Real-Time End-User Awareness Training (ICES)

79% Average Click-Rate Reduction

Educating users in real-time is a cheat code for our customers. Dynamic HTML banners injected into users emails by an Integrated Cloud Email Security (ICES) Security layer that has been designed to augment M365 + Traditional 3rd Party Secure Email Gateways (SEGs) to catch the bad stuff that has been designed to evade detection.

It's time to reset our expectations with traditional SAT methods

External Warning Banners

Static 'CAUTION: This email originated from outside of the organization. This message might not be safe, use caution in opening it. If in doubt, do not open the attachment nor links in the message.' are no longer effective.

They become part of the email body real-estate. 'Hey, this could be dangerous, hey this could be dangerous, hey, this could be dangerous' is not enough to prompt a user to help influence their security behaviour.

Spotting a Business Email Compromise (BEC) Attack

Lets take a look at the main areas that we preach during end-user awareness training and see how those training methods would be able to help a user (providing they remember your training) spot and mitigate the risk of falling victim to a BEC attack...

"Have you checked if there is a dodgy link?"

User: No, there isn't one.

SEG: Yes, there isn't it one.

"Have you checked if there is a dodgy attachment?"

User: No, there isn't one.

SEG: Yes, there isn't it one.

"Has the email been sent in broken English?"

User: No, looks pretty good to me.

SEG: Nothing triggering for me.

"Have you checked if the sender is really them?"

User: Yes, it's their email address.

SEG: Yes, there's a historic relationship with this recipient.

"How much money did you send?"

User: A lot.

SEG: Nothing to do with me.

Click here to read our blog post BECause you need to know about BEC

Spear Shield has helped enable us to put the ownership of emails back on to the user. Because ultimately, we're just one team, regardless of size, you can't see everything, and you have to trust your people not to click. Defend's banners and the rewriting of the links are invaluable. There's just that extra layer of protection.

J. Carter. I.T. Systems and Development Manager at Hopkins Homes

How does it work?

Integrated Cloud Email Security (ICES) that combines the power of behavioural AI with self-adapting technology to help organisations detect and protect against sophisticated threats whilst sanitising the risk for users to be able to help teach them in real-time why the inbound email attack they've received, is malicious.

Dynamic HTML Banners

Incoming emails from outside of your organisation will have a coloured banner inserted. These banners will help alert and provide education to your user at the point of risk.

All banners applied by Egress Defend can be clicked on. This allows the user to learn why that specific email has been marked as dangerous and user's can also then report the email as a phish with the click of a button.

Real-Time Learning Moments

Egress use machine learning technology to deliver real-time teachable moments through their Intelligent Email Security platform.

The dynamic alerts change based on the current level of risk and offer clear explanations, meaning people remain engaged and responsive over time.

When a threat occurs, these real-time teachable moments nudge people into Type 2 thinking, enabling them to respond rationally and logically.

Intelligent 'Nudges'

Egress Defend delivers anti-phishing banners directly within Microsoft 365, with heat-based warnings that change depending on the level of risk detected. This stops users from becoming decensitized to generic 'external email' warnings and nudges them back to Type 2 thinking with simple guidance at the point of risk, when they genuinely need it.

Zero Trust Methodology

Egress Defend combines zero-trust models with intelligent linguistic and contextual analysis to detect the sophisticated cyberattacks that bypass your traditional email security solutions. The real-time alerts and feedback provide teachable moments that clearly explain risk to users

Let's get started

Spear Shield's portfolio of cybersecurity solutions and services

We already had the default, out-of-the-box Exchange Online Protection (EOP) controls deployed in Microsoft 365, but we were aware that advancing attacks are engineered to get through. At the same time, we wanted to make sure that we could stop incidents occurring in outbound communications that were caused by human error.

By working withSpear Shield to deploy the full Egress Intelligent Security Platform, we simultaneously enhanced both our inbound and outbound defences, it's fantastic to work with a single provider that can do both. Spear Shield and Egress made the process incredibly easy and collaborative.

J. Burl. Associate Director for I.T. at Concertus Design and Property Consultants

Try it for yourself?

Securing with Spear Shield and Egress

Spear Shield are an Egress Platinum Partner with over 10+ years combined experience working with Egress.
Here are a few reasons why customers choose to secure with Spear Shield and Egress.

Access to the best commercials

Spear Shield has the flexibility to offer our customers the best commercials available on Sophos' term based licensing agreements or, can offer our customers an MSP, pay as you go model backed up by Spear Shield's in-house team of Security Engineers.

FREE Email Security Assessments

Need assistance building an internal business case? Speak with the team at Spear Shield about our combined email security assessment.

Over a 2 week period with no agents required, we can give you insight into:

- Insight into how many dangerous emails are slipping through the net

- How susceptible your users' are to phishing attacks

- The effectiveness of real-time teachable moments for users' at the point of risk

Integration Partner

Spear Shield are an Egress Integration Partner and has the ability to feed phishing simulation results into Egress' Human Risk Management dashboard to help our mutual customers' dynamically change their users' security controls based on their Security Awareness Training risk scores.

Egress Defend Tutorial User Training Courses

Help raise user adoption of your Egress investments with Spear Shield's tailored and custom, Egress Defend tutorial training courses. Included as part of Spear Shield's Cyber Academy offering, speak with a member of the team for details.

Let's get started

Achieving Security Outcomes Together

Hopkins Homes

Click the image above to read the full story

Castons

Click the image above to read the full story

Concertus

Click the image above to read the full story

How can I enhance user awareness and mitigate risk?

