Simulated phishing and associated training framework
Reduce the risks from phishing and related attacks by giving users the skills and awareness to spot threats.
Cyber security isn’t just for IT professionals. Users also play an important role in the defence against threats. As attacks such as phishing become more sophisticated, it’s vital to ensure that your staff, students or users have the awareness and skills to spot a potential breach.
That’s why we offer phishing simulations to help users safely experience what an attack might look like – and related security training so they understand wider risks and know what to do if they suspect an issue.
Service delivery
This simulation and training service is delivered by our partner, Khipu Networks.
Khipu also offers free scans to Jisc members alongside their 15-minute webinars.
How the service can help you
The service is cost-effective and flexible. It includes practical simulations, as well as theoretical sessions, with a choice of classroom-based or virtual learning led by experienced cyber security experts.
The simulation service includes:
- Fully managed simulated phishing campaigns – including simulated phishing emails and websites
- Awareness training services – including tips to identify fake and suspicious emails
- Classroom-led ‘cyber security 101’ training – training modules with videos, interactive quizzes and tests
- Detailed reporting showing stats and graphs after each anti-phishing campaign
- Cyber security best practice reviews and workshops
- Recommendations on improving cyber security postures using products and services available via other Jisc frameworks
Using the associated training, you can:
- Build flexible training to suit your needs – this service can be customised to suit the specific needs of your users
- Get the benefit of experienced trainers – training is carried out by experienced cyber security experts, it’s not an ‘email-only’ software solution
- Achieve value for money – in pre-procuring this service, we’ve taken significant account of cost – and in particular, the cost of scaling the service across the number of users in a research and education organisation. You pay a single price per campaign regardless of how many users are 'phished' – instead of a 'per-user' price model, which can be expensive for larger organisations
- Buy with confidence – because we have pre-procured this service and conducted due diligence on it, you can buy confidently, knowing it’s a service you can trust
Find out more
Read the cyber impact report - Find out about the impact of cyber security incidents on the UK's further and higher education and research sectors.
Watch our cyber security documentary which looks at the current cyber crime climate, and what you can do to protect yourself the most effectively.
To find out more about this service, email simulated.phishing@jisc.ac.uk or call 0300 300 2212.
Case study: educate your users for effective protection against phishing attacks
How Guildford College uses this service to reduce its risk from phishing attacks.
ISO certification
This service is included within the scope of our ISO9001 and ISO27001 certificates.