities. Using a little deviousness to determine phishing susceptibility and which employees are the most likely to click suspicious emails is a small price to pay to prevent a phishing attack. Cofense, Stewart says, has helped turned those 2,000 vulnerabilities into 2,000 defenders.","alias":"cofense-phishme-dlja-banka","roi":0,"seo":{"title":"Cofense PhishMe for the bank","keywords":"","description":"<b>Background.</b> United Community Bank (UCB) is a $10.4 billion regional banking institution with 140-plus branches across Tennessee, Georgia, South Carolina and North Carolina. The company employs nearly 2,000 people who use email throughout the business da","og:title":"Cofense PhishMe for the bank","og:description":"<b>Background.</b> United Community Bank (UCB) is a $10.4 billion regional banking institution with 140-plus branches across Tennessee, Georgia, South Carolina and North Carolina. The company employs nearly 2,000 people who use email throughout the business da"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""},"vendors":[{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""}],"products":[{"id":5904,"logo":false,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"alias":"cofense-phishme","companyTypes":[],"description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":5,"title":"Enhance Staff Productivity"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":346,"title":"Shortage of inhouse IT resources"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"","title":"Supplier's web site"}},"comments":[],"referencesCount":0},{"id":1109,"title":"Cofense PhishMe for university","description":"In 2012, a phishing email triggered one of the largest cyber-attacks ever, aimed at a large Middle Eastern oil and gas company. In the wake of the attack, organizations worldwide redoubled security investments. One such organization was a top university whose students, faculty, and administrators hail from around the world.\r\nThe school’s Head of Information Security made antiphishing a top priority. He partnered with Cofense to train his users to recognize and report suspicious emails.\r\n<span style=\"font-weight: bold;\">Challenges</span>\r\n<span style=\"font-style: italic;\">“My mandate was to do everything necessary to protect the university community,”</span> said the Head of Information Security. <span style=\"font-style: italic;\">“We invested in technological solutions, but with thirty years of IT experience, I know that you need to invest in people, not just processes and technology. You need to make them human firewalls.”</span>\r\n<span style=\"font-style: italic;\">“Look at it this way,”</span> he added. <span style=\"font-style: italic;\">“You can put five locks on your door, but if you leave the keys under the doormat, the locks don’t do much good. Fortifying the human firewall is my utmost priority. The human element is the most important part of your defense.”</span>\r\n<span style=\"font-weight: bold;\">Cofense PhishMe and Cofense Reporter</span>\r\nThe Head of Information Security adopted a “use it well or lose it” approach to email and Internet access. <span style=\"font-style: italic;\">“My position is that access to online services is a privilege, like having a driver’s license,”</span> he said.\r\n<span style=\"font-style: italic;\">“You go to the DMV to get your license and the police monitors and enforces good behavior. If your behavior is lacking, you get negative points, or possibly even lose your license for a time. I decided that the best way to encourage good user behavior was through a similar points-based system.”</span>\r\nHe started using Cofense PhishMeTM to send simulated phishing emails to university users. He also introduced the Cofense ReporterTM button, a one-click way for users to report suspicious emails to the incident response team.\r\nThose who show good behavior, who recognize and report phishing, gain positive points and are eligible for gifts. Those who exhibit poor behavior accrue negative points. Too many of these could result in temporary loss of Internet access. To avoid that, users can take advantage of phishing education training, then pass a quiz to regain good standing.\r\n<span style=\"font-style: italic;\">“When we launched our anti-phishing program, our susceptibility rate was hovering around 55 percent,”</span> said the Head of Information Security. <span style=\"font-style: italic;\">“Now it’s 11 percent. And the reporting rate has gone from a pretty low number to 50 percent. We’ve made very good progress. The Cofense solutions work beautifully.”</span>\r\nHe occasionally sends trickier simulations to keep users on their toes. <span style=\"font-style: italic;\">“One recent scenario netted a 20 percent susceptibility rate, but the reporting rate was still at 50 percent. That’s our #1 KPI: keeping reporting well above susceptibility.”</span>\r\nHe noted, <span style=\"font-style: italic;\">“You need to remember certain factors to get an apples-to-apples comparison. That’s why when we benchmark our test results, we use what we call a ‘difficulty criteria model,’ which factors in the complexity of our various scenarios.”</span>\r\n<span style=\"font-weight: bold;\">Looking Ahead</span>\r\nSince the university launched its anti-phishing program, phishing attacks worldwide have grown. Researchers at the Anti-Phishing Work Group report the volume of attacks rose in 2017, targeting more organizations than ever. Nation-states continue to use phishing to pursue their goals.\r\nTo keep its phishing defenses strong, the university is continuing its simulation training, as well as the points-based system for promoting phishing awareness. The school has also recently purchased Cofense TriageTM, a platform that automates email analysis for faster threat response.\r\n<span style=\"font-style: italic;\">“Our team protects students and anyone else using the university’s systems,”</span> he said. <span style=\"font-style: italic;\">“We have users whose technical savvy and online habits vary a lot. It’s important to get everyone involved in cybersecurity, especially phishing defense. We have a lot at stake.”</span>","alias":"cofense-phishme-for-university","roi":0,"seo":{"title":"Cofense PhishMe for university","keywords":"","description":"In 2012, a phishing email triggered one of the largest cyber-attacks ever, aimed at a large Middle Eastern oil and gas company. In the wake of the attack, organizations worldwide redoubled security investments. One such organization was a top university whose ","og:title":"Cofense PhishMe for university","og:description":"In 2012, a phishing email triggered one of the largest cyber-attacks ever, aimed at a large Middle Eastern oil and gas company. In the wake of the attack, organizations worldwide redoubled security investments. One such organization was a top university whose "},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""},"vendors":[{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""}],"products":[{"id":5904,"logo":false,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"alias":"cofense-phishme","companyTypes":[],"description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[{"id":220,"title":"United States","name":"USA"}],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":6,"title":"Ensure Security and Business Continuity"},{"id":306,"title":"Manage Risks"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":177,"title":"Decentralized IT systems"},{"id":281,"title":"No IT security guidelines"},{"id":336,"title":"Risk or Leaks of confidential information"},{"id":346,"title":"Shortage of inhouse IT resources"},{"id":382,"title":"High costs of IT personnel"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"-1","projectWasPut":"","price":0,"source":{"url":"","title":"Web-site of vendor"}},"comments":[],"referencesCount":0},{"id":1166,"title":"Cofense PhisMe for cyber security services organisation","description":"<b>Background.</b> As a cyber security specialist and managed security solutions provider (MSSP), eSecure helps businesses of all sizes protect against cyberattacks. The company, which has offices in Australia and the UK, partners with Cofense to deliver phishing defense solutions. According to eSecure CEO CIinton Smith, the company decided on Cofense because, “The Cofense approach is a very practical and real way of educating a broad audience about cybersecurity threats. It enables us to demonstrate that we’re invested in understanding and strengthening our customers’ security by offering the very best-of-breed technology.”