Phishman Awareness Center User Awareness Management System

White Paper: DLP - Data Loss/Leak Prevention

2023: MTS RED Managed Cybersecurity Services Portfolio Inclusion Plan

On April 25, 2023, the MTS Group informed TAdviser about investing through its MTS corporate venture capital fund in Phishman, a Russian developer of automated systems for analyzing, testing and training company employees in methods of protection against cyber attacks. Under the terms of the deal, the volume of investments will be 90 million rubles.

As a result of the transaction, Phishman products will be included in the portfolio of managed cybersecurity services MTS RED. The transaction is one of the stages of the implementation of MTS RED's strategy to form a product portfolio that will provide full coverage of all types of cyber threats through a single interface. Read more here.

2020: InfoWatch Traffic Monitor Integration Update

On December 16, 2020, InfoWatch announced that, together with Phishman, they had completed work on updating the joint solution in order to finer the automation of the process of raising awareness of information security events processed in Phishman.

One of the scenarios that we work out during testing is to send an employee to a course on working with confidential information when identifying patterns that indicate insufficient awareness of employees about the security policies adopted in the company. Thus, we are expanding the ability to use a DLP system to prevent incidents in the field of information security by training users in corporate rules for interacting with sensitive data of organizations, says Sergey Filippenko, technical director of Phishman.

The InfoWatch expert and analytical center annually records an increase in the number of confidential data leaks from various sectors of the economy. At the same time, a significant proportion of incidents occur as a result of unintentional actions of employees. So, since the beginning of 2020, almost 80% of cases of data compromise have occurred through the fault of employees, of which 23% are accidental. The joint use of InfoWatch and Phisman solutions allows businesses to constantly increase the level of information security and reduce reputational and financial risks.

2017

Integration with InfoWatch Traffic Monitor

On InfoWatch Fishman August 8, the Group of Companies (GC) and Phishman ("") announced the completion of the integration of the solution to prevent leaks confidential information and protect businesses from internal threats (- DLP solution) InfoWatch Traffic Monitor and the Phishman Awareness Center user awareness system. The DLP system InfoWatch Traffic Monitor records all events on the workstations and corporate mobile devices of the organization, analyzes them, detects the facts of violation of security policies and, if necessary, blocks the transfer of data. Events intercepted by the DLP system that fall into the category of unintentional violations are then transmitted to the Phishman Awareness Center system, which, in turn, selects relevant training rules and courses for each incident and assigns an employee who violates the policy information security corresponding to the identified training. You can read more about this. here

Partnership with DialogueScience

The partnership concluded in the summer of 2017 gives DialogueScience the right to supply and use Fishman solutions as part of comprehensive information security projects for corporate customers. The companies also plan to hold joint events on Awareness Center technologies for potential users, organize training, consultations, participate in exhibitions and conferences, various marketing campaigns, promotions and programs.

Purpose of Awareness Center System

The main development of Fishman is the Awareness Center (User Awareness Management System), designed to automate processes that allow you to identify shortcomings in employee knowledge and skills in the field of information security, build a training process and explore the established professional skills of users. The principle of operation of the system is as follows.

According to the incoming data on events and incidents from the information systems available in the organization DLP(,, SIEM Web-filtering,,, etc.), ACS Active Directory personnel system a behavioral analysis of the employee's activities is carried out and according to the rules customizable by the Customer, the Awareness Center automatically sends the user to the course he needs with a mandatory check of the learned material upon its passage (testing). At the same time, the System allows you to conduct training for employees without first collecting information about their level of awareness (for example, training new users or training personnel when potentially dangerous malware exits). At all stages of the process, Awareness Center provides the necessary reports.

As of June 2017, in the system of more than 20 ready-made courses on information security, there are plans to create more than 200 courses divided by information security, IT, HR topics.