Mimecast Awareness Training equips security teams to identify and reduce human-driven risk across their entire organization. The security awareness and human risk management solution works to continuously inspire awareness, transform behavior, and reduce the likelihood of security incidents caused by human error.
N/A
Sophos Phish Threat
Score 8.3 out of 10
N/A
Sophos offers security awareness and phishing training and preparation testing via Sophos Phish Threat, the company's phishing attack simulator.
Staff is the single most significant danger to the cyber security posture of an organization. Before implementing Mimecast Awareness Training, staff had almost no awareness or concept of IT security or the potential risks. Staff attitudes have improved dramatically since introducing Awareness Training.
If you're looking for a tool to maximize digital productivity without hindering the effectiveness of your workforce, Sophos is a great tool. It quickly & safely manages the threat level across all of our digital channels to reduce the potential engagement with fishy characters or websites that might present vulnerabilities.
I’ve parked the slider at a solid 10 because the platform keeps proving its worth every quarter. Staff phishing‑click rates have plunged from double digits to low single digits, our audit team finally stopped chasing overdue modules, and—bonus—engagement surveys show people actually enjoy the bite‑sized, comedic flavoured content. The built‑in reporting lets me walk straight into the boardroom with clean metrics. Minimal admin, measurable behaviour change, and zero eye‑rolls from end‑users—hard to ask for more.
I pegged usability at a full‑blown 10 because even my least tech‑savvy colleagues—think “still double‑clicks web links” level—navigate the portal without ringing the help‑desk. Single‑sign‑on drops them straight into the next module, the interface looks like Netflix for cyber nerds, and the progress bar shouts “two minutes left” instead of burying them in menus. On the admin side, I spin up campaigns in three clicks, clone content on the fly, and the drag‑and‑drop scheduling means I can rejig a whole quarter’s plan during the time it takes the kettle to boil. Zero training manuals, zero grumbles, zero excuses—just smooth sailing from login to completion.
It is easy to use and setup. You can schedule the Phish email test to be sent out in the future or right away. You can also send to all users in your list as well as stagger so all users do not get the email at the same time and tell each other there is a test going on
Its the best, hands down. Great, easy to use and on point content that injects some humour into the training makes it relevent whilst staying engaging. We have seen our engagement scores almost double since using Mimecast, with completion rates across the buisness above 90% compared to previous scores on less than 50%.
The product is quick and responsive. Emails alert the staff of new training content and provides a direct link to the training video. They watch, learn and than answer a brief question to test their knowledge. This feeds into the users risk profile in which additional training can be automatically applied based on a risk scores.
We have had a couple of instances where we needed to contact customer support for our minecast cyber awareness training. The team were great and easy to deal with. The problem in itself was minor, and turned out to be our issues and understanding setup, however the mimecase team walked us through the issue and it was resolved exceptionally quick.
Support is solid but not spectacular. While I haven't used support for Phish Threat specifically, this is a general rating for Sophos' support across the board. It could be easier to find the FAQ or other information I need, but when I've needed to reach out to support they've been good to work with.
I gave implementation a rock‑solid 10 because, frankly, it was smoother than a servo sausage roll at 2 a.m. SSO clicked in on the first try, directory sync hoovered up all the user data without mangling job titles, and change comms went out on time—no “surprise training” backlash. Key insight: involve your internal comms or HR crew from day zero so the launch emails feel like a friendly nudge, not a phishing attempt. We also ran a pilot with our most cynical techs; their nit‑picks helped us tweak permissions before unleashing it on the masses. Finally, schedule the baseline phishing test after staff receive the kickoff memo—sounds obvious, but it spares you the angry “gotcha” emails and makes the resulting metrics actually meaningful.
Mimecast's content is much higher quality. KnowBe4's sales tactics are much more pushy. Customer service has been better with Mimecast in general, though Mimecast's UX/UI is a lot more confusing a less user-friendly to navigate than KnowBe4. It is difficult to group individuals together, let alone manage if the directory integration is not used.
Honestly, the pricing model is about as painless as a public‑holiday Monday—straightforward per‑user cost, no sneaky “module packs” hiding in the fine print, and the nonprofit discount went down a treat. If I had to nit‑pick for the sake of continuous improvement, I’d love two tweaks:
Seat‑band granularity. The jump between tiers can feel like falling off a cliff when you’re hovering near the threshold; a smaller step (say, every 50 users) would soften the blow on fast‑growing teams.
Mid‑term seat reductions. We negotiated a generous +10 % buffer, but if headcount ever drops, a pro‑rata credit instead of waiting for renewal would be ace.
Minor quibbles, though—the value’s still a raging 10/10.
Mimecast Awareness Training is so easy to use, a child could set it up. One of the major benefits of the platform is its ability to easily prepare a years worth of content. As new users enter the organisation, its integration with Microsoft makes it easy to onboard the user and have then catch up on training.
I’m handing professional services a loud 10 because they rocked up like a pit‑crew at Bathurst and had us race‑ready in record time. Two half‑day workshops, and suddenly we’d nailed SSO, tuned the Azure AD connector, and had a fistful of custom phishing templates dripping with Aussie‑isms (Bunnings receipts, anyone?). Their consultant even whipped up a cheeky PowerShell script to clean up dodgy display‑name attributes, saving our sys‑ops hours of beard‑scratching. On top of that, they translated our dull “Information Handling” policy into bite‑sized language for the learner splash screens—legal loved it, staff actually read it. Zero scope creep, crystal‑clear handover docs, and follow‑up calls that felt more like mentoring than billable hours. Worth every cent.
ROI seems to be there though I have no direct stats.
Positively impacts my web-browsing experience. As an Account Executive, it enables me to do my company research quickly without engaging with any bad actors.
It runs in the background so it never impedes my workflows.