\r\n<b>Solutions and Results.</b> Cofense PhishMeTM, which simulates attacks to educate users, has been “stellar” in raising phishing awareness. “To succeed, we have to help our customers change their culture,” said Smith. “While most organizations are aware of phishing, levels of awareness vary amongst their own people. The security teams are naturally clued in, but individual users often expect that their employers are going to protect their mailboxes.” Smith noted that customers are seeing more phishing attacks on cloud services. “As organizations move their business operations to the cloud, those cloud-based applications like O365 and SharePoint become a natural target for exploitation,” he said. “Cofense helps our customers identify and respond to these attacks, and to other types of attacks, much faster. That’s a great benefit, since some of the attacks you see in the news have been quite devastating.” <b>“Budget pressures point to an outsourced solution. The economies of scale simply make sense. Plus, small and medium-sized businesses realize it’s smart to distribute their cybersecurity, instead of relying on one staffer to manage everything. When that person goes on annual leave, the gap becomes too risky.”</b> He added that customers are increasingly comfortable with a hybrid approach. “Often, customers manage certain security functions themselves and outsource other functions, for example, phishing defense,” he said.\r\n<b>In Summary.</b> The reaction to Cofense solutions: “Customers love them,” said Smith. “Again, the Cofense approach to phishing defense is quite practical and achieves real results. Let’s put it this way: customers know it’s better to have a good guy doing a security test, if you will, than a bad guy. “Having had long heart-to-heart discussions with CEOs about security incidents, I think it’s usually not a case of a single event exposing their vulnerability. It’s normally a series of events that show a lack of understanding about the threat and relative investment required for effective phishing defense. Once they understand how large the problem is, they realize they can’t afford to build an adequate solution. “That’s where eSecure and Cofense come in. We make it possible for businesses of every size to see and stop phishing.”","alias":"cofense-phisme-dlja-organizacii-po-uslugam-kiberbezopasnosti","roi":0,"seo":{"title":"Cofense PhisMe for cyber security services organisation","keywords":"","description":"<b>Background.</b> As a cyber security specialist and managed security solutions provider (MSSP), eSecure helps businesses of all sizes protect against cyberattacks. The company, which has offices in Australia and the UK, partners with Cofense to deliver phish","og:title":"Cofense PhisMe for cyber security services organisation","og:description":"<b>Background.</b> As a cyber security specialist and managed security solutions provider (MSSP), eSecure helps businesses of all sizes protect against cyberattacks. The company, which has offices in Australia and the UK, partners with Cofense to deliver phish"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""},"vendors":[{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""}],"products":[{"id":5904,"logo":false,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"alias":"cofense-phishme","companyTypes":[],"description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":5,"title":"Enhance Staff Productivity"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":346,"title":"Shortage of inhouse IT resources"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"","title":"Supplier's web site"}},"comments":[],"referencesCount":0},{"id":1150,"title":"Cofense PhisMe for defense and aerospace company","description":"<b>Background.</b> A large multinational company was the target of relentless phishing attacks intended to steal intellectual property. With growing alarm, the company kept throwing more people, technology and money at the problem to little effect, until it concluded the answer lay in raising user awareness. For most multinational companies, the issue of “phishing” is an everyday occurrence. For our case study, the company concerned was investing significantly in technology to help defend itself; however, company managers concluded that without engaging end-users as the first line of defense they were undermining this investment.\r\n<b>Challenges.</b> With 8,000 users dispersed through five continents and many other international locations, getting everyone on the same page to fight phishing seemed a huge challenge. In addition to the development of a global IT Security Awareness program, a method of assessing user susceptibility to phishing email was required.\r\n<b>Solutions.</b> As it happened, the company’s North America division was preparing to test an enterprise phishing defense solution, Cofense PhishMe®, so the global security awareness team watched for the results. Pleased with the outcome, the security team knew it had found its phishing defense solution. “We looked at the success in North America and decided to deploy Cofense PhishMe for the rest of the user population,” recalls the client’s security awareness leader. In the most recent test, the company’s susceptibility measured at just under 2%, a stunning drop from 21% before deploying Cofense PhishMe, including less than 1% for employees who took the simulation bait more than once.\r\n<b>Business Results</b>\r\n<b><i>Rehabilitating Chronic Offenders</i></b>\r\nThe approach is working. The company’s overall susceptibility score of 2% is remarkable considering the number of users. During the last year the average score dropped to 5% from 21%. “Our feeling is that if we are below 10%, we are doing well and certainly below average for susceptibility. Nevertheless, we recognize 2% of 8,000 is still a significant amount of people, so we can’t rest on our laurels too much.”\r\n<b><i>Choice of Bait</i></b>\r\nCofense PhishMe comes with prepackaged phishing scenarios, but customization is available. This client used a package delivery scenario in its first test because receiving a package is relatable to any user regardless of location or cultural customs. “So it’s quite a seductive piece of bait,” says the awareness leader. The company is mindful of cultural, religious and social considerations when choosing bait. The global security awareness team reviews the available scenarios then recommends which to use next. “I very much want my international leads to have the lead on “bait” selection. Rather than the corporate head office telling them what we are going to do, I ask them to suggest what we are going to do.”\r\n<b><i>Improved Reporting</i></b>\r\nGetting users to report suspicious emails is never easy, and this client’s experience was no different. “We had a process for them to follow. They had to follow a published process to ensure technical information within the email was preserved so that it could be examined by our experts. The manual nature of the process discouraged people. “It’s easier to just hit delete because they may figure we’re a big organization and someone else has reported it already, or, quite frankly, they just couldn’t be bothered,” says the team leader. Cofense Reporter changed all that by giving users a one- click process to report suspicious emails. “So it’s just as easy as clicking a delete button.” In response, users get a congratulatory message when they spot a phishing test email. If a reported email isn’t a phishing test, they receive a thank you for helping to keep the company safe. “One of the key benefits of this approach is when running a test, reported emails are not sent to the experts – reducing their workload.”\r\n<b>Conclusion.</b> The client couldn’t be more pleased with Cofense. The technology has delivered as promised, and when the company has needed help with troubleshooting or usability questions, Cofense’s tech support has proven responsive and helpful. “We’ve always found their response to be very good in terms of speed and quality.”","alias":"cofense-phisme-dlja-oboronno-aehrokosmicheskoi-kompanii","roi":0,"seo":{"title":"Cofense PhisMe for defense and aerospace company","keywords":"","description":"<b>Background.</b> A large multinational company was the target of relentless phishing attacks intended to steal intellectual property. With growing alarm, the company kept throwing more people, technology and money at the problem to little effect, until it co","og:title":"Cofense PhisMe for defense and aerospace company","og:description":"<b>Background.