Mimecast Cyber Awareness Training is Brilliant

Our organisation is required to ensure we provide all our staff with ongoing cyber awareness training. This is a mandatory component of our compliance and contractual obligations from our stakeholders. However, our existing cyber awareness training programs just weren't engaging enough or even relevant, which resulted in low attendance and completion rates.When we asked staff for feedback on why they weren't completing the training, the responses were consistent:- Poor quality and non-engaging content.- Each training module was taking too long to complete (minimum 20 minutes), causing disruption to their workload.As the organisation's CISO, I needed to address these issues and find a way to deliver cyber awareness training that was short, sharp, and on point. That's when we trialled the Mimecast Cyber Awareness Training solution. To be honest, it has resolved all the problems we were experiencing with the existing solution. Since being fully deployed across the organisation, with all training schedules setup and on autopilot, we now have a 90% completion rate and the feedback has been overwhelmingly positive. The training is engaging, short, and sharp, but most importantly, relevant to current cyber threats. The videos are hilarious, and the short quizzes after each video always challenge people's thinking, yet gives us reports on quiz performance. Best of all, the entire process takes less than 5 minutes.I highly recommend the Mimecast solution and will continue using it into the foreseeable future. The success of this program has not only improved our compliance rates but also enhanced our overall security posture. Staff are now more aware of potential cyber threats and feel more confident in their ability to handle them. This has fostered a culture of security within the organisation, which is crucial in today's digital landscape. In conclusion, the Mimecast Cyber Awareness Training solution has been a game-changer for us, addressing all our previous challenges and setting a new standard for effective and engaging training.

NA - We did not integrate Mimecast Awareness Training with Mimecast Email Security Cloud Gateway solutions.

Previous solutions were not engaging, which was resulting employees not using nor completing their required modules. This low ROI was highly impacting our compliance requirements resulting in us being forced to enhance this capability otherwise our compliance scores could be at risk. Feedback from employees highlighted to need for engaging and short/sharp relevant training to their roles and general cyber security practices. They were time poor but understood our requirements from a compliance perspective, but issues arise when the training takes more than 30 minutes to complete. Mimecast is on autopilot for the entire year with monthly videos and quizzes that take no more than 5 minutes to complete which has seen completion rates across all employees of over 90%, a far cry from previous completion rates of just 30%

I wouldnt, the evaluation we ran was clear and concise, and Mimecast Awareness Training, when compared to other solutions in the market came out a clear winner. The content was relevent (and even humourous) and the staff appreciate the short, sharp and on point content that is relevent to their roles in the organisation.

Very easy to learn, it a click and forget style platform which makes it easy to schedule a years worth of content for the baselinle awareness training, but then the ability to tailor training based on a user risk scores makes it easy to segment low and high risk profiles.

Start with the plumbing before the preaching: get Azure AD sync rock‑solid—nothing derails a launch faster than phantom accounts or missing newbies. Once the directory’s humming, slice your audience into risk‑based cohorts (finance, execs, frontline, grads) and hit each with scenarios that actually mirror their daily bait. Frequency beats ferocity: monthly micro‑modules plus a quarterly phishing drill keeps behaviour trending up without triggering inbox mutiny. Stagger releases around payroll, quarter‑end, or other organisational crunch points so staff aren’t too fried to pay attention. Finally, let the reporting do the bragging—pipe completion rates and click‑through stats straight into your exec pack dashboards so leadership sees tangible behaviour change, not just warm fuzzies.

We tinkered well beyond the “tick the box” defaults. First, we reskinned every module with our own colour palette and logo so staff wouldn’t feel they’d been punted to some random vendor site. Then we spliced an extra mandatory slide into each lesson that maps the topic back to our internal “Acceptable Use & Data Handling” policy—no one can say, “But the vendor never mentioned that!” Phishing templates got a makeover too: local telco invoices, council rates notices, and yes, a parody footy‑tipping comp (worked a treat). Certificates write back to our LMS via webhook, and Teams bots nudge chronic stragglers with GIF‑powered reminders. Finally, we pump raw event data into Power BI so execs can slice results by cost‑centre or location.

No we did not. We decided that we didnt need premium support as part of our purchase with mimecast cyber awareness training solution. We made this decision because it really is an easy solution to setup and manage with minimal elements that can go wrong. If we had broadened our mimecast solution suite, we would purchase premium support.

Back in February, the week before our annual cyber‑drill, the reporting dashboard suddenly stopped pulling completion stats—right when I needed numbers for the exec pack. I logged a ticket at 8 p.m. Sydney time, expecting the usual “we’ll get back to you” auto‑reply. Instead, our Mimecast CSM looped in a senior support engineer within 15 minutes, spun up a Zoom, and pinpointed a silent‑fail in our Azure AD sync. They patched the connector live, rebuilt the missing data set overnight, and—icing on the cake—sent a post‑mortem with Power BI tips so it wouldn’t happen again. By breakfast, my graphs were pristine and the drill went ahead without a hitch. That white‑glove, after‑hours hustle absolutely saved my bacon.

We pushed for—and won—a bundle of “human‑sized” terms: a 30 % nonprofit discount locked for three years, an overage cushion of +10 % seats at no extra cost (handy when interns swarm in January), and a 90‑day, no‑penalty break clause if the platform ever drops its game. They also threw in 20 pro‑services hours we can spend on template tweaks or policy rewrites, plus two extra admin licences so our SysOps and HR folk can poke around without stealing each other’s seats. Data had to stay onshore, so we got an AU data‑residency addendum and confirmation their SOC 2 report covers the Sydney region. Finally, API access fees were axed—integrations shouldn’t be paywalled.

Put your homework in first—walk into the kickoff call with clear seat counts, policy pain‑points, and a short list of local scam flavours you want mirrored in the templates. That lets the CSM dive straight into value instead of playing Twenty Questions. Book a recurring 30‑minute cadenced check‑in (monthly is sweet‑spot) and always bring fresh metrics: click‑rates, tardy‑learner lists, or a new compliance driver. They love data and will often toss back free content tweaks if they see you measuring outcomes. Don’t be shy about looping in their threat‑intel crew; they’ll send bite‑sized “this week’s fraud angle” blurbs you can drop into staff comms. Finally, keep their pro‑services retainer in your back pocket—save those hours for chunky jobs like policy localisation or gnarly API integrations, not routine admin you can Google.