Improving customers’ security awareness is a challenge MSPs face every day. After all, human error is still one of the main causes of data breaches. In a recent study conducted by the Ponemon Institute, 54 percent of the SMBs surveyed pointed to a negligent employee or contractor as the root cause of a data breach their business experienced, and 43 percent pointed to third-party mistakes.
Ongoing user education can make a significant difference in how many of your small business customers are affected by cyber attacks and data breaches. That’s why we’re excited about Barracuda’s recent acquisition of PhishLine, a social engineering simulation and training platform.
In a post on the Barracuda blog, PhishLine CEO and Founder Mark Chapman explained why PhishLine and Barracuda are good fit together: “PhishLine is known to be a powerful enterprise offering. The Barracuda team knows how to refine traditionally complex products with elegant simplicity. The combined resources will create new security awareness solutions that are both powerful and easy to use. What a fantastic match!”
Neal Bradbury on PhishLine and MSPs
To learn more about how the news will help MSPs, we spoke with Neal Bradbury, senior director of business development for Barracuda MSP.
Why is user education an important service for MSPs to provide?
Email is still one of the most-targeted threat vectors, and it requires a layered approach that combines both providing the right security technology and addressing the human layer of defense. Even though your customers and their employees can be your biggest advocates for improving security, they are still the weakest link in their own defenses. PhishLine’s style of social engineering simulation and training makes it easy for MSPs to provide ongoing security education and helps identify end users that need to learn more.
What sets PhishLine’s approach to security education apart from what MSPs might be sharing with customers now?
Although many MSPs are already providing some level of basic security education to their customers, today’s threats are continually evolving, so your approach to education and training needs to keep up. Cybercriminals are moving beyond email to create multivariable attacks, and the PhishLine computer-based training includes simulations across email, text messaging, voice, and USB/mobile media.
Essentially, the PhishLine platform can simulate a real-world attack, and instead of becoming victims, users are taken to an educational resource that will help them learn how to avoid similar attacks in the future. The platform also includes data capture, analytics, and reporting, as well as continual, complex analysis of employee performance. So PhishLine helps you take security education to the next level for your customers.
How do PhishLine’s solutions fit in with Barracuda MSP’s other email security offerings?
As email threats become more targeted, MSPs need to take a multi-layered approach to security to successfully protect customers, their applications, and their data. Security education complements Barracuda’s other offerings, such as email security, network security, and data protection. Together these solutions help you protect your customers against email-borne attacks and social engineering.
How can adding computer-based security training help MSPs?
Computer-based security training is a huge opportunity for MSPs to generate more recurring revenue. With a platform like PhishLine, security education becomes a valuable part of your services portfolio, instead of being treated as an afterthought. As a bonus, this type of training will help your customers and their employees make smarter decisions about security, which can ultimately save them money and make your MSP more efficient because you won't have to spend as much time fixing things after someone clicks on the wrong thing by mistake.