Computer-

based training
Kaspersky
programs for all
organizational Security
levels
Awareness

Learn more on kaspersky.com

Kaspersky Security Awareness
The effective way to build cybersafety
throughout your organization

More than 80% of all cyber-incidents are caused by human error. A culture of cybersafe behavior together
with fundamental cybersecurity skills and awareness throughout your organization are key to reducing the
attack surface and the number of incidents you have to deal with. Organizations often struggle to find the
right tools and methods for effective employee training that changes behavior for the better. The key to
achieving this is to deploy training that employs the latest techniques and technologies in adult education
and delivers the most relevant and up-to-date content.

Kaspersky Security Awareness –

a new approach to mastering IT
security skills
The human factor – the most Kaspersky Security Awareness offers a range of highly engaging and effective training
vulnerable element of cybersecurity solutions that boost the cybersecurity awareness of your staff so that they all play
Cybersecurity solutions are rapidly their part in the overall cybersafety of your organization. Because sustainable changes
developing and adapting to complex threats, in behavior take time, our approach involves building a continuous learning cycle that
making life more difficult for cyber criminals includes multiple components.
who are turning to the most vulnerable
element of cybersecurity - the human factor.
Continuous learning cycle
52% of companies regard employees as the
biggest threat to corporate cybersecurity* Engagement/
Starting point Learning Reinforcement
motivation
60% of employees have confidential data
on their corporate device (financial data,
email database, etc.)** – Why do I need – Am I aware? – Micro learning – Did I get it right?
this? – What do I know – Continuous – Do I remember this?
30% of employees admit that – Cognition and where are learning – Do I act accordingly?
they share their work PC’s login and the gaps? – Adaptivity
password details with colleagues**

23% of organizations do not have any

cybersecurity rules or policies in place for
corporate data storage** Key program differentiators

Substantial cybersecurity expertise

20+ years’ experience in cybersecurity transformed into
a cybersafety skillset that lies at the heart of our products

Training that change employees’ behavior at

every level of your organization
Our gamified training provides engagement and motivation
through edutainment, while the learning platforms help to
internalize the cybersecurity skillset to ensure that learnt skills
don’t get lost along the way.

* Research: “The cost of a data breach”,

Kaspersky Lab, Spring 2018.
** “Sorting out a Digital Clutter”. Kaspersky Lab,
2019.

1
 Fueling motivation for effective
security awareness
Employees make mistakes. Changing employees’ behavior is your biggest cybersecurity challenge. People are
Organizations lose money… generally not motivated to acquire skills and change their habits, which is why so many
educational efforts turn into little more than an empty formality. Effective training
consists of different components, takes into account the specifics of human nature
and the ability to assimilate the acquired skills. As cybersecurity experts, Kaspersky
knows what cybersafe user behavior looks like. Using our insights and expertise, we’ve
added learning techniques and methods to immunize our customers’ employees against
$1,195,000 attacks while giving them the freedom to perform without constraints.
per enterprise organization
The average financial impact of a data
breach caused by inappropriate IT resource Different training formats for different organizational
use by employees*
levels

InfoSec & Kaspersky

Incident
CorCom Communications
52%
of enterprise organizations › Crisis
experienced cybersecurity incidents as a communications skills
result of inappropriate IT resource use by
Cybersecurity
employees ** for IT Online
Generalist IT
› 1st line of incident defense
ADVANCED
[Dis]Connected

› A story-rich educational game on cybersecurity

REINFORCEMENT
More than $1,7Bln Automated Security Kaspersky Adaptive
global financial losses All employees
Awareness Platform Online Training

resulted from business email compromise < 500 employees 500 + employees
complaints***
› Practical cyber-hygiene skills
LEARNING
Gamified
Assessment Tool › Current user cyber-hygiene assessment

STARTING POINT

Kaspersky Interactive › Strategic team › Interactive Cybersafety

С-level Protection Simulation simulation game gamified workshop Management Games

MOTIVATION

* Report: “On the Money: Growing IT Security

Budgets to Protect Digital Transformation
Initiatives . Kaspersky Lab, 2019
** Report: “IT security economics in 2019’,
Kaspersky
*** FBI “2019 Internet Crime Report”

2
Kaspersky Security Awareness products
Engagement/ Kaspersky Interactive Protection Simulation (KIPS)
motivation
strategic game: cybersecurity from a business
Starting point
perspective
KIPS is a 2-hour-long interactive team game that establishes an understanding between
Learning decision-makers (senior business, IT and cybersecurity officers) and changes their
perceptions of cybersecurity. It presents a software simulation of the real impact
that malware and other attacks have on business performance and revenue. It forces
Reinforcement players to think strategically, anticipate the consequences of an attack, and respond
accordingly within time and money constraints. Every decision affects all business
processes… the main goal is to keep things running smoothly. The team that finishes
the game with the most revenue, having found and analyzed all the pitfalls in the
cybersecurity system and responded appropriately, wins.

