By Omer Taran, CybeReady Co-Founder & CTO
Though the word “automation” was not coined until 1947 by Ford Motor Company to describe the use of automatic devices in the company’s production lines, today it is one of the most widely used terms in the tech industry. To most of us it signifies productivity, efficiency and scale. Unfortunately, the term has also been appropriated by vendors who use it to hype products or services that provide pseudo or semi-automation, lacking any true, data-driven intelligence.
When it comes to cybersecurity training, how can smart automation help ensure training is both efficient and effective? And how can it help create a scalable system for meaningful learning? These are the questions our team has worked tirelessly to solve. Today, automation is a crucial part of our company methodology and the backbone of the CybeReady platform.
Automation is already a crucial component for many leading their enterprise security awareness training programs, helping to drive efficiency and impact at scale:
Jump to a section…
- What is training automation?
- Automation is nothing without optimization
- Phishing: a never-ending story
- The CybeReady difference
What is training automation?
In the cybersecurity sector, “automation” has become something of a buzzword. Yet, few companies have taken the time to really understand what automation means — especially in the context of employee training. Sure, they might offer automated training reminders or send out test emails at a scheduled time, but that’s really just the baseline of what security awareness training automation has to offer.
Automation is nothing without optimization
I’ve worked in high-stakes security settings, and experience has taught me that hands-on learning has the greatest impact. Whether you’re monitoring infosecurity at the government level or fielding phishing threats in your inbox, you’re making split-second decisions. Security awareness training videos and multiple-choice tests are poor preparation for real-world challenges.
The benefits of hands-on, individualized trainings
We started CybeReady with a vision to move beyond the traditional train-and-test formula. We wanted to deliver hands-on, individualized training scenarios — something existing “automated” programs had not yet achieved. Even today, many automated phishing training solutions disregard the need for continuous data analysis in decision-making and fail to move the needle. Moreover, many still require a lot of manual configuration, which defeats the purpose of automation altogether.
Automation is simply a threshold that must be crossed to reach optimization. We make training simulations scalable through automation, then optimize to ensure efficiency at scale. Our engine continuously performs a wide range of tasks in the background. Meanwhile, we collect and analyze data on an ongoing basis to fine-tune our machine learning algorithms. All this is done in the interest of affecting learning outcomes, which is our primary metric for success.
Phishing: a never-ending story
So why does this all matter? Because as technology evolves, so do cybersecurity threats. Phishing has gotten more sophisticated over the years. It’s now a far cry from the obviously fake (and grammatically questionable) emails of years passed. Meanwhile, hackers are also incorporating automation in their increasingly advanced technological toolset. The security community, of course, is always flagging new threats, but then the hackers respond to them — it’s an ever-evolving cycle. It’s also cyclical; for example, this year, we’ve seen a serious uptick in coronavirus-related attacks.
Phishing is a never-ending story. That’s why traditional training — which usually involves employees taking a one-and-done course — isn’t effective. A successful learning program needs to be able to evolve frequently without having to lecture employees on every single new threat in existence. Hackers rely on the human nature of recognizing patterns to defraud people; CybeReady responds by teaching counter-patterns, leveraging human behaviors.
My partner and I spent our first year in business analyzing these behaviors and studying the cognitive limitations of identifying phishing attempts. Today, our team understands better than anyone how to fight these ever-evolving scams without having to constantly invest in time-consuming training modules. When an organization receives a threat, individuals are the last line of defense— and with the right training automation in place, they’ll be prepared to meet it. “CybeReady presents a different approach to building cybersecurity resilience. The only one that is proven to work.”
There’s no one-size-fits-all approach to building cybersecurity resilience, so training solutions must be adaptive and predictive. Unlike other programs, CybeReady uses automation and machine learning to optimize and individualize every simulation. That means we send different simulated phishing emails to different employees based on predictive models for engagement and learning efficacy. Our platform analyzes individual user behavior and adapts and evolves accordingly.
We also focus on individual learning outcomes over test results — a vision made scalable through automation. While customers may not see our processes, they’re always there; 90% of our platform runs in the background.
Here are a few of the processes we’ve optimized:
- Engagement. Which phishing simulation should be sent out, and to whom? We use machine learning to send the material that has the highest chance of engaging an employee. This keeps the material fresh and challenging and ensures that employees are continuously strengthening skills.
- Time and place. When and where simulations appear changes with every individual company. So do workdays, branding, and every other aspect of the program.
- Language. One thing that makes us unique is our multilingual approach to cybersecurity training. That goes beyond basic translation into truly understanding how people of different cultures and languages respond to different types of simulations.
- Responding to how people think. Our approach is to make training short, concise, and easily adaptable. By starting from an understanding of how memory works and how people respond to this kind of content — which, as I said, can vary by language — we’re able to help respondents learn faster and retain more of the training.
Think of our automation as a form of autopilot, like that used on planes. Though autopilot takes care of the majority of processes, it still ultimately leaves the pilot in control. The pilot is then free to make other decisions and take care of other processes that don’t require the same level of automation.
That’s what our platform does: It relieves infosec teams from tedious work while ensuring our customers are still in control. We make dozens of tiny decisions daily (autonomously) — when to send emails, what level of engagement to deploy, and so forth — while still allowing our customers to get involved in critical decisions related to content. That’s how we’re going beyond the buzzword, offering true automated platform to train employee, that’s always optimizing and keeps getting better.