Email Isolation Banner

CyberStrength: Key Features and Benefits

Simulated Phishing Attacks and Knowledge Assessments > CyberStrength: Key Features and Benefits

Library of 260+ Questions

Our comprehensive portfolio of 260+ cybersecurity questions allow you to assess your end users about all the topics that we cover in our training modules. All questions are available in more than 35 languages, which allows you to consistently assess your global employees in their native languages.

Within our library, you’ll find a number of phishing-related assessment options — including safe interactions with emails, URLs, and websites — but you can go far beyond this single threat vector. CyberStrength helps you address other real-world cybersecurity issues, including proper use of mobile devices and mobile apps; understanding and avoiding social engineering scams; and other behaviors that can negatively impact your people, areas, data, and systems.

Custom Assessments

You can tailor your cybersecurity knowledge assessments using any combination and number of questions from our library, which can be customized to evaluate your users’ understanding of company policies, known security issues, and other topics that are specifically relevant to your organization. You can send assessments to all users at once or target specific groups of end users based on properties you assign (e.g., department, job function, etc.). You decide the topics you want to cover, who will receive which questions, when a CyberStrength assignment will be sent, and the due date for completion.

Predefined CyberStrength

Our 13 Predefined CyberStrength options—each of which includes a set selection of questions—help streamline the administrative process and seamlessly link knowledge assessments to our training modules. Each Predefined CyberStrength assessment offers the option for Auto-Enrollment. This allows your administrators to set a pass/fail threshold for the assessment. And they can automatically assign follow-up cybersecurity training for those employees who fall below the threshold.

We currently offer the following Predefined CyberStrength options and corresponding cybersecurity awareness training modules.

Broad Knowledge Assessments

We offer three options for broad assessments: 55 questions, 33 questions, and 22 questions. All three of these include a set selection of questions from all of our non-compliance CyberStrength topics; questions related specifically to the General Data Protection Regulation (GDPR), Protected Health Information (PHI)/HIPAA and the Payment Card Industry Data Security Standard (PCI DSS) are excluded from the mix.

Administrators can turn Auto-Enrollment on or off for the following 11 security awareness training modules, automatically generating assignments based on assessment results:

  • Data Protection and Destruction
  • Email Security
  • Mobile Device Security
  • Password Policy
  • Personally Identifiable Information
  • Physical Security
  • Safe Social Networks
  • Safer Web Browsing
  • Security Beyond the Office
  • Social Engineering
  • URL Training

General Topics and Associated Interactive Training Modules

Each of these seven predefined assessments includes 10 to 30 questions about a specific topic. Administrators can choose to automatically assign one or more of the corresponding training modules noted, should a user fail to exhibit a clear understanding of the topic

  • Phishing–Email Security, URL Training, or Introduction to Phishing, Avoiding Dangerous Links, Avoiding Dangerous Attachments, and Data Entry Phishing
  • Security Safeguards–Data Protection and Destruction, Physical Security, and Password Policy
  • Security on the Go–Mobile Device Security, Mobile App Security, and Security Beyond the Office
  • Online Safety–Safer Web Browsing, Safe Social Networking
  • Protecting Personal Data–Personally Identifiable Information (PII), Data Protection and Destruction
  • Securing Your Email Fundamentals–Introduction to Phishing, Avoiding Dangerous Links, Avoiding Dangerous Attachