What is our primary use case?
Within our global IT Security Strategy, user awareness training is a very important task.
We train our employees in all locations with different languages. We use the functions for training, phishing tests, and security surveys. We have a global roadmap with defined dates when which training will be executed.
All of our users have to participate and run a test at the end of each training. We also provide GDPR training for our employees worldwide, which is very important.
An additional feature that we use is PhishAlarm.
How has it helped my organization?
Wombat has given our users a heightened sense of security awareness. As a result, the click rate on phishing emails has dropped significantly. Our users are able to do free training on their own for each section that we provide. Moreover, they are able to complete the training more than once.
Three times per year, we conduct mandatory training and the success rate is improving over time. This could also be seen during the yearly CyberStrength assessments that we are running.
The big benefit is that all users are much more careful when an email is received.
What is most valuable?
Most valuable is the SSO integration with our AD, so the users can employ our federation service to log in. Also, the synchronization of new and outdated users is working fine.
In addition, we have the challenge that an anonymized evaluation of user information is necessary for individual locations. This can also be implemented without any problems.
Additionally, there are a lot of videos inside the training material. We are placing these inside our intranet for additional training or information about security risks.
What needs improvement?
As we have to report the results of each training to different recipients, it will be very helpful when the reporting system is improved. We would like to create reports for local IT leaders in a different way, more suitable for upper management.
We need to have archive functions for older training in order to satisfy requests from local regulators.
For how long have I used the solution?
We have been using Wombat/Proofpoint Security Education Training for two years.
What's my experience with pricing, setup cost, and licensing?
We received very good pricing, as we are also working with the Proofpoint spam appliances. Both tools work hand in hand.
Which other solutions did I evaluate?
We evaluated KnowBe4 and SoSafe.
What other advice do I have?
It is a very good tool to improve user awareness regarding cyber-attacks. The Wombat Security Education Platform also brought us administrative and organizational benefits, as the users are the most important link in the security chain.
Which deployment model are you using for this solution?