10 industry-related scenarios
(with more being added constantly)
Motivation

Employees aren’t always keen on more

compulsory training, and when it comes
to cybersecurity, many consider it too
complicated or boring, or believe that it
has nothing to do with them. Without the
motivation to learn, the learning outcome
is unlikely to be very positive. Another
challenge for those tasked with education
is involving business executives in training,
even though their mistakes can cost
the company just as much as everyone
else’s. This is where gamification comes
in – because it’s so engaging, it’s the most
effective way to encourage your staff to
overcome their initial resistance to training.

70%
of what is learned
is forgotten within one day in traditional
forms of training

42% of respondents working in

companies with more than 1000 Each scenario demonstrates the true role of cybersecurity in terms of business
employees continuity and profitability, highlighting emerging challenges and threats and the typical
said that the majority of training mistakes that organizations make when building their cybersecurity. It also promotes
programs they attended were useless and
uninteresting**
cooperation between commercial and security teams, which helps maintain stable
operations and sustainability against cyberthreats.

KIPS training is targeted at senior

managers, business systems experts and IT Cybersafety Management Games: turning
professionals, to increase their awareness
of the risks and challenges associated with
business leaders and line managers into proactive
using all kinds of IT systems and processes. cybersecurity advocates
Cybersafety Management Games in an interactive workshop (combination of
computer-based and instructor-led or fully online) that give line managers the
competence, knowledge and attitudes essential to maintaining a secure working
environment in their divisions, without sacrificing efficiency. The training turns line/
middle managers into cybersecurity supporters and advocates, making cybersafety a
key ingredient of everyday decision-making.

* Ebbinghaus “Forgetting Curve”

** Capgemini “The digital talent gap”

3
 During training, we identify the basic misconceptions that people usually have, and
help managers to understand why employees tend to ignore cybersecurity rules
and principles. Through specially designed exercises, we then demonstrate how to
transform these misconceptions into positive, cybersafe behavior.

Engagement/ Gamified Assessment Tool: a quick and exciting way

motivation
to assess employees’ cybersecurity skills
Starting point
Kaspersky Gamified Assessment Tool (GAT) lets you quickly estimate the levels of your
employees’ cybersecurity knowledge. The engaging, interactive approach eliminates
Learning the boredom often found in classic assessment tools. Taking employees just 15 minutes
to go through 12 everyday situations related to cybersecurity, assessing whether the
character’s actions are risky or not and expressing the level of confidence in their
Reinforcement response.

After completion, users receive a certificate with a score that reflects their
cybersecurity awareness level. They also get feedback on every zone, with explanations
and useful tips.

GAT’s gamified approach motivates employees while at the same time demonstrating
that by resolving certain cybersecurity situations, there may be gaps in their
knowledge. This is also useful for IT/HR departments to gain a better understanding
of the cybersecurity awareness levels in their organization – and can serve as an
Starting point introductory step to a wider education campaign.
People are usually unaware of their level of
incompetence, which makes them particularly
vulnerable. They need to be tested, and they
need to receive detailed and clear feedback
on their level of cybersecurity competence
for further training to be effective. This also
ensures that time isn’t wasted on material
that is already familiar.

4
 for Enterprises
Engagement/
motivation Kaspersky Adaptive Online Training: Cybersecurity
skills from a leading IT security vendor, supported
Starting point by adaptive learning
Kaspersky Adaptive Online Training (KAOT) is unique solution combining content based
Learning on Kaspersky’s 20+ years’ experience in cybersecurity and an advanced learning &
development methodology. KAOT is the result of a collaboration between Kaspersky
and Area9 Lyceum, a leader in adaptive learning systems.
Reinforcement
Grounded in innovative adaptive learning methodology, the cognitive-driven approach
contributes to a personalized learning experience that takes into account the abilities
and needs of each and every learner.