</b> A large multinational company was the target of relentless phishing attacks intended to steal intellectual property. With growing alarm, the company kept throwing more people, technology and money at the problem to little effect, until it co"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""},"vendors":[{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""}],"products":[{"id":5904,"logo":false,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"alias":"cofense-phishme","companyTypes":[],"description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":5,"title":"Enhance Staff Productivity"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":346,"title":"Shortage of inhouse IT resources"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"","title":"Supplier's web site"}},"comments":[],"referencesCount":0},{"id":1174,"title":"Cofense PhisMe for financial services","description":"The financial industry is constantly targeted by phishing attacks, so our company uses Cofense PhishMe to educate employees. We send monthly simulations because, in our experience, more frequent training helps to raise overall awareness. If you get in the habit of recognizing phishing emails, though you might not see a serious security threat very often, you’ll feel comfortable reporting one if it lands in your inbox. In general, we think that folks who are most at risk should be targeted more often, for example a finance organization that corresponds with outside vendors, versus a group of analysts who never interact externally due to regulations. We’ve found that targeted training is a better predictor than general simulations. These phishing scenarios might be more difficult, but making them tough isn’t the point—the point is to send simulations based on real attacks we’ve seen. It’s important that users understand this isn’t a game of “Gotcha!” We’re trying to help people, not fool them.\r\n<p class=\"align-center\"><b>We’ve been able to show the connection between phishing simulations and real threats that users report.</b></p>\r\nOur Cofense support analyst has helped us create reports that show the overlap between simulations and verified threats. We want to know how someone performs on a simulation versus a real phish. The idea is to identify groups that get attacked a lot and the ones reporting the most real phish. We want to see how that interplay works. We’ve used the data to educate people who fall susceptible to certain attacks. We’ve found that most of those users aren’t susceptible in later simulations. They’re paying more attention and reporting at much higher rates. For example, we’ve been able to run targeted custom campaigns using domains and executive spoofing, based on real attacks we’ve seen in our environment.\r\n<p class=\"align-center\"><b>We’ve found that running targeted campaigns resulted in more than 25 percent higher reporting rates, compared to the average user over the next three months.</b></p>\r\nIt’s really exciting to track data and show how it relates to performance, plus how it can shape the next round of simulations. We let repeat clickers practice as much as they need. If an employee clicks on a simulation, rather than just relying on a pop-up page to teach them, we send another phish. If the user clicks again, that’s the learning moment. That person will ask, “What signs did I miss?” They’ll be more aware. To identify real threats, we use the managed version of Cofense Triage. Cofense analysts look at everything that’s reported, pull out any IOCs, and send them back to our SOC. It eliminates a layer of analysis and enables the SOC to scope the campaign immediately. Who else in the organization got the phishing email? Then the SOC can pull those emails from inboxes, so users can’t click on them, and block the sender’s IP address, at least temporarily.\r\n<p class=\"align-center\"><b>One recent phishing email said, “I’m in a meeting and can’t be contacted. Can you help me out?”’....Luckily, some recipients reported it.</b></p>\r\nThat email, a real phish, involved a typo squatted domain, which looked like our domain with one letter changed. The email purportedly came from a senior executive, using a signature block that looked very close to ours. A bunch of users throughout the organization received the phishing campaign and, while some started responding to it, others began reporting. We were able to stop the campaign before any real damaged was done. That was a huge win for us. It was a very sophisticated campaign, so it shows that our training is working. Of course, you’ll never get to zero clicks, so there’s always work to be done.","alias":"cofense-phisme-for-financial-services","roi":0,"seo":{"title":"Cofense PhisMe for financial services","keywords":"","description":"The financial industry is constantly targeted by phishing attacks, so our company uses Cofense PhishMe to educate employees. We send monthly simulations because, in our experience, more frequent training helps to raise overall awareness. If you get in the habi","og:title":"Cofense PhisMe for financial services","og:description":"The financial industry is constantly targeted by phishing attacks, so our company uses Cofense PhishMe to educate employees. We send monthly simulations because, in our experience, more frequent training helps to raise overall awareness. If you get in the habi"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""},"vendors":[{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""}],"products":[{"id":5904,"logo":false,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"alias":"cofense-phishme","companyTypes":[],"description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":5,"title":"Enhance Staff Productivity"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":346,"title":"Shortage of inhouse IT resources"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"","title":"Supplier's web site"}},"comments":[],"referencesCount":0},{"id":1168,"title":"Cofense PhisMe for multinational imaging and optical manufacturer","description":"<b>Background.</b> Phishing attacks continue to spike year after year. Recognizing their employees were vulnerable to phishing attacks, a multinational manufacturer of imaging and optical products with more than 18,000 employees in the EMEA region concluded it was only a matter of time before a phishing attack would cause serious damage.\r\n<b>Security Challenges.</b> Phishing is successful because it baits users to open tainted emails that often bypass stringent technology layers to reach the user’s inbox. Employees can be too busy, distracted or trusting to give much thought to possible risks. “There’s always a way to penetrate the organization, or use an employee to get access because, for employees, security is not normally their area of expertise,” says the Information Security Manager at the global manufacturer. “If they see an email, they may not be able to recognize it as legitimate or malicious.” The company decided to strengthen its phishing defenses since most of its efforts to raise awareness about phishing through video and classroom presentations so far had proven unsatisfactory, the company turned to Cofense to help strengthen their anti-phishing programs. “The whole concept of phishing as a service just struck us as genius.”\r\n<b>Conclusion.</b> The client’s ability to catch phishing emails has vastly improved since implementing Cofense PhishMe and Cofense Reporter. According to the client, Cofense’s technical support has remained accessible and responsive throughout the adoption process. “They give results in a couple of hours and they’re very nice people – all of them.” The client notes that compared with other vendors getting support from Cofense is definitely easier. Based on that success, and the technology’s tangible results. The Information Security Manager says he’d have no qualms about recommending Cofense to his peers. When anyone asks him how to deal with phishing, his answer is simple: “Buy Cofense.”","alias":"cofense-phisme-dlja-mnogonacionalnogo-proizvoditelja-izobrazhenii-i-optiki","roi":0,"seo":{"title":"Cofense PhisMe for multinational imaging and optical manufacturer","keywords":"","description":"<b>Background.</b> Phishing attacks continue to spike year after year. Recognizing their employees were vulnerable to phishing attacks, a multinational manufacturer of imaging and optical products with more than 18,000 employees in the EMEA region concluded it","og:title":"Cofense PhisMe for multinational imaging and optical manufacturer","og:description":"<b>Background.