Okay hear us out. A lot of you reading this will have security training programs that suffer from one or both of these chronic conditions:
- Your phishing simulation is too basic and the real-life threats (especially the dangerous ones) look nothing like it.
- Your employees just play training videos in the background/minimized while doing something else.
Well let us clear the air and say that you're not alone! This is what typical security training looks like today, and our mission at Vansec is to fix that.
What's Vansec?
Vansec is a spear phishing simulation & security awareness training platform (powered by AI) for organizations that actually care about security.
- Our spear phishing simulation is highly-personalized (using AI), multi-message (parse + generate emails using AI), and multi-modal (email, SMS, and more), to accurately reflect the current sophistication of phishing that bad actors employ (we have basic phishing simulations as well).
- Our chat-based security awareness training is designed to be interactive (users will actually learn) and bite-sized (< 5 mins).
Vansec in action
They say a picture is worth a thousand words. Here's 3,000:
What is spear phishing simulation and why is it important?
Well, we kinda jumped into things here without the broader context. You're probably familiar with this already but here it is anyways: phishing is by far the most common way in which cyber attacks occur (over 90%, as of 2020), and 66% of phishing victims are victims of targeted (spear) phishing attacks (as of 2023). With the proliferation of generative AI and everyone being on LinkedIn, the phishing techniques that bad actors use continue to grow both in sophistication and scale.
Spear phishing is an advanced form of phishing, where the bad actor engages the victim in a very personalized & targeted manner, usually involving prior research on the victim (e.g. via LinkedIn) as well as various social engineering techniques to try to trick the victim. Bad actors know that basic phishing emails don't work anymore, and they've upped their game. This means that organizations also need to prepare against these evolving threats.
Existing phishing simulations are ineffective
The world of phishing simulation is dominated by legacy players like KnowBe4, and while their product is the standard of the industry, the product itself is very one-dimensional.
Problem 1. Existing phishing simulations are too basic, where you send out one templated email and that’s it.
Problem 2. Simulations are not highly-personalized, nor can you train your employees against dangerous social engineering techniques.
The reality is that this does not prepare your employees against the most dangerous type of phishing attacks: spear phishing. Vansec’s spear phishing simulations are multi-message, hyper-personalized, and scenario-based where you can choose from common scenarios or customize your own (p.s. we also provide basic phishing simulation too).
Security awareness training is broken
Employees playing training videos in the background/minimized while doing something else. This is what security awareness training looks like today.
Problem 1. Obviously, this does not improve company’s actual security readiness.
Problem 2. It’s a waste of time for the employee.
The optimal outcome here is for the training to be a) effective i.e. employees actually learn and become security-effective and b) time-efficient i.e. minimal disruption to their workflow.
Our opinion is that learning should always be interactive, not passive. We also believe that getting pulled away from actual work to complete training is always going to be annoying for the employee, no matter how you do it. That’s why we designed Vansec’s security awareness training to be interactive & bite-sized (p.s. it’s also super personalized).
What now?
If this piques your interest, check out our interactive demo and/or find a time to get set up!