Key benefits
• The one-on-one personal tutor approach achieved as a result of using adaptive
Learning learning methodology
• It uncovers and fixes unconscious incompetence providing motivation for learning
Our online learning platforms are the core of and ensuring sustainable cybersafe behavior. Being aware of what you don’t know and
the awareness program. They contain more what you need to improve on leads to mastery more quickly and more efficiently.
than 300 cybersecurity skills covering • It eliminates boredom and frustration through a personalized approach to each
all the major IT security topics, including learner. Every lesson begins with a question followed by a theoretical lesson only
Passwords & Accounts, Email security, when it’s needed. Problem-based education boosts engagement and involvement
Social networks & messengers, PC security, in cybersecurity.
GDPR, etc.
• It ensures automatic, habitual use of skills thanks to the adaptive algorithms that
Each lesson includes cases and real-life allows learners to move forward according to their competencies, using different
examples so that employees can feel the approaches to the same topic when needed and constantly assessing whether the
connection to what they have to deal with in learner is progressing. The training fills skill gaps and builds greater competency
their everyday work. And they can use these quickly and effectively. At a high level of competency, certain knowledge becomes
skills immediately after the first lesson. second nature, so actions become automatic and habitual, constantly reinforced by
“refresh” activities when a learner may be at risk of forgetting the content.
To maximize efficiency, we use adaptive
technologies and build automated
learning paths for every student, taking
into consideration their initial level of
Tracking results
knowledge and target level (the target level
depends on the role each learner has in Extensive statistics allow you to follow employee progression – performance summaries,
the company). This is hard graft, with many reports and diagrams for groups and individuals. Admin can identify high performers as
practical examples, a lot of explanations well as those who need additional coaching. Also see reports on user progress, progress
about WHY this is important, and numerous of classes, and assignment details with indepth analysis of employee competence and
assessments that give immediate feedback metacognition.
on user actions.

“Ignorance more frequently begets

confidence than does knowledge.”
Charles Darwin, The Descent of Man

Topics covered in KAOT:

Passwords
• Email security
• Web browsing
• Social networks and messengers
• PC security
• Mobile devices
• GDPR

KAOT is currently available in: English,

German, Italian, French, Spanish, Arabic,
Russian.

Learn more: kaspersky.com/kaot

5
 for Small & Medium businesses

Kaspersky Automated Security Awareness

Platform: an easy-to-manage online tool which
builds employees’ cybersecurity skills level by level
Automated learning path to fight Kaspersky ASAP is an effective and easy to use online tool that shapes employees’
obliteration and ensure skills cybersafety skills and motivates them to behave in the right way.
retention
The training is ideal for small and medium businesses, especially those without
dedicated resources for managing training programs.

Key benefits:
• Simplicity through full automation: the program is very easy to launch, configure
and monitor, and ongoing management is fully automated – no administrative
Topics covered in ASAP: involvement required. The platform itself builds an education schedule for each group
Passwords and accounts of employees, providing interval learning offered automatically through a blend of
• Email security training formats, including learning modules, email reinforcement, tests and simulated
• Web browsing
• Social networks and messengers
phishing attacks.
• PC security • Efficiency: the program content is structured to support incremental interval learning
• Mobile devices with constant reinforcement. The methodology is based on the specifics of human
• Protecting confidential data memory to ensure knowledge retention and subsequent skills application.
• GDPR • Flexible licensing (for Managed Service Providers): the per-user licensing model can
start from as little as 5 licenses.
Kaspersky ASAP is a multilanguage
solution, currently available in English, Each topic comprises different levels, developing specific security skills. Levels are
German, Italian, French, Spanish, Russian, defined according to the degree of risk they help eliminate. Level 1 addresses behavior
Arabic, Portuguese, Dutch, Czech, Polish,
Kazakh, Slovenian, Romanian, Turkish,
on what to do in the face of straightforward and mass attacks. Higher levels covers
Hungarian*. awareness training for the most sophisticated and targeted attacks.
Interactive lessons Simulated phishing attacks
ASAP is ideal for MSPs and xSPs – training
services for multiple businesses can be
managed through a single account, and
licenses can be purchased on a monthly
subscription basis.