</b> Phishing attacks continue to spike year after year. Recognizing their employees were vulnerable to phishing attacks, a multinational manufacturer of imaging and optical products with more than 18,000 employees in the EMEA region concluded it"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""},"vendors":[{"id":5373,"title":"Cofense","logoURL":"https://old.roi4cio.com/uploads/roi/company/Cofense.png","alias":"cofense","address":"","roles":[],"description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense suite combines best-in class incident response technologies with timely attack intelligence sourced from employees to stop attacks in progress faster and stay ahead of breaches. \r\nFrom driving awareness to security automation and orchestration, Cofense solutions are designed to anticipate and disrupt the attack kill chain at delivery to quickly mitigate the impacts from spear phishing, ransomware, malware, and business email compromise. \r\nToday this is all made real for thousands of global organizations in the defense, energy, financial services, healthcare, and manufacturing sectors that understand how changing user behavior will improve security, aid incident response, and reduce the risk of compromise.\r\nSource:https://www.linkedin.com/company/cofense/about/","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.cofense.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":""}],"products":[{"id":5904,"logo":false,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"alias":"cofense-phishme","companyTypes":[],"description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":5,"title":"Enhance Staff Productivity"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":346,"title":"Shortage of inhouse IT resources"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"","title":"Supplier's web site"}},"comments":[],"referencesCount":0}],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":16,"vendorImplementationsCount":17,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{"52":{"id":52,"title":"SaaS - software as a service","description":"<span style=\"font-weight: bold;\">Software as a service (SaaS)</span> is a software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted. It is sometimes referred to as "on-demand software", and was formerly referred to as "software plus services" by Microsoft.\r\n SaaS services is typically accessed by users using a thin client, e.g. via a web browser. SaaS software solutions has become a common delivery model for many business applications, including office software, messaging software, payroll processing software, DBMS software, management software, CAD software, development software, gamification, virtualization, accounting, collaboration, customer relationship management (CRM), Management Information Systems (MIS), enterprise resource planning (ERP), invoicing, human resource management (HRM), talent acquisition, learning management systems, content management (CM), Geographic Information Systems (GIS), and service desk management. SaaS has been incorporated into the strategy of nearly all leading enterprise software companies.\r\nSaaS applications are also known as <span style=\"font-weight: bold;\">Web-based software</span>, <span style=\"font-weight: bold;\">on-demand software</span> and<span style=\"font-weight: bold;\"> hosted software</span>.\r\nThe term "Software as a Service" (SaaS) is considered to be part of the nomenclature of cloud computing, along with Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Desktop as a Service (DaaS),managed software as a service (MSaaS), mobile backend as a service (MBaaS), and information technology management as a service (ITMaaS).\r\nBecause SaaS is based on cloud computing it saves organizations from installing and running applications on their own systems. That eliminates or at least reduces the associated costs of hardware purchases and maintenance and of software and support. The initial setup cost for a SaaS application is also generally lower than it for equivalent enterprise software purchased via a site license.\r\nSometimes, the use of SaaS cloud software can also reduce the long-term costs of software licensing, though that depends on the pricing model for the individual SaaS offering and the enterprise’s usage patterns. In fact, it’s possible for SaaS to cost more than traditional software licenses. This is an area IT organizations should explore carefully.<br />SaaS also provides enterprises the flexibility inherent with cloud services: they can subscribe to a SaaS offering as needed rather than having to buy software licenses and install the software on a variety of computers. The savings can be substantial in the case of applications that require new hardware purchases to support the software.<br /><br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Who uses SaaS?</span></h1>\r\nIndustry analyst Forrester Research notes that SaaS adoption has so far been concentrated mostly in human resource management (HRM), customer relationship management (CRM), collaboration software (e.g., email), and procurement solutions, but is poised to widen. Today it’s possible to have a data warehouse in the cloud that you can access with business intelligence software running as a service and connect to your cloud-based ERP like NetSuite or Microsoft Dynamics.The dollar savings can run into the millions. And SaaS installations are often installed and working in a fraction of the time of on-premises deployments—some can be ready in hours. \r\nSales and marketing people are likely familiar with Salesforce.com, the leading SaaS CRM software, with millions of users across more than 100,000 customers. Sales is going SaaS too, with apps available to support sales in order management, compensation, quote production and configure, price, quoting, electronic signatures, contract management and more.\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Why SaaS? Benefits of software as a service</span></h1>\r\n<ul><li><span style=\"font-weight: bold;\">Lower cost of entry</span>. With SaaS solution, you pay for what you need, without having to buy hardware to host your new applications. Instead of provisioning internal resources to install the software, the vendor provides APIs and performs much of the work to get their software working for you. The time to a working solution can drop from months in the traditional model to weeks, days or hours with the SaaS model. In some businesses, IT wants nothing to do with installing and running a sales app. In the case of funding software and its implementation, this can be a make-or-break issue for the sales and marketing budget, so the lower cost really makes the difference.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Reduced time to benefit/rapid prototyping</span>. In the SaaS model, the software application is already installed and configured. Users can provision the server for the cloud and quickly have the application ready for use. This cuts the time to benefit and allows for rapid demonstrations and prototyping. With many SaaS companies offering free trials, this means a painless proof of concept and discovery phase to prove the benefit to the organization. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Pay as you go</span>. SaaS business software gives you the benefit of predictable costs both for the subscription and to some extent, the administration. Even as you scale, you can have a clear idea of what your costs will be. This allows for much more accurate budgeting, especially as compared to the costs of internal IT to manage upgrades and address issues for an owned instance.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">The SaaS vendor is responsible for upgrades, uptime and security</span>. Under the SaaS model, since the software is hosted by the vendor, they take on the responsibility for maintaining the software and upgrading it, ensuring that it is reliable and meeting agreed-upon service level agreements, and keeping the application and its data secure. While some IT people worry about Software as a Service security outside of the enterprise walls, the likely truth is that the vendor has a much higher level of security than the enterprise itself would provide. Many will have redundant instances in very secure data centers in multiple geographies. Also, the data is being automatically backed up by the vendor, providing additional security and peace of mind. Because of the data center hosting, you’re getting the added benefit of at least some disaster recovery. Lastly, the vendor manages these issues as part of their core competencies—let them.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Integration and scalability.</span> Most SaaS apps are designed to support some amount of customization for the way you do business. SaaS vendors create APIs to allow connections not only to internal applications like ERPs or CRMs but also to other SaaS providers. One of the terrific aspects of integration is that orders written in the field can be automatically sent to the ERP. Now a salesperson in the field can check inventory through the catalog, write the order in front of the customer for approval, send it and receive confirmation, all in minutes. And as you scale with a SaaS vendor, there’s no need to invest in server capacity and software licenses. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Work anywhere</span>. Since the software is hosted in the cloud and accessible over the internet, users can access it via mobile devices wherever they are connected. This includes checking customer order histories prior to a sales call, as well as having access to real time data and real time order taking with the customer.</li></ul>\r\n<p class=\"align-left\"> </p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/SaaS__1_.png","alias":"saas-software-as-a-service"},"204":{"id":204,"title":"Managed Detection and Response","description":" MDR, which stands for Managed Detection & Response, is an all-encompassing threat detection system, which arose from the need for small/medium-sized organizations who lack resources to be able to monitor their network systems in-house. It provides a cost-effective alternative to SIEM (Security Information and Event Management).\r\nEveryday, the capabilities of attackers get more sophisticated and the volume of alerts becomes overwhelming and unmanageable. In-house teams might struggle to analyze and log data, which makes it harder than ever to determine if these threats are harmful. MDR can put a stop to attacks before they even happen. MDR technology monitors your systems and detects any unusual behavior, whilst our expert team responds to the threats detected within your business.\r\nMDR offers real-time threat intelligence, and is able to analyse behaviour which can be missed by traditional endpoint security technology. MDR also provides rapid identification of known threats, which in turn minimises overall attacks. Having remote incident investigation will minimise damage to your business, and will allow you to get back to work in no time. It’s important to note that using MDR services will allow third party access to your company's data. You need to consider working with a provider who understands and respects your data policy.","materialsDescription":" <span style=\"font-weight: bold;\">What is Managed Detection and Response?</span>\r\nManaged Detection and Response (MDR) is a managed cybersecurity service that provides intrusion detection of malware and malicious activity in your network, and assists in rapid incident response to eliminate those threats with succinct remediation actions. MDR typically combines a technology solution with outsourced security analysts that extend your technologies and team.\r\n<span style=\"font-weight: bold;\">Isn’t that What MSSPs or Managed SIEMs Do?</span>\r\nNo. Managed Security Service Providers (MSSPs) monitor network security controls and may send alerts when anomalies are identified. MSSPs typically do not investigate the anomalies to eliminate false positives, nor do they respond to real threats. This means that abnormalities in network usage are forwarded to your IT personnel who must then dig through the data to determine if there is a real threat and what to do about it.\r\n<span style=\"font-weight: bold;\">Doesn’t My Firewall Protect My Network?</span>\r\nFirewalls and other preventive forms of cybersecurity are very important and effective at preventing basic cyberattacks. However, over the past decade, it has become clear that preventive cybersecurity technologies are not enough to secure an organization’s network. Further, they are yet another source of alerts, log messages, and events that contribute to the “alert fatigue” being universally suffered today. Recent major hacks such as the Marriot Hack of 2018, the Anthem Hack of 2015, and the Target Hack of 2013 demonstrate how easily cybercriminals can breach networks at enterprise organizations to steal millions of credit card numbers, medical records, and other forms of PII/PHI.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/Endpoint_Detection_and_Response.png","alias":"managed-detection-and-response"},"465":{"id":465,"title":"UEBA - User and Entity Behavior Analytics","description":"Developments in UBA technology led Gartner to evolve the category to user and entity behavior analytics (UEBA). In September 2015, Gartner published the Market Guide for User and Entity Analytics by Vice President and Distinguished Analyst, Avivah Litan, that provided a thorough definition and explanation. UEBA was referred to in earlier Gartner reports but not in much depth. Expanding the definition from UBA includes devices, applications, servers, data, or anything with an IP address. It moves beyond the fraud-oriented UBA focus to a broader one encompassing "malicious and abusive behavior that otherwise went unnoticed by existing security monitoring systems, such as SIEM and DLP." The addition of "entity" reflects that devices may play a role in a network attack and may also be valuable in uncovering attack activity. "When end users have been compromised, malware can lay dormant and go undetected for months. Rather than trying to find where the outsider entered, UEBAs allow for quicker detection by using algorithms to detect insider threats."\r\nParticularly in the computer security market, there are many vendors for UEBA applications. They can be "differentiated by whether they are designed to monitor on-premises or cloud-based software as a service (SaaS) applications; the methods in which they obtain the source data; the type of analytics they use (i.e., packaged analytics, user-driven or vendor-written), and the service delivery method (i.e., on-premises or a cloud-based)." According to the 2015 market guide released by Gartner, "the UEBA market grew substantially in 2015; UEBA vendors grew their customer base, market consolidation began, and Gartner client interest in UEBA and security analytics increased." The report further projected, "Over the next three years, leading UEBA platforms will become preferred systems for security operations and investigations at some of the organizations they serve. It will be—and in some cases already is—much easier to discover some security events and analyze individual offenders in UEBA than it is in many legacy security monitoring systems."","materialsDescription":"<span style=\"font-weight: bold;\">What is UEBA?</span>\r\nHackers can break into firewalls, send you e-mails with malicious and infected attachments, or even bribe an employee to gain access into your firewalls. Old tools and systems are quickly becoming obsolete, and there are several ways to get past them.\r\nUser and entity behavior analytics (UEBA) give you more comprehensive way of making sure that your organization has top-notch IT security, while also helping you detect users and entities that might compromise your entire system.\r\nUEBA is a type of cybersecurity process that takes note of the normal conduct of users. In turn, they detect any anomalous behavior or instances when there are deviations from these “normal” patterns. For example, if a particular user regularly downloads 10 MB of files every day but suddenly downloads gigabytes of files, the system would be able to detect this anomaly and alert them immediately.\r\nUEBA uses machine learning, algorithms, and statistical analyses to know when there is a deviation from established patterns, showing which of these anomalies could result in, potentially, a real threat. UEBA can also aggregate the data you have in your reports and logs, as well as analyze the file, flow, and packet information.\r\nIn UEBA, you do not track security events or monitor devices; instead, you track all the users and entities in your system. As such, UEBA focuses on insider threats, such as employees who have gone rogue, employees who have already been compromised, and people who already have access to your system and then carry out targeted attacks and fraud attempts, as well as servers, applications, and devices that are working within your system.\r\n<span style=\"font-weight: bold;\">What are the benefits of UEBA?