Product and Content roadmap
We hope our roadmap provides valuable insight into future product and content development at Infosec — it’s important to note the development and release of all items on this roadmap are subject to change. We encourage you to regularly review and discuss this roadmap with your Infosec IQ client success manager or account representative.
Infosec IQ product pillars
Our goal is to help you easily run and maintain a security awareness program that educates, engages and empowers employees. By focusing on the four areas below, we help employees adopt cyber-safe behaviors that will help keep your organization secure — making them your greatest cybersecurity asset.
Engage employees and inspire behavior change
Future training content and resources
- Role-based training: We have developed our 2024 content roadmap that focuses on creating more role-based training. The following sectors and roles are among those for which we will be producing training content:
- Education
- Healthcare
- Government
- Manufacturing
- Executives and managers
- Human Resources
- Customer Service
- Expanding our Core Concepts series
- Fedramp
- PCI for POS employees
- Third Party Risk Management
- Expanding our Just the Facts series
- Deepfake Tech
Recently added to our Content Library
- Expanded our Core Concepts series
- OWASP API
- Intellectual Property
- Physical security
- Ransomware
- Removable media
- GLBA
- Artificial Intelligence Best Practices
- PDPA
- Privacy and PII
- Corruption and Bribery
- Vishing
- PCI DSS module (updated version)
- Work Bytes:
- Safe web browsing
- Malware
- ChatGPT training module to educate employees on using them safely
- QR Code simulated phishing templates
- Added supplemental resources:
- Screensavers and newsletters that highlight important information covered in our Need to Know and Just the Facts series
Easily create and maintain an effective program
Future work
- Professional services: a newly introduced team that will support our customers in using our open API for the following cases:
- Data integrations
- Content integrations
- Campaign automation integrations
- Learner Provisioning
- Google Workspace
- HTTPS for education pages: HTTPS certifications for domains, education pages and data entry pages
- SCORMaaS Courses: ability to package multiple videos into a course and export as SCORM
- Learner page redesign: UI redesign of the main learner management page with linking out to all sync tools for better demoing and self-service
- Relative campaigns for groups: ability to schedule relative campaigns to static or dynamic groups
- Can add individuals to groups and automatically sync them into an ongoing campaign
- Individuals will receive unique due dates for training based on the date they were enrolled
Completed
- Global Admin Asset Sharing: expanding functionality of the GA asset sharing tools to PhishSim education pages, Publishing assistant modules, uploaded custom modules, PhishSim data entry templates and PhishSim batteries
- Product page optimizations: Streamlined UI for updating PhishNotify settings.
- Content integration enhancements: Introduced global SCORMaaS files that include company branding and selected languages in one download
- Added automation capabilities via API to streamline the campaign creation process in our multi-tenant environment.
- In-app guidance for new program managers: New administrators can follow our in-app, step-by-step guides to successfully launch training and phishing campaigns
- Learner Provisioning
- SCIM: Automatically sync employee data into Infosec IQ from JumpCloud, Azure and Okta
Empower learners to play an active role in organizational security
Future work
- Vendor Integrations – Notifications and Assignments: Integrations with Slack and Microsoft Teams for sending AwareEd assignments and notifications
- Updated VPAT: new VPAT for learner tools
- Enhanced accessibility
Completed
- PhishNotify integrations: Streamline the incident response process by sending reported emails to 3rd party security tools.
- Gmail add-on for PhishNotify: This add-on is directly integrated within Gmail, making it easier for employees to report suspicious emails from any browser and any device.
- Learner Localization: To increase learner engagement, we will deliver training notifications, assessments and courses in their preferred languages. Additionally, planned improvements to the player for the learner and search functionality improvements for the program administrator
Assess culture and prove the value of your program
Future work
- Pre-built integrations: Increase visibility into organizational cyber risk by reporting program results to third-party tools. This information will enable program managers to deliver personalized training to higher-risk employees to positively shape their behaviors.
Completed
- Four new system dashboards: These dashboards provide visibility into human risk and behaviors and enable you to surface the right metrics to the right audience.
- Refreshed industry rates to compare training program results with industry peers