In this article, we explain the importance of security awareness training and the benefits for MSPs of adding security awareness training and phishing simulations to their managed services.
Security Awareness Training Works!
Security awareness training and phishing simulations have been proven to reduce the susceptibility of employees to phishing attacks. Through an ongoing program of training and testing, the average response rate to phishing attempts falls from the pan-industry average of 37.9% to less than 3%. Some employees are prone to click on links in emails and open attachments despite being given training, so getting the response rate lower may not be possible, but such a massive reduction in responses to phishing emails will save several times more money than the cost of providing training to the workforce.
Despite the high ROI of providing training, 57% of SMBs provide no security awareness training to their workforce whatsoever. When training is provided, it is often provided to new employees during the onboarding process, or as a once-a-year training session. The threat landscape is constantly changing and new phishing and malspam campaigns are constantly being developed to fool employees, so for training to be effective it must be an ongoing process.
Phishing is one of the main ways that ransomware actors gain initial access to networks, and according to the Verizon Data Breach Investigations Report, 82% of security breaches involve a human element. Given the extent to which employees are targeted, the rapidly changing threat landscape, and the high percentage of data breaches that are caused by human error, training is vital.
SMBs are Requesting Security Awareness Training from Their MSPs
The problem for many SMBs is they lack the in-house staff and the resources to create effective training campaigns. Training content needs to be constantly updated to teach employees about the emerging techniques used by threat actors. For this reason, many SMBs turn to third-party companies and use their solutions to train their workforce, and it is becoming increasingly common for SMBs to ask their managed service providers to assist with training and conducting phishing simulations.
Phishing simulations are a vital part of the training process as it gives employees practice at identifying phishing attempts outside of a training setting; however, there is potential for things to go wrong when these simulations are conducted by SMBs on their own staff. Having a managed service provider conduct the campaigns can be highly beneficial for SMBs. That extra degree of separation can help to prevent bad feeling amongst employees that management is trying to catch them out.
Interestingly, despite the benefits of security awareness training and phishing simulations and the demand from SMBs, only 60% of MSPs currently offer security awareness training and phishing simulations to their clients as part of their managed security services. The security awareness training market is now estimated to be worth $1 billion annually and is growing at a rate of 13% a year, and MSPs that provide security awareness training and phishing simulations as part of their managed services are reaping the rewards. They profit from providing the training, reduce the susceptibility of their client organizations to phishing attacks, and reduce the time they need to spend helping clients recover from successful attacks. MSPs may be surprised to hear that 69% of SMBs said they would hold their MSP accountable at some level for a successful phishing attack.
One of the problems that MSPs face when they consider offering security awareness training as a managed service is finding a suitable platform that allows them to easily provide training and automate the training and conduct phishing simulations. TitanHQ is now happy to announce that its award-winning security awareness training and phishing simulation platform – SafeTitan – has now been upgraded and has a host of new features to meet the needs of MSPs.
SafeTitan for MSPs – An MSP-Friendly Security Awareness Training and Phishing Simulation Platform
TitanHQ has conducted extensive research to find out exactly what MSPs need from a security awareness training platform. The company asked its MSP advisory council and extensive MSP customer base about aspects of the SafeTitan platform that could be improved to make it even better for MSPs. After extensive research and further development, TitanHQ is happy to announce that SafeTitan for MSPs has been launched.
MSPs already familiar with the security awareness training and phishing simulation platform may notice several new features that have now been added, which make it much easier to conduct mass training campaigns and phishing simulations. The MSP dashboard has been improved to make it easy for quick actions to be performed and to access live analytics and schedule client reports to demonstrate the ROI, either weekly, bi-weekly, quarterly, bi-annually, or annually.
The solution can be provided as a white label, that can take the MSP’s branding or be branded for their clients. Clients benefit from 80+ videos, training sessions & webinars, the training content is provided as modules of 8-10 minutes max to make it easy to be conducted without impacting productivity, and the phishing simulation platform has over 1,800 phishing templates based on real-world phishing and smishing attacks.
MSPs can easily set up and automate training and phishing simulations so that this managed service requires little in the way of actual management by the MSP. The solution is SSO-ready to avoid the annoying entry of login credentials, and now has direct email injection to ensure that phishing emails are delivered without having to configure allow lists and firewalls and if campaigns need to be modified, it is easy to make tweaks such as adding additional users. When phishing simulations are failed, the solution will automatically trigger targeted training in real-time in response to the specific failure.
We genuinely believe that we have created the ideal security awareness training and phishing simulation platform for MSPs and invite you to book a free product demonstration to see the product in action and to explain all the features.