</span>\r\nIt is the unfortunate truth that today's cybersecurity tools are fast becoming obsolete, and more skilled hackers and cyber attackers are now able to bypass the perimeter defenses that are used by most companies. In the old days, you were secure if you had web gateways, firewalls, and intrusion prevention tools in place. This is no longer the case in today’s complex threat landscape, and it’s especially true for bigger corporations that are proven to have very porous IT perimeters that are also very difficult to manage and oversee.\r\nThe bottom line? Preventive measures are no longer enough. Your firewalls are not going to be 100% foolproof, and hackers and attackers will get into your system at one point or another. This is why detection is equally important: when hackers do successfully get into your system, you should be able to detect their presence quickly in order to minimize the damage.\r\n<span style=\"font-weight: bold;\">How Does UEBA Work?</span>\r\nThe premise of UEBA is actually very simple. You can easily steal an employee’s user name and password, but it is much harder to mimic the person’s normal behavior once inside the network.\r\nFor example, let’s say you steal Jane Doe’s password and user name. You would still not be able to act precisely like Jane Doe once in the system unless given extensive research and preparation. Therefore, when Jane Doe’s user name is logged in to the system, and her behavior is different than that of typical Jane Doe, that is when UEBA alerts start to sound.\r\nAnother relatable analogy would be if your credit card was stolen. A thief can pickpocket your wallet and go to a high-end shop and start spending thousands of dollars using your credit card. If your spending pattern on that card is different from the thief’s, the company’s fraud detection department will often recognize the abnormal spending and block suspicious purchases, issuing an alert to you or asking you to verify the authenticity of a transaction.\r\nAs such, UEBA is a very important component of IT security, allowing you to:\r\n1. Detect insider threats. It is not too far-fetched to imagine that an employee, or perhaps a group of employees, could go rogue, stealing data and information by using their own access. UEBA can help you detect data breaches, sabotage, privilege abuse and policy violations made by your own staff.\r\n2. Detect compromised accounts. Sometimes, user accounts are compromised. It could be that the user unwittingly installed malware on his or her machine, or sometimes a legitimate account is spoofed. UEBA can help you weed out spoofed and compromised users before they can do real harm.\r\n3. Detect brute-force attacks. Hackers sometimes target your cloud-based entities as well as third-party authentication systems. With UEBA, you are able to detect brute-force attempts, allowing you to block access to these entities.\r\n4. Detect changes in permissions and the creation of super users. Some attacks involve the use of super users. UEBA allows you to detect when super users are created, or if there are accounts that were granted unnecessary permissions.\r\n5. Detect breach of protected data. If you have protected data, it is not enough to just keep it secure. You should know when a user accesses this data when he or she does not have any legitimate business reason to access it.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_User_and_Entity_Behavior_Analytics.png","alias":"ueba-user-and-entity-behavior-analytics"},"483":{"id":483,"title":"Messaging Security","description":"<span style=\"font-weight: bold; \">Messaging security</span> is a subcategory of <span style=\"font-style: italic; \">unified threat management (UTM) </span>focused on securing and protecting an organization’s communication infrastructure. Communication channels can include email software, messaging apps, and social network IM platforms. This extra layer of security can help secure devices and block a wider range of viruses or malware attacks.\r\nMessaging security helps to ensure the confidentiality and authenticity of an organization’s communication methods. Confidentiality refers to making sure only the intended recipients are able to read the messages and authenticity refers to making sure the identity of each sender or recipient is verified.\r\nOftentimes, attackers aim to gain access to an entire network or system by infiltrating the messaging infrastructure. Implementing proper data and message security can minimize the chance of data leaks and identity theft.\r\n<span style=\"color: rgb(97, 97, 97); \">Encrypted messaging (also known as secure messaging) provides end-to-end encryption for user-to-user text messaging. Encrypted messaging prevents anyone from monitoring text conversations. Many encrypted messenger apps also offer end-to-end encryption for phone calls made using the apps, as well as for files that are sent using the apps.</span>\r\nTwo modern methods of encryption are the <span style=\"font-style: italic; \">Public Key (Asymmetric)</span> and the <span style=\"font-style: italic; \">Private Key (Symmetric</span>) methods. While these two methods of encryption are similar in that they both allow users to encrypt data to hide it from the prying eyes of outsiders and then decrypt it for viewing by an authorized party, they differ in how they perform the steps involved in the process.\r\n<span style=\"font-weight: bold; \">Email</span> security message can rely on public-key cryptography, in which users can each publish a public key that others can use to encrypt messages to them, while keeping secret a private key they can use to decrypt such messages or to digitally encrypt and sign messages they send. \r\n<span style=\"font-weight: bold;\">Encrypted messaging systems </span>must be encrypted end-to-end, so that even the service provider and its staff are unable to decipher what’s in your communications. Ideal solutions is “server-less” encrypted chat where companies won’t store user information anywhere.\r\nIn a more general sense, users of unsecured public Wi-Fi should also consider using a <span style=\"font-weight: bold;\">Virtual Private Network </span>(VPN) application, to conceal their identity and location from Internet Service Providers (ISPs), higher level surveillance, and the attentions of hackers.","materialsDescription":"<h1 class=\"align-center\"> What is messaging security?</h1>\r\nMessaging Security is a program that provides protection for companies' messaging infrastructure. The programs include IP reputation-based anti-spam, pattern-based anti-spam, administrator-defined block/allow lists, mail antivirus, zero-hour malware detection, and email intrusion prevention.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">Six Dimensions of Comprehensive Messaging Security</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">IP-Reputation Anti-spam.</span> It checks each email connection request with a database of IP addresses to establish whether a sender is a legitimate or known spam sender and malware. If a sender is recognized it undesirable the messaging Security program drops the connection before the message is accepted.</li><li><span style=\"font-weight: bold; \">Pattern-based anti-spam</span> utilizes a proprietary algorithm to establish a fingerprint-like signature of email messages. When a message comes in, its pattern is calculated and checked against a database to determine if the message matches a known email pattern. </li><li><span style=\"font-weight: bold; \">Block/Allow List Anti-spam.</span> Administrators can create a list of IP addresses or domains that they would like to either block or allow. This method ensures that trusted sources are explicitly allowed and unwanted sources are explicitly denied access.</li><li><span style=\"font-weight: bold; \">Mail Antivirus.</span> This layer of protection blocks a wide range of known viruses and malware attacks.</li><li><span style=\"font-weight: bold; \">Zero-Hour Malware Protection.</span> By analyzing large numbers of messages, outbreaks are detected along with their corresponding messages. These message patterns are then flagged as malicious, giving information about a given attack.</li><li><span style=\"font-weight: bold; \">SmartDefense Email IPS.</span> The messaging security program utilizes SmartDefense Email IPS to stop attacks targeting the messaging infrastructure. </li></ul>\r\n<h1 class=\"align-center\">What are Signal, Wire and LINE messenger security apps like ?