Request a demo

Phishing Threat Intelligence

60%

Root cause of ransomware attacks is human-activated risk

CFO

Top targeted member of the board with phishing in 2023

600%+

QR Phishing Attacks up 600% in Q4 2023

59%

of organisations had login credentials stolen.

Contact

The team at Spear Shield have several year's experience working within both the private and public sector, have a very consultative approach and would welcome the opportunity to learn more about your organisation.

Contact Details

Why customers Secure with Spear Shield

Over 20+ Year's Experience

Working within the private sector, public sector and large enterprise to help organisations solve complex and advanced cybersecurity challenges.

Strategic Portfolio

The team at Spear Shield have done the hard work evaluating the market, understanding the pro's, con's of each solution and what's going to provide the best security outcomes and value for investment so you don't have to.

In-House Technical Expertise

Our customer's benefit from Spear Shield's in-house technical expertise for both pre and post-sales support

In-House Technical Expertise

Cyber criminals collaborate... so why shouldn't the good guys too? Spear Shield customers benefit from our regularly hosted Security Social.exe free to attend cybersecurity social and networking events.

Let's crush the bad guys together!

Spear Shield has an award winning portfolio of cybersecurity solutions and services that can help keep your network, people and data secure.

Access to the best Commercials

Spear Shield's relationships and technical investment with our partners enables us to provide our customer's with the most competitive commercials available.

FAQ's

Everything you need to know about Spear Shield.

Do I have to be a customer to attend a Security Social.exe event?

No you don't! Whilst we'd of course hope that one day you might be... Our Security Social events are to provide people with a platform to network. We've built a community of local based IT professionals in East Anglia and Edinburgh so far where people can come together to share cybersecurity challenges and advice for best practice with one another.

Does Spear Shield offer term-based licensing or MSP?

Here at Spear Shield, we can offer both! Consider us a hybrid MSP and VAR (Value added reseller). We are set-up with our vendors to offer our customers all options to ensure we can align our cybersecurity solutions and services with your preferred budget type. Please speak with the team for details.

Can Spear Shield supply public sector organisations through a procurement framework?

Yes! Spear Shield has routes to market including G-Cloud to be able to supply our public sector customers with our cybersecurity solutions and services. Please speak with the team for details.

Can Spear Shield work with Large Enterprise?

Yes! and we do. Our Team has many, many combined years experience working with some of the largest private sector enterprises across the country to help tackle and solve cyber risk. All of Spear Shield's cybersecurity solutions and services are scalable and enterprise-grade.

Does Spear Shield offer not-for-profit discount?

Yes, the Spear Shield Team will always ensure any eligible not-for-profit and public sector discounts are applied to any quotes for our cybersecurity solutions and services.

What are some of the top cybersecurity threats for 2023?

Here are some of the top cybersecurity threats organisations are facing in 2023.

Social Engineering
Any network is hackable if an employee can be duped into sharing access.

Third-Party Exposure
Vendors, clients, and app integrations with poor security can provide access to an otherwise well-protected network.

Configuration Mistakes
Your cybersecurity investments are only as strong as they are configured correctly.

Human Activated Risk
User education and visibility for IT is essential to ensure those with network access and those handling sensitive data are maintaining cyber best practices.

Ransomware
Hackers are targeting back-ups and using extortion more and more to push receiving the ransom payment from their victims.

Mobile Devices
Every mobile device is a gateway to your network and sensitive business data.

Lack of resource and expertise
Human-led cyber attacks require human-led threat hunting. Unfortunately, skilled threat hunters are few and far between.

Internet of Things (IoT)
Smart technology users may not realise that any IoT device can be hacked to obtain network access. Securing your network starts with understanding what's on it.

Is there any obligation when opting for a free cybersecurity service by Spear Shield?

No there isn't! The team will just use that as an opportunity for us to work together on a project and prove the value we can provide you as a future strategic partner.

How can I reduce my employees click-rate?

This is an area where the cybersecurity experts at Spear Shield thrive! We've worked with organisations to help reduce employee click rates from 70+% to 0% without the need for any end-user awareness training.

Online training content doesn't work.

Classroom based training gets forgotten.

Static email banners get ignored.

Speak with the team about real-time end-user awareness training to help mitigate the risk of a phishing attack in your organisation.

Why Spear Shield for Managed Detection Response Services?

The team at Spear Shield are an Award Winning Sophos Partner and have a combined 20+ years experience working with Sophos. Our relationship and technical investment, enables Spear Shield to offer our customers the most competitive commercials available. Sophos is one of the largest providers of MDR across the globe with over 17,000 + organisations using the MDR service and is what powers the Spear Shield 24/7 Managed Detection Response Service.

Why Spear Shield for a Managed Phishing Simulation Service?

Spear Shield's Managed Phishing Simulation Service provides our customers with managed phishing simulations and security awareness training for their users delivered as a fully managed services. Customers benefit from the tailored spear phishing examples that the Spear Shield team can tailor to your organisation and also base our templates on real-world phish that we see that are able to evade detection from 3rd party secure email gateways and Microsoft 365. After each campaign, customers benefit from receiving an executive ready report with all of the information and data required to be able to confidently articulate risk back to the business.

What's included in Spear Shield's Managed Phishing Simulation Service reports?

The cybersecurity experts at Spear Shield will provide you with executive ready reporting with all of the intelligence you require to provide cyber-assurance to your organisation.

Includes:
- Engagement Overview
- % Click Rate
- No. of Credentials Harvested
- Individual Campaign Performance
- Device Breakdown
- Caught-User Breakdown
- User Behaviours Insights

- Industry Benchmarking
- Consultative Recommendations