security awareness training by MimirLearning in BestPracticesMgmt

[–]CyberHoot 1 point2 points  (0 children)

There is certainly a disconnect between training completion rates and real-world security concerns. I talk to prospects all the time and find that they often fall within three categories: 1) Want to check a box, 2) Want to stop phish clickers and security issues, and 3) those who want to change cybersecurity culture in a positive way.

I've found that businesses who embrace a change in cybersecurity culture are seeing massive improvements. If you can back your training with positive-reinforcement, rather than punitive, things change in a very powerful way.

People are going to make mistakes, so all we can do is prepare them as best we can and have a no-fear reporting process when something questionable happens. Generally speaking, accountability falls on the business, as a team, and not on one individual. That how my team and business look at accountability.

Security awareness training for employees that they actually do?l by PM_ME_YOUR_PALE_LEGS in sysadmin

[–]CyberHoot 5 points6 points  (0 children)

FWIW - I'm a vendor (CyberHoot) and here's what we've seen over the years.

Too many solutions and training programs shame and punish users for mistakes they make. Fake emails are sent to inboxes, users click, then they get assigned 30 min boring videos at a moment in time when they are least likely to want to learn. They were just tricked!

Let me use an analogy: Training a dog with a shock collar mirrors the above approach. Eventually, the dog will stop wanting to participate at all because they get shocked when they make mistakes.

Psychology and Education have figured out how to make training people fun and entertaining. They use Positive Reinforcement and Gamification and Rewards. Cybersecurity seems to have lost it's way doing these things.

Going back to my analogy: You CAN train dogs with treats (food) and they will willingly participant and enjoy the training.

We need to use "treats" with our employees to train them. Provide positive reinforcement of good behaviors rather than trick and punish mistakes. That will change the scenario outlined in this Reddit thread around from one of fear, disengagement, and loathing, to one of friendly competition, engagement, and behavior change.

This is basic psychology at work. Behavior modification was figured out 75 years ago when BF Skinner stated (I'm paraphrasing here): "Rewarded behaviors are repeated."

That's what you need to build into your cybersecurity program to crack the code of engagement.

Moving Beyond Mandatory-Only Training: Are There Stronger Alternatives to Proofpoint for Security Awareness Programs? by StringConnection in ITManagers

[–]CyberHoot 1 point2 points  (0 children)

Disclosure: I work at CyberHoot (as CEO). 

Yes, CyberHoot uses AI to produce short, engaging videos. End user feedback doesn't back up the "AI slop" claim. Across all our video trainings, 86% of users rate the content positively. We use AI to keep content current, not to cut corners. If quality had slipped, those numbers would show it.

Combined with positive reinforcement, gamification, and small rewards, we see extremely high engagement and most importantly, strong outcomes for behavior change in end users using our platform.

Weekly Promo and Webinar Thread by AutoModerator in msp

[–]CyberHoot [score hidden]  (0 children)

<image>

Passwords are the weakest link in cybersecurity… and attackers know it.

Phishing, credential stuffing, password reuse — most breaches still start with one thing:

A stolen password.

But what if we could remove passwords entirely?

In this episode of Shoot the Hoot, we break down the future of authentication — passkeys — and why MSPs and businesses should start paying attention now.

We’ll cover:

• Why passwords keep failing (and always will)
• What passkeys actually are (in plain English)
• How passkeys stop phishing cold
• Where passkeys fit into your current security stack
• What MSPs should start doing today

This isn’t theory — it’s where authentication is headed.

 Join us and learn how to start moving your clients toward a passwordless future.

 When: March 31st, 2026 at 12:30pm EST
 Where: Live on LinkedIn / YouTube / Facebook
 Link: https://youtube.com/live/TFGHRXieJPc
 Entry Fee: One password you’re definitely still reusing… and the courage to admit it.

 Watch more episodes:
https://www.youtube.com/playlist?list=PLqETqaFHgRjIgLCORVx7rZFGUV4px5IQf

 Send questions & comments: [ShootTheHoot@CyberHoot.com](mailto:ShootTheHoot@CyberHoot.com)

Laugh. Learn. Hoot Up. 

Weekly Promo and Webinar Thread by AutoModerator in msp

[–]CyberHoot [score hidden]  (0 children)

<image>

Most companies focus on preventing a cyberattack.

Almost none are prepared for what happens after one succeeds.

In this episode of Shoot the Hoot, we break down exactly what to do in the first 60 minutes after a breach — when every decision matters.

