SecurityIQ Case Study

Security Awareness Education

The City of Auburn is the municipal government for a large suburb of Seattle, Washington. Faced with the
challenge of educating almost 300 employees and elected officials on cybersecurity threats and defenses, the
City turned to SecurityIQ, a cloud-based security awareness education platform provided by the InfoSec Institute.

Question & Answer

With Paul Haugan, Director, Innovation and Technology
Q: What stood out during the evaluation?
A: SecurityIQ was set up for our company so that our
staff would be very engaged in Security Awareness
training.
Q: How accessible was the interface and the training?

Deployment Profile
Course 1: 9 modules over several months
Course 2: 3x one-day classes of 3 modules each
Grouped: By Department

Deployment Schedule
Day 0: Start planning guide
Day 7: Review planning guide
Day 14: Configured
Day 30: Launched

A: We found the product layout to be intuitive and easy

to navigate. We feel this platform was really geared
toward an appropriate audience not so technical
that few could understand it, but robust enough so
that our learners became aware of security issues.
Q: How did it do when you launched your first campaign?
A: We actually had a 65% penetration rate (learners
who started the training upon enrollment) which
is excellent because this is the first time we rolled
something like this out.

Special Considerations
Accessible Material: The educational backgrounds of the employees taking the training ranged from lessthan-high-school laborers through municipal specialists with graduate degrees, so the material had to
address a wide range of learners.
Off Line Training: Many employees had no regular computer access or needed to complete training during
certain time periods (as per union rules, etc.), so training was packaged for off line sessions and could
marked complete by session leaders.

(866) 471-0059

| SecurityIQ.InfoSecInstitute.com

SecurityIQ

Security Awareness Education

The SecurityIQ security awareness program

emphasizes interactive learning and ease of
administration. Our training, exercises and phishing
simulator dont just help organizations achieve
cybersecurity compliance: they actually produce
smarter and safer end users!

INTERACTIVE EXERCISES
EASY MANAGEMENT
COMPREHENSIVE REPORTING
INTEGRATED PHISHING SIMULATOR

Security Awareness FAQ

Q: How INTERACTIVE are the modules?

Q: How does the phishing simulator work?

A: Our training exercises simulate real-world conditions, such

as phishing emails and pop-up alerts learners can expect to
see in their daily work. We try to avoid traditional multiplechoice quizzes in favor of drag-and-drop puzzles, sorting
games and other techniques to interest and engage people.

A: You can choose to send built-in or custom phishing

templates, which are then sent to learners as simulated
phishing emails. As people react to the emails, they are
automatically educated with the materials you choose, and
can also be enrolled in specific groups for additional training
or attention.

Q: When would I use CUSTOM COURSES?

A: Custom courses are used to provide the right amount of
training to specific roles. For example, an executive assistant
may need a different level of training than a plant engineer.
Custom courses can be used to lengthen or shorten training
sessions, provide extra training in certain areas, or omit certain
topics. They can be applied to everyone in an organization or
to specific groups the choice is yours!
Q: Can I CUSTOMIZE the content? Add my own modules?
A: Of course. In addition to custom courses that allow you
to tailor the training LMS allows for extensive customization,
including integration with corporate systems and addition of
your own modules. Call us!

Q: How CURRENT is the content?

A: Our original Security Awareness course was originally
developed in 2003 and then completely redeveloped in 2016.
We also provide annual updates to our content, and release
several new modules covering new topics every year.
Q: How will this help my organization COMPLY with?
A: Before any content was developed, course topics and
outlines were mapped against leading standards, including
PCI DSS, NIST 800-16 and ISO 17799. We hope our diligence
will not only help you comply, but reduce the amount of time
it will take you to demonstrate compliance to your regulators,
auditors and other interested parties.

About InfoSec Institute

Your Free Account Awaits

Since 1998, InfoSec Institute has trained more than 45,000

domestic and international cybersecurity professionals for
government and corporations in award-winning programs
conducted in person or through computer-based training.

Visit our website, SecurityIQ.InfoSecInstitute.com, to

register for your free account, or contact us for a free trial
of a commercial account.

(866) 471-0059

| SecurityIQ.InfoSecInstitute.com

AwareEd

PhishSim