Mimecast has announced an industry changing capability that will allow customers to launch live phishing simulations. Known as SAFE Phish, it’s designed to let security teams create training exercises using real-life, de-weaponised campaigns that target their organisations and employees. Training results are engineered to be incorporated into the Mimecast SAFE Score dashboard, which is designed to aggregate data to gauge a company’s security posture. Organisations have an opportunity to re-define the way overall risk is measured as a result.
“Replicating genuine phishing attacks for training purposes has historically been challenging,” said Michael Madon, SVP and GM of Mimecast Security Awareness Products. “With SAFE Phish technology, end-users can safely be exposed to real-life, de-weaponised phishing attacks to make training more effective and provide a data-driven picture of which employees are most at risk. Our research has shown that end-users who have taken Mimecast Awareness Training are 5.2 times less likely to click on dangerous links. We’re very excited about how SAFE Phish simulations can further help increase the impact of our security awareness solution.”
Because SAFE Phish results act as a security feed, data from phish testing can be incorporated into the Mimecast SAFE Score dashboard, which is designed to calculate individual user risk using four factors – engagement, knowledge, sentiment, and bad URL clicks. Data is also aggregated to provide an overall organisational risk assessment.
“SAFE Phish and the SAFE Score dashboard are designed to work together to transform the way risk is measured,” said Mandy McKensie, director of product management for Mimecast Awareness Training. “Security teams can get a more complete view of risk at both the individual and organisational level and also benchmark their performance against peers in their industries or geographical regions. Using that information, they can take a more proactive approach to addressing potential issues, from applying new security controls or assigning additional training to their riskiest users.”
According to recent research from Mimecast, almost 60 percent of 1,025 IT decision makers said they saw an increase in both phishing (58 percent) and impersonation attacks (60 percent) over the last year. The uptick of COVID-19-related phishing campaigns also highlights the fact that threat actors are looking for new opportunities to target victims with relevant topics.
“Mimecast SAFE Phish is engineered to provide welcome capabilities at a time when streamlining and automating processes has become a huge focus for CISOs and their teams,” Madon said. “We’re very excited about our expanded ability to keep organisations and their end-users safe during a particularly challenging time.”
The Safe Score dashboard and SAFE Phish will be available in Q2 of FY 2021.