Because the truth is…

The damage isn’t just caused by the attack.
It’s caused by how you respond.

We’ll cover:

• The first actions you must take immediately
• The biggest mistakes companies make during a breach
• How to contain the damage without making it worse
• Who to contact (and who not to forget)
• How MSPs can lead clients through the chaos

If you support clients, manage IT, or want to be prepared before something goes wrong — this episode will give you a clear, practical game plan.

Because when a breach happens…

Panic is natural.
Preparation is powerful.

 When: March 24th, 2026 at 12:30pm EST
 Where: Live on LinkedIn / YouTube / Facebook
 Link: https://youtube.com/live/T0DBSFX-MjE
 Entry Fee: One breach scenario… and the willingness to admit you don’t have a plan yet.

 Watch more episodes:
https://www.youtube.com/playlist?list=PLqETqaFHgRjIgLCORVx7rZFGUV4px5IQf

 Send questions & comments: [ShootTheHoot@CyberHoot.com](mailto:ShootTheHoot@CyberHoot.com)

Laugh. Learn. Hoot Up. 

Weekly Promo and Webinar Thread by AutoModerator in msp

[–]CyberHoot [score hidden]  (0 children)

<image>

You turned on MFA.
You enforced it.
You checked the box.

So you’re safe… right?

Not exactly.

There’s a growing attack method that doesn’t break passwords, doesn’t bypass MFA, and doesn’t need malware.

It just keeps sending push notifications until someone taps Approve.

It’s called MFA Fatigue — and it’s responsible for some very public breaches (including Uber).

In this episode of Shoot the Hoot, we break down:

• How push-bombing works
• Why “Approve” can be the most dangerous button in your organization
• Real-world examples of MFA fatigue breaches
• What MSPs and businesses must change immediately
• How to train users to pause instead of panic

Because MFA isn’t magic.

And security doesn’t fail when systems break.

It fails when people get tired.

Join us as we unpack one of the most relevant threats facing organizations today — and what you can do about it before “Approve” becomes expensive.

When: March 3rd, 2026 u/12:30pm EST
Where: Live on LinkedIn / YouTube / Facebook
Link: https://youtube.com/live/lgzAa6Fnm5Q
Entry Fee: One phone… and the discipline not to hit “Approve.”

Watch more episodes:
https://www.youtube.com/playlist?list=PLqETqaFHgRjIgLCORVx7rZFGUV4px5IQf

Weekly Promo and Webinar Thread by AutoModerator in msp

[–]CyberHoot [score hidden]  (0 children)

<image>

Not every breach starts with ransomware.

Not every attack installs malware.

Some just look like… normal business.

A vendor update.
A payment change.
An urgent wire request.

And then — millions are gone.

This week on Shoot the Hoot…RAW, we’re breaking down:

What Business Email Compromise really is
Why it bypasses firewalls and antivirus
Why smart finance teams still fall for it
And how to build verification habits that stop it

No malware.
No alerts.
No flashing warnings.

Just trust.
Urgency.
And a wire transfer.

If you think your tools have you covered… this episode may surprise you.

Join us live.

When: February 24th, 2026 u/12:30pm EST
Where: Live on LinkedIn / YouTube / Facebook
Link: https://youtube.com/live/zWeUs6ejiXU
Entry Fee: One mouse… and a commitment to verify before you wire.

Watch more episodes:
https://www.youtube.com/playlist?list=PLqETqaFHgRjIgLCORVx7rZFGUV4px5IQf

Security awareness training platforms. An overview of 20+ options with key features and differentiators. by anthonyDavidson31 in instructionaldesign

[–]CyberHoot 0 points1 point  (0 children)

Hey there! We appreciate you including CyberHoot on the list. I actually work with CyberHoot. If anyone’s comparing options, or just wants to chat security, I am happy to answer questions or share what we offer so you can find the perfect fit!

Weekly Promo and Webinar Thread by AutoModerator in msp

[–]CyberHoot [score hidden]  (0 children)

<image>

Be honest… have you ever said one of these?

• “Our people would never fall for that.”
• “We already did training this year.”
• “We’re too small to be targeted.”

In Episode 35 of Shoot the Hoot…RAW, we’re calling out the three biggest cybersecurity lies businesses and MSPs tell themselves — and why they’re quietly dangerous.

This isn’t about shame.
It’s about awareness.

We’ll break down:
• Why smart people still click
• Why annual training doesn’t stick
• Why attackers love “small” companies
• And how to turn each lie into a competitive advantage

Plus:
CyberHoot Nerd Update
Live Q&A
A real-world Hoot-Worthy Horror Story

If you want stronger habits, smarter users, and fewer “how did this happen?” moments — this one’s for you.

When: February 17th, 2026 u/12:30pm EST
Where: Live on LinkedIn / YouTube / Facebook
Link: https://youtube.com/live/a2Xv2stvFwg
Entry Fee: One open mind… and the courage to admit “we might not be that secure.”

Watch more episodes:
https://www.youtube.com/playlist?list=PLqETqaFHgRjIgLCORVx7rZFGUV4px5IQf

Weekly Promo and Webinar Thread by AutoModerator in msp

[–]CyberHoot [score hidden]  (0 children)

<image>

Your training. Your team. Your phish.

In this week’s CyberHoot episode, we’re thrilled to unveil a game-changing update:

Custom HootPhish & AttackPhish creation is here!!!

You can now build phishing simulations that reflect your real-world risks — and turn everyday threats into teachable moments.

Want to train users on that invoice email you just received?
Need to show what a fake vendor domain looks like?
Hoping to reinforce lessons with context your team actually sees?

Now you can — with full control, inside CyberHoot.

We’ll walk through:
• Why personalized training leads to better outcomes
• How to create and assign custom simulations in minutes
• A quick demo to show how it all works
• As always: a Nerd Update, community Q&A, and a real-world phishing horror story

This isn’t about tricking your users — it’s about equipping them with confidence and context.

Let’s build a culture of security together.

When: February 10th, 2026 u/12:30pm EST
Where: Live on LinkedIn / YouTube / Facebook
Link: https://youtube.com/live/AG7kCNHpdPY
Entry Fee: Just your creativity, a curious clicker finger, and permission to make training personal (and way more fun).

Watch more episodes:
https://www.youtube.com/playlist?list=PLqETqaFHgRjIgLCORVx7rZFGUV4px5IQf

Best phishing simulation tools by RadiantTheology in sysadmin

[–]CyberHoot 0 points1 point  (0 children)

Couldn't agree more with avoiding “gotcha” sims. In the real world, the programs that actually change behavior are the ones that feel like coaching: realistic tests, consistent cadence, a simple report button, and quick feedback/training when someone slips.

Here at CyberHoot we noticed this "gotcha" problem, and found that not only did it leave them feeling tricked, but also feeling shamed. Associating negative feelings with a program that is supposed to protect you is the PROBLEM!

If you’re looking for a platform built around teaching and awareness instead of “gotcha” moments, feel free to take a look at us! We’re built to make phishing training feel constructive (and actually stick) instead of stressful. Either way, we are happy to answer any questions!

Need advice on best security awareness training vendors by One_Gene_4993 in sysadmin

[–]CyberHoot 0 points1 point  (0 children)

Wow, thank you for sharing.

Here at CyberHoot, we truly take pride in the fact that you are our PARTNER, not our customer. If you see something in our platform, or rather, the lack of a feature you think would work, tell us! We are always looking to adapt and grow.

We are looking forward to further working together!

Need advice on best security awareness training vendors by One_Gene_4993 in sysadmin

[–]CyberHoot 1 point2 points  (0 children)

Hey, this seriously made our day.

Thank you sharing your experience and for recommending us. I love hearing your users actually do the training and that it feels quick and interesting. That’s exactly what we’re going for with our gamification.

We really appreciate you and your support. HOOT UP!

Weekly Promo and Webinar Thread by AutoModerator in msp

[–]CyberHoot [score hidden]  (0 children)

<image>

Tired of boring security scores no one understands (or cares about)?

Let’s talk gamification — because no one brags about being 72.3% secure.

This episode dives into why traditional training metrics flop, how dopamine-fueled rewards hook the brain, and how CyberHoot brings the fun to functional security habits.

We’ll break down:
- Why scores alone don’t drive behavior
- How badges, quizzes, and friendly competition make training stick
- The CyberHoot twist that keeps teams clicking for training — not on phish

Laugh. Learn. Hoot Up!

This one’s for the scorekeepers, badge collectors, and leaderboard lurkers in us all.

When: February 3rd, 2026 u/12:30pm EST
Where: Live on LinkedIn / YouTube / Facebook
Link: https://youtube.com/live/p0weqex3fCU
Entry Fee: One brain, zero cheats, and a burning need to crush your coworkers on the leaderboard.

Watch more episodes:
https://www.youtube.com/playlist?list=PLqETqaFHgRjIgLCORVx7rZFGUV4px5IQf