It should come as no surprise to anyone in the infosec world that cybersecurity is big business. And with the lure of big business comes an influx of entrants to the market. Such is the case with the security awareness training space, which has seen a number of new vendors during the past couple of years. Naturally, this has changed the dynamic in several ways — some positive, and some negative.
One of the positives is that more organizations are acknowledging the influence ends users have on overall security postures. Another positive is that the increased competition drives all players to be better and pushes vendors to innovate and be responsive to emerging threats, compliance training requirements, and their customers’ needs.
But as in all booming industries, there are those security awareness and training vendors who devalue their customers’ experiences in an effort to boost their own bottom line. It is a trend we've been disappointed to witness; since our founding in 2008, we’ve gauged our success not only by our balance sheets, but by the benefits we bring to our users and by the relationships we build with our customers. Yes, we want to be (and most definitively are) a healthy business. But we also want to be a trusted partner, and that’s why we model ourselves a little differently than some of our competitors. The attendee reviews from our 2016 Wombat Wisdom User Conference are a great reflection of the relationships we build with our customers and the value we place on their ideas and experiences.
All of our claims are based on field-proven data and results. Read more about how our customers are using our phishing tests, knowledge assessments, and cybersecurity education and awareness tools to realize quantifiable results and build a culture of security with their organizations.
We take our leadership position in this field very seriously, and you can count on us to continue to advance and evolve our product line to deliver the best possible assessment, training, awareness, reinforcement, and measurement tools to organizations, program administrators, and end users. Our Continuous Training Methodology clearly resonates given the number of newer entrants who have adopted a similar approach to ours. (Imitation is, as they say, the sincerest form of flattery.)
As you consider your options for security awareness and training, we encourage you to hear what others have to say — but also to recognize that there are things we won’t say. We would never claim to get you to 0% end-user phishing susceptibility; with the creativity, persistence, and sophistication of cybercriminals, chasing zero is actually counterproductive. And we would advise you to be very wary of any vendor who regards cybersecurity training as merely a “checking the box” activity. Those who devalue their own education tools — or who claim that simulated phishing tests are all you need to move the dial — are, in effect, putting a limit on the results you can achieve with their solution.
Most importantly, we would never use the phrase “it’s just business” to excuse what is, in reality, bad or unethical personal behavior. Because for us, business is decidedly personal. If you want to build a program that offers you a clear path to ROI, there is an advantage to choosing a partner with the experience, knowledge, support, and honesty that we bring to every customer relationship.