</h1>\r\n<p class=\"align-left\">Secure private messenger is a messaging application that emphasizes the privacy and of users using encryption and service transparency. While every modern messenger system is using different security practices (most prominently SSL/HTTPS) - the difference between secure and classic messengers is what we don’t know in the scope of implementation and approach to user data. </p>\r\n<p class=\"align-left\">Message access control and secure messengers evolved into a distinct category due to the growing awareness that communication over the internet is accessible by third parties, and reasonable concerns that the messages can be used against the users.</p>\r\n<h1 class=\"align-center\">Why secure communication is essential for business?</h1>\r\n<p class=\"align-left\">In the context of business operation, communication is a vital element of maintaining an efficient and dynamic working process. It lets you keep everything up to date and on the same page. And since many things are going on at the same time - tools like messengers are one of the many helpers that make the working day a little more manageable.</p>\r\n<p class=\"align-left\">Some of the information, like employee and customer data, proprietary information, data directly linked to business performance or future projections, may be strictly under a non-disclosure agreement. Without proper text message authentication in information security or encryption, it remains vulnerable to exposure. The chances are slim, but the possibility remains. </p>\r\n<p class=\"align-left\">And there are people interested in acquiring that sensitive information, people who like to play dirty because getting a competitive advantage is a decent motivation to go beyond the law. And when private conversations leak, especially the business-related ones - the impact is comparable with the Titanic hitting an iceberg. </p>\r\n<p class=\"align-left\">Encrypted massages in messenger prevents this from happening.</p>\r\n<p class=\"align-left\"> </p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Messaging_Security.png","alias":"messaging-security"},"713":{"id":713,"title":"IT Trainings","description":" IT Training is specific to the Information Technology (IT) industry, or to the skills necessary for performing information technology jobs. IT Training includes courses related to the application, design, development, implementation, support or management of computer-based information systems.\r\nThe IT training market is segmented into six broad market segments. Based on TrainingIndustry.com research, these segments reflect how IT training companies focus their suite of offerings and from which areas they derive most of their revenue.\r\n<ul><li>IT Infrastructure Training focuses on building, sustaining, and managing technical infrastructure.</li><li>Programming and Database Training involves database construction and management, programming language, and similar areas.</li><li>Enterprise Business Applications Training involves software applications that manage organizations’ processes, such as ERP, CRM, call center management, automated billing systems, etc.</li><li>Desktop Applications Training focuses on how to use programs and applications for desktop users.</li><li>Certification Training includes certifications, compliance, exam preparation, or boot camp style training programs.</li><li>Cyber Security Training involves courses and training programs centered on IT network and system security.</li></ul>","materialsDescription":" <span style=\"font-weight: bold;\">What is IT Training?</span>\r\nThe organized activity aimed at imparting information and/or instructions to improve the recipient's performance or to help him or her attain a required level of knowledge or skill in the IT-sphere.\r\n<span style=\"font-weight: bold;\">Who is an information technology (IT) trainer?</span>\r\nInformation technology trainers may teach IT administrative support staff or an organization's non-technical business users how to operate, configure, and maintain new technology. Employed either in-house as part of the IT department or by a technology vendor, the information technology trainer helps a company get the most value from its investment in an IT solution.\r\nAn information technology degree helps IT professionals build a foundation for a technical training career. In addition, IT trainers must stay up to date with evolving technology. IT certification programs such as MCSE certification allow trainers to build expertise in specific vendor technologies and systems components. According to the Bureau of Labor Statistics, training and development specialists in all fields earned a mean annual salary of $55,310 in 2009. Software publishing was among the top-paying industries for trainers, with a salary of $71,960.\r\n<span style=\"font-weight: bold;\">What is the target audience of IT Training?</span>\r\nStudents of IT training programs are predominately those who work in jobs related to computer science, network administration, information technology management, cloud computing, telecommunications, etc.\r\nGeneral business professionals and consumers who use IT applications, and computer and software products are other important audiences for IT training. IT training, more so than most other content segments of the training market, contains a substantial amount of business to consumer (B2C) training. Consumer training occurs when a student (or purchaser of a training program) completes the training on their own, without the recommendation, supervision, or support of an employer. This includes individuals aiming to improve their IT skill set or to gain certifications.\r\nThere is also a considerable amount of government spending in the IT training market, predominately in the area of cybersecurity.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_IT_Trainings.png","alias":"it-trainings"},"870":{"id":870,"title":"Cyber Security Training and Simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png","alias":"cyber-security-training-and-simulation"}},"branches":"Information Technology","companySizes":"501 to 1000 Employees","companyUrl":"https://www.cofense.com","countryCodes":["ARE","AUS","GBR","IRL","ISR","IND","PHL","USA"],"certifications":[],"isSeller":true,"isSupplier":true,"isVendor":true,"presenterCodeLng":"","seo":{"title":"Cofense","keywords":"","description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:title":"Cofense","og:description":" Cofense, formerly PhishMe, is the leading provider of human-driven phishing defense solutions world-wide. \r\nCompany delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. \r\nTheir collective defense","og:image":"https://old.roi4cio.com/uploads/roi/company/Cofense.png"},"eventUrl":"","vendorPartners":[],"supplierPartners":[],"vendoredProducts":[{"id":5904,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/Cofense_Logo.png","logo":true,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"supplierPartnersCount":0,"alias":"cofense-phishme","companyTitle":"Cofense","companyTypes":["supplier","vendor"],"companyId":5373,"companyAlias":"cofense","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:image":"https://old.roi4cio.com/fileadmin/user_upload/Cofense_Logo.png"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[{"id":130,"title":"Cyber Security Training and Simulation"}],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"suppliedProducts":[{"id":5904,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/Cofense_Logo.png","logo":true,"scheme":false,"title":"Cofense PhishMe","vendorVerified":0,"rating":"2.00","implementationsCount":17,"suppliersCount":0,"supplierPartnersCount":0,"alias":"cofense-phishme","companyTitle":"Cofense","companyTypes":["supplier","vendor"],"companyId":5373,"companyAlias":"cofense","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Will they fall for a phish or report it? Cofense PhishMeTM educates them on the real attacks your company faces, transforming vulnerable targets into active defenders.</p>\r\n<p><span style=\"font-weight: bold;\">YOUR PROBLEM</span></p>\r\n<p>No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches. The Cofense Phishing Defense CenterTM finds that 90% of user-reported emails are in environments using secure email gateways (SEGs). Every phishing email that reaches the user is an attack on your organization. When technology fails, users need to become human sensors and report phishing, so the SOC can remediate the threat. But how can users report if they don’t recognize today’s evolving attacks?