Try a fully functional version of Kaspersky

ASAP at asap.kaspersky.com – see for
yourself just how easy it is to set up and
manage your own corporate security
awareness training program!

Tracking results
You can follow employees’ progression from the dashboard and assess the progress
of the entire company, and all groups, at one glance. It’s also possible to access more
detail down to an individual level.

6
 Engagement/
motivation
Cybersecurity for IT Online:
the first line of incident defense
Starting point
Cybersecurity for IT Online is interactive training for all those involved in IT. It builds
strong cybersecurity and first-level incident response skills.
Learning
The program equips IT professionals with practical skills on how to recognize a possible
Advanced attack scenario in an ostensibly benign PC incident, and how to collect incident data for
learning handover to IT security. It also fosters an appetite for hunting out malicious symptoms,
cementing the role of all IT team members as the first line of security defense.
It consists of four modules: Malicious software, potentially unwanted programs and
Reinforcement
files, investigation basics, and phishing incident response.

This training is recommended for all IT specialists within your organization, but primarily
service desks and system administrators. Most non-expert IT security team members
will benefit from this course too.

Advanced

Most enterprises provide cybersecurity

education and training on two levels – expert
training for IT security teams and security
awareness for non-IT employees (Kaspersky
has a comprehensive set of products for
both). But what’s missing? IT teams, service
desks, and other technically advanced
staff. Standard awareness programs are
not enough for them, but companies still
don’t need to turn these employees into
cybersecurity experts: it’s not necessary,
and is too expensive and time-consuming.
Kaspersky Incident Communications:
CITO training is conducted 100% empowering your corporate comms team to respond
online – participants just need an internet
connection/ access to their corporate LMS
to a cyberattack
and the Chrome browser.
From the instant a cyber-incident is discovered, every action counts. How your
Each of the 4 modules comprises of a communications are managed – externally and internally – is critical, particularly when
short theoretical overview, practical tips dealing with unknown attack vectors and advanced persistent threats (APTs).
and between 4 and 10 exercises – each
practicing a specific skill and demonstrating Kaspersky Incident Communications educates top management, information security
how to use IT security tools and software
and corporate communications professionals on how to handle crisis communications,
in everyday work.
including developing and applying appropriate assets. It helps build strong links
between members of a crisis team and looks at how to prepare a crisis communications
KIC training ensures that your crisis team: plan, providing practical recommendations, operation security procedures and tools for
encrypting communication during a cyber-incident to support business continuity.
• Understands the cyberthreats heading
your way
• Recognizes potential outcomes
• Can coordinate effectively with your IT
security team
• Gains experience through cyber-incident
simulation
• Knows what is essential, and safe, to say
in internal and external communications in
the wake of a cyberattack
• Updates and implements your cybercrisis
communications plan

7
 Engagement/
motivation
[Dis]connected: a casual educational game
[Dis]Connected is a highly immersive story-rich visual novel cybersecurity game
Starting point where users are challenged with a quest to maintain a healthy work-life balance and be
successful both personally and professionally.
Learning Elements of cybersecurity are woven into the game’s plot, and the game reveals how
our decisions around cybersecurity can help to achieve – or spoil – the goals. There
are 18 cases to solve, including topics on passwords and accounts, email, web browsing,
Reinforcement social networks and messengers, computer security and mobile devices.

Built-in emulated applications – messengers, banking apps, etc. – ensure an even more
complete immersive experience.

At the close of the game, players receive a summary of how successfully they coped with
the project and find out if their security skills are sufficient for today - and tomorrow.

Reinforcement

Reinforcement is an essential part of the

learning program, and is necessary for
cementing the knowledge and skills gained
during the learning stage.

The best way to turn learned skills into habits

is to put them into practice. At the same
time, people sometimes make mistakes and
learn from personal experience. But when it
comes to cybersecurity, learning from your
own mistakes can be massively expensive.

Using gamified training, you can ‘live’ a

situation and experience its consequences
without causing any harm to yourself or your
company.

Kaspersky Security Awareness worldwide

75 >500,000
countries trained employees

8
 2021 AO KASPERSKY LAB. REGISTERED TRADEMARKS AND SERVICE MARKS ARE THE PROPERTY OF THEIR RESPECTIVE OWNERS.

Kaspersky Security Awareness: kaspersky.com/awareness

IT Security News: business.kaspersky.com/

www.kaspersky.com