Endpoint and network security solutions provider Webroot announced on Tuesday that it has acquired Securecast, an Oregon-based company that specializes in security awareness training. Financial terms of the deal have not been disclosed.
Webroot has built on Securecast’s platform to offer managed service providers (MSPs) security awareness programs that their business customers can use to reduce the risks and costs associated with phishing, ransomware and other threats.
Webroot’s Security Awareness Training offering is already available in beta and is expected to become generally available sometime this fall. Once it becomes generally available, it will be part of the company’s SecureAnywhere portfolio.
This fully hosted awareness-as-a-service platform includes a sophisticated phishing simulator that allows organizations to test their employees, and an end-user training program designed for educating employees on cybersecurity best practices.
The phishing simulator includes a template library that enables MSPs to test users with real-world attack scenarios. Companies can also design custom phishing attacks that are relevant to their line of business.
The platform is easy to use, it has reporting capabilities, and it includes all the tools needed for an organization to manage its own security awareness training campaign, Webroot said.
“The human factor is a consistent weakness in overall cyber defenses, and security awareness training is the only solution. As cyberattacks, such as phishing, become increasingly sophisticated, users are exposed to a variety of hidden threats that will compromise their own data along with their employer’s data,” said Chad Bacher, SVP of Product Strategy and Technology Alliances at Webroot. “Building on Securecast, Webroot will offer our MSP partners the security awareness training they need to address this evolving threat landscape, and build a profitable new line of business.”
Webroot said the decision to launch a security awareness training service comes in response to requests from MSPs for high-quality, cost-effective and ongoing training.
In its announcement of the acquisition, the security firm cites data from Verizon’s 2017 Data Breach Investigations Report, which revealed that 43 percent of breaches involved social engineering — in most cases phishing. The same Verizon report showed that in a company with 30 or more employees, roughly 15 percent of users who fell victim to phishing once took the bait a second time as well.
Related: Rapid7 Acquires Security Orchestration and Automation Firm Komand
Related: Symantec to Acquire Threat Isolation Startup Fireglass
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- FDA Announces New Cybersecurity Requirements for Medical Devices
- Mandiant Investigating 3CX Hack as Evidence Shows Attackers Had Access for Months
- Unpatched Security Flaws Expose Water Pump Controllers to Remote Hacker Attacks
- 3CX Confirms Supply Chain Attack as Researchers Uncover Mac Component
- OpenSSL 1.1.1 Nears End of Life: Security Updates Only Until September 2023
- Google Links More iOS, Android Zero-Day Exploits to Spyware Vendors
- ChatGPT Data Breach Confirmed as Security Firm Warns of Vulnerable Component Exploitation
- Thousands Access Fake DDoS-for-Hire Websites Set Up by UK Police
Latest News
- Italy Temporarily Blocks ChatGPT Over Privacy Concerns
- FDA Announces New Cybersecurity Requirements for Medical Devices
- Report: Chinese State-Sponsored Hacking Group Highly Active
- Votiro Raises $11.5 Million to Prevent File-Borne Threats
- Lumen Technologies Hit by Two Cyberattacks
- Leaked Documents Detail Russia’s Cyberwarfare Tools, Including for OT Attacks
- Mandiant Investigating 3CX Hack as Evidence Shows Attackers Had Access for Months
- Severe Azure Vulnerability Led to Unauthenticated Remote Code Execution
