Email Isolation Banner

CyberStrength: Key Features and Benefits

Simulated Phishing Attacks and Knowledge Assessments > CyberStrength: Key Features and Benefits

Library of 230+ Questions

Our comprehensive portfolio of 230+ cybersecurity questions allow you to assess your end users about all the topics that we cover in our interactive security awareness training modules. All questions are available in more than 35 languages, which allows you to consistently assess your global employees in their native languages.

Within our library, you’ll find a number of phishing-related assessment options — including safe interactions with emails, URLs, and websites — but you can go far beyond this single threat vector. CyberStrength helps you address other real-world cybersecurity issues, including proper use of mobile devices and mobile apps; understanding and avoiding social engineering scams; and other behaviours that can negatively impact your people, areas, data, and systems.

Custom Assessments

You can tailor your cybersecurity knowledge assessments using any combination and number of questions from our library, which can be customised to evaluate your users’ understanding of company policies, known security issues, and other topics that are specifically relevant to your organisation. You can send assessments to all users at once or target specific groups of end users based on properties you assign (e.g., department, job function, etc.). You decide the topics you want to cover, who will receive which questions, when a CyberStrength assignment will be sent, and the due date for completion.

Predefined CyberStrength

Our 12 Predefined CyberStrength options — each of which includes a set selection of questions— were developed to help streamline the administrative process and seamlessly link knowledge assessments to our interactive security awareness training modules. Each Predefined CyberStrength assessment offers the option for Auto-Enrollment, which allows administrators to set a pass/fail threshold for the assessment and then automatically assign follow-up cybersecurity training for those employees who fall below the threshold.

Following are the Predefined CyberStrength options that we currently offer and the corresponding cybersecurity awareness training modules that can be selected via Auto-Enrollment.

Broad Knowledge Assessments

We offer three options for broad assessments: 55 questions, 33 questions, and 22 questions. All three of these include a set selection of questions from all of our non-compliance CyberStrength topics; questions related specifically to the General Data Protection Regulation (GDPR), Protected Health Information (PHI)/HIPAA and the Payment Card Industry Data Security Standard (PCI DSS) are excluded from the mix.

Administrators can turn Auto-Enrollment on or off for the following 11 security awareness training modules, automatically generating assignments based on assessment results:

  • Data Protection and Destruction
  • Email Security
  • Mobile Device Security
  • Password Policy
  • Personally Identifiable Information
  • Physical Security
  • Safe Social Networks
  • Safer Web Browsing
  • Security Beyond the Office
  • Social Engineering
  • URL Training

General Topics and Associated Interactive Training Modules

Each of these six predefined assessments includes 10 to 15 questions about a specific topic. Administrators can choose to automatically assign one or more of the corresponding cybersecurity training modules noted, should a user fail to exhibit a clear understanding of the topic.

  • Phishing – Email Security, URL Training, or Introduction to Phishing, Avoiding Dangerous Links, Avoiding Dangerous Attachments, and Data Entry Phishing
  • Security Safeguards – Data Protection and Destruction, Physical Security, Password Policy
  • Security on the Go – Mobile Device Security, Mobile App Security, Security Beyond the Office
  • Online Safety – Safer Web Browsing, Safe Social Networking
  • Protecting Personal Data – Personally Identifiable Information (PII), Data Protection and Destruction
  • Securing Your Email Fundamentals – Introduction to Phishing, Avoiding Dangerous Links, Avoiding Dangerous Attachments, Data Entry Phishing

Compliance-Related Topics and Associated Interactive Training Modules

Our three compliance-related Predefined CyberStrength assessments deliver a set selection of 10 to 15 questions associated with the General Data Protection Regulation (GDPR), PHI/HIPAA, or PCI DSS cybersecurity requirements. Auto-Enrollment can be used to automatically assign the targeted follow-up training modules noted, if a user's assessment score reveals a need for additional education.

  • Payment Card Industry – Payment Card Industry Data Security Standard (PCI DSS)
  • Protected Health Info – Protected Health Information (PHI)
  • GDPR - GDPR Overview, GDPR in Action


CyberStrength reports give you an at-a-glance view of strengths and weaknesses and allow you to tailor follow-up training efforts to address the most important topics in different areas of your organisation. These reports allow you to review key factors related to your cybersecurity assessments, including the following:

  • Individual, group, and overall scores
  • Benchmarking data that compares your users' scores to other end users around the world
  • Scores by topic/category
  • Most missed questions
  • Completion status

Integrated With Our Security Education Platform

CyberStrength is a component of our Security Education Platform, a learning management system that is purpose-built for infosec professionals. You can access all of our assessment and education tools from a single sign-on, and our intuitive interface simplifies program configuration and management.

The administrative capabilities of this tool allow you to easily build and assign assessments, measure progress, share business intelligence, and evaluate ROI.

Multinational Support

Our comprehensive portfolio of 185+ CyberStrength questions are available in over 35 languages — and counting. Additionally, our Security Education Platform’s key administrative features streamline the creation, delivery, and management of security awareness and training programs across all regions.