</p>\r\n<p><span style=\"font-weight: bold;\">OUR SOLUTION</span></p>\r\n<p>Teach users to identify (real) phish. Cofense PhishMe educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defense resources that other providers lack. We believe that real phish are the real problem. Through experiential learning—simulations of current phishing threats — you’ll condition smarter email behavior, transforming vulnerable targets into an essential layer of defense.</p>\r\n<p><span style=\"font-weight: bold;\">Click Only:</span> A phishing email that urges the recipient to click on an embedded link.</p>\r\n<p><span style=\"font-weight: bold;\">Data Entry:</span> A phishing email with a link to a customized landing page that entices users to enter sensitive information.</p>\r\n<p><span style=\"font-weight: bold;\">Attachment-based:</span> A phishing email with seemingly legitimate attachments in a variety of file formats.</p>\r\n<p><span style=\"font-weight: bold;\">Double Barrel:</span> Patented technology that simulates conversational phishing techniques by sending two emails – one benign and one containing a malicious element – to train users on this tactic used by APT groups.<br />Benchmarking: A patented feature to conduct an identical scenario and receive an additional report that provides an anonymous comparison of your results with other Cofense customers or industry peers that ran the same scenario.</p>\r\n<p><span style=\"font-weight: bold;\">Highly Personalized:</span> Simulate advanced social engineering tactics by using specific public, known details about email recipients gathered from internal and public sources.</p>","shortDescription":"Cofense PhishMe simulates active phishing threats to condition smarter user behavior.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cofense PhishMe","keywords":"","description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:title":"Cofense PhishMe","og:description":"<p>Users Are NOT the Weakest Link. Let’s bust that myth right now. 100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line","og:image":"https://old.roi4cio.com/fileadmin/user_upload/Cofense_Logo.png"},"eventUrl":"","translationId":5906,"dealDetails":{"avgPartnerDiscount":0,"dealProtection":1,"avgDealSize":12000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[{"id":130,"title":"Cyber Security Training and Simulation"}],"testingArea":"Request demo: https://go.cofense.com/live-demo/","categories":[{"id":870,"title":"Cyber Security Training and Simulation","alias":"cyber-security-training-and-simulation","description":" Cyber security training and simulation is a powerful tool for CISOs and SOC managers to accurately simulate their network and security tools within a dynamic IT, or OT environment. A high-quality cyber range offers a rich catalog of simulated incident scenarios, in varying levels of difficulty, which security managers can choose from to train their teams. This opens up numerous new opportunities, several of which include: \r\n<ul><li>An environment for team training, where security staff can improve their communication and teamwork, both of which are critical elements of an efficient incident response team, and impossible to practice using conventional training systems.</li></ul>\r\n<ul><li>A means of training the entire organization in a breach scenario and the related business dilemmas, beyond incident response, including potential business executive decisions. Consider a ransomware scenario where executives are required to decide whether to pay the ransom, negotiate, or mitigate.</li></ul>\r\n<ul><li>A test-bed for potential products where they can be tested in a safe and controlled environment.</li></ul>\r\n<ul><li>A training environment for newly introduced products enabling team members to master new technologies and dramatically improve their performance and skills.</li></ul>\r\nCyber security training and simulation is the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.\r\nThe potential of simulation-based training, as compared to traditional training, is substantial. Organizations can not only train people but also test processes and technologies in a safe environment. Furthermore, security teams can train as individuals or as a group, to improve their teamwork. With the help of simulation, your team can experience high-fidelity threat scenarios while training, and improve their capabilities, rather that encountering these threats for the first time during the actual attack. This results in a dramatic improvement in their performance.","materialsDescription":" <span style=\"font-weight: bold; \">Why do you need to train cybersecurity employees?</span>\r\nNew threats and attack vectors emerge, spanning across a converged attack surface of IT and OT networks, as well as IoT devices. Attacks have become time-sensitive, requiring SOCs to detect and respond within seconds to minutes, and challenging the SOC’s ability to perform effectively.\r\nForward thinking CISOs now understand that rushing to spend their growing budgets to purchase the latest tools, hoping that the new technology will finally improve their security posture, will not resolve their strategic, and, in many cases, existential problems. They are beginning to acknowledge that their teams are not professionally equipped to face the new generation threats, not because of the lack of products or technologies, but because they don't really know how to operate them effectively. Most of them have never trained effectively, either as individuals or as a team, never faced a multi-stage attack, and have never used their technologies in a real-life attack scenario, requiring them to respond to an evolving attack within minutes. \r\nInvesting in our cyber experts and in our SOC teams, both as individuals, as well as a unified team, is THE key to an effective SOC. In the case of cybersecurity, this challenge is amplified. The shortage in cybersecurity professionals is at a critical state and will only continue to grow, forcing cybersecurity leaders to hire unexperienced team members to fill in open positions. Security analysts, often junior and barely trained, are expected to master dozens of security products in increasing numbers, defending against threats they have never experienced before. \r\n\r\n<span style=\"font-weight: bold; \">What is a cybersecurity simulation and why is it needed?</span>\r\n<span style=\"color: rgb(97, 97, 97); \">Traditional IT security training is largely ineffective, because it relies on sterile, mostly theoretical training. It is often conducted on the job by SOC team members rather than by professional instructors. To get our security teams prepared to face today’s multi-dimensional IT and OT security challenges, we must place them in a technology-driven environment that mirrors their own, facing real-life threats. In other words: hyper-realistic simulation. </span>\r\n<span style=\"color: rgb(97, 97, 97); \">Just as you would never send a pilot to combat before simulating emergency scenarios and potential combat situations, we should not send our cyber defenders to the field before enabling them to experience potential attacks and practicing response within a simulated environment.</span>\r\n<span style=\"color: rgb(97, 97, 97); \">A flight simulator replicates the actual combat zone, from realistic weather conditions, aircraft instruments to enemy aircraft attacks. This realism maximizes the impact of the training session. Similarly, the way to maximize the effectiveness of security training is by providing a virtual replica of your actual “warzone” resulting in a true-to-life experience. Security teams should use the actual security tools they use at work, and should experience their familiar network setup, and traffic. Threats should be simulated accurately, including advanced, evolving threats, targeted malware and ransomware.<br /></span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/education-training.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"partnershipProgramme":null}},"aliases":{},"links":{},"meta":{},"loading":false,"error":null},"implementations":{"implementationsByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null},"agreements":{"agreementById":{},"ids":{},"links":{},"meta":{},"loading":false,"error":null},"comparison":{"loading":false,"error":false,"templatesById":{},"comparisonByTemplateId":{},"products":[],"selectedTemplateId":null},"presentation":{"type":null,"company":{},"products":[],"partners":[],"formData":{},"dataLoading":false,"dataError":false,"loading":false,"error":false},"catalogsGlobal":{"subMenuItemTitle":""}}