Service

Simulated phishing and associated training framework

Reduce the risks from phishing and related attacks by giving users the skills and awareness to spot threats.

For enquiries contact:

About the service

At Jisc, we understand that cyber security isn’t just for IT professionals. Users, too, play an important role in the defence against threats. As attacks such as phishing become more sophisticated, it’s vital to ensure that staff and students have the awareness and skills to spot a potential breach.

That’s why, to help reduce the risk of cyber attack, we offer phishing simulations to help users safely experience what an attack might look like – and related security training so they understand wider risks and know what to do if they suspect an issue.

This simulation and training service is delivered by our partner, Khipu Networks. Khipu are also offering free scans to Jisc members alongside their 15-minute webinars. Visit the Khipu Networks website for more information.

How the service can help you

The service is cost-effective and flexible. It includes practical simulations, as well as theoretical sessions, with a choice of classroom-based or virtual learning led by experienced cyber security experts.

The simulation service includes:

  • Fully managed simulated phishing campaigns – including simulated phishing emails and websites
  • Awareness training services – including tips to identify fake and suspicious emails
  • Classroom-led ‘cyber security 101’ training – training modules with videos, interactive quizzes and tests
  • Detailed reporting showing stats and graphs after each anti-phishing campaign
  • Cyber security best practice reviews and workshops
  • Recommendations on improving cyber security postures using products and services available via other Jisc frameworks

Using the associated training, you can:

  • Build flexible training to suit your needs – this service can be customised to suit the specific needs of your users
  • Get the benefit of experienced trainers – training is carried out by experienced cyber security experts, it’s not an ‘email-only’ software solution
  • Achieve value for money – in pre-procuring this service, we’ve taken significant account of cost – and in particular, the cost of scaling the service across the number of users in a research and education organisation. You pay a single price per campaign regardless of how many users are 'phished' – instead of a 'per-user' price model, which can be expensive for larger organisations
  • Buy with confidence – because we have pre-procured this service and conducted due diligence on it, you can buy confidently, knowing it’s a service you can trust

Case study: educate your users for effective protection against phishing attacks

How Guildford College uses this service to reduce its risk from phishing attacks.

Read the full case study on the Khipu website.

Watch our cyber security documentary which looks at the current cyber crime climate, and what you can do to protect yourself the most effectively.

Find out more

To find out more about this service, email simulated.phishing@jisc.ac.uk or call 0300 300 2212.

UKAS and ISO 9001 and ISO IEC 27001 logo

This service is included within the scope of our ISO9001 and ISO27001 certificates.

Read more about International Organisation for Standardisation (ISO) standards and view Jisc certificates.