ĢTV

This is some text inside of a div block.
Glitch effect

Truman’s Take: A Product Researcher’s Insights on Managed Learning

Contributors:
Special thanks to our Contributors:
Glitch effectGlitch effectGlitch effect
Glitch banner

Welcome to “Truman’s Take,” where Product Marketing Manager James O’Leary sits down with Senior Product Researcher Truman Kain. As one of the leading minds behind our security training, Truman truly brings the brains and bold ideas to ĢTV Managed Security Awareness Training (SAT). In this chat, the two discussed managed learning, the process of choosing each episode’s topic in relation to the threat landscape, and the upcoming episode for December.

But before we dive into the interview, let’s take a step back and examine what Managed SAT is and why we do it in the first place. Since our inception in 2015, ĢTV has strived to create quality cybersecurity products that empower resource-strapped IT and security teams that other vendors often overlook. 

When it came to SAT, we quickly realized that an area that our partners and customers really struggled with was managing their programs. This usually resulted in high overhead, wasted resources, or neglect of their programs altogether. They simply didn’t have the time or security expertise to keep an SAT program running, let alone one that would go beyond merely satisfying their compliance requirements and improving their security posture. 

We repeatedly heard this challenge from our partners and customers, and so we decided to do something about it. After all, we have an entire team of cybersecurity researchers and practitioners whose expertise we can leverage to build an SAT program that reflects current threats. So with that, we developed Managed SAT, where the ĢTV team takes over the creation, curation, and scheduling of your training programs (including episodes, phishing simulations, and Phishing Defense Coaching recovery training). All this means you can spend more time on other priorities, all while being confident your SAT program is taken care of. 

With that in mind, let's get into the interview with Truman, the man behind the management.

James O’Leary: What does your role as a product researcher here at ĢTV look like?

Truman Kain: As a product researcher at ĢTV, my job is to take the expertise of our team and our knowledge of hacker tradecraft and make it accessible to our partners and users. As the lead researcher for our Security Awareness Training product, I keep a close eye on what's being seen in the wild from attackers, what's impacting our customers, and how we can train our learners to be vigilant against today’s threats. This training comes in the form of educational content, phishing simulations, and Phishing Defense Coaching.

What’s your background as a threat/product researcher?

Prior to joining ĢTV, I worked for several years as a social engineer conducting phishing, vishing, and physical penetration tests against the Fortune 500. I’ve developed and presented novel security tooling at DEFCON, GrrCON, SaintCon, and Devoxx. I’ve also led the development of a Phishing Simulation platform and conducted more traditional forms of penetration testing. I hold OSCP and CESE (formerly known as SEPP) certifications.

Managed SAT episode on the importance of data privacy
This month’s managed learning episode follows Matt, the Founder and CEO of BopTalk, as he learns first-hand about the importance of data privacy.

When it comes to choosing episodes of ĢTV SAT, what are the biggest considerations?

We like to think about what’s topical while also taking into account the episodes that a learner has recently watched as part of our Managed SAT offering. We want to ensure that all of the various cybersecurity themes are being hit on a regular basis, we aren’t fatiguing learners on a particular subject, and we’re providing a wide range of foundational security awareness training over time. 

What makes those considerations so important?

If learners don’t complete their assignments, their security awareness suffers. It’s our job not only to make world-class educational content but also to schedule and assign it in a way that keeps people engaged and wanting to learn more, all without overwhelming the learner or diluting the security awareness information we provide.

What sources of information do you rely on to help with your decision?

We follow the threat landscape and cutting-edge techniques seen in the wild, work with our Security Operations Center to find common denominators in attacks against ĢTV endpoints, and analyze phishing emails reported to us by our learners. We then use these data points to decide which topic will be most beneficial for our learner base.

What's the benefit of this approach?

By looking at all of these data points and finding commonalities between prevalent threats and the ones that our SOC is seeing affect our user base the most, we’re able to prescribe training content that’s not only relevant to what a learner is most likely to encounter but also what’s most likely to produce the desired security awareness outcomes that our partners and customers rely on to improve their security postures.  


This month’s episode is about privacy. Why did you choose this topic?

Sometimes, we get into the weeds on a very specific attack vector, like Adversary-in-the-Middle. On the other hand, it’s also important to take a step back every once in a while and look at the bigger picture. Privacy is one of the core concerns that carry over into the lives of our learners outside of work, but it can be difficult to understand the implications of “giving away your data” when you’re at work. This episode helps break it all down.

After watching this eUnderstand your rights to data privacy and protect sensitive data
After watching this episode, learners will better understand their rights to data privacy and how to protect sensitive data.

What are the learning objectives and desired outcomes/behaviors for this episode?

This episode goes into:

  • Describing your rights for data privacy and security
  • Summarizing the purpose of a privacy policy
  • Demonstrating your role in protecting sensitive data
  • Examining the various regulations relating to privacy

How will this benefit the learners and their organizations?

Learners will gain a better understanding of the importance of protecting sensitive or personal data, whether it be that of external customers, coworkers, or their own.

Want to see how an SAT program that’s tailored to today’s threats can benefit your organization? Start your free trial of ĢTV SAT today!
Categories
Share

Sign Up for Blog Updates

Subscribe today and you’ll be the first to know when new content hits the blog.

By submitting this form, you accept our Privacy Policy
Oops! Something went wrong while submitting the form.
ĢTV at work
ĢTV News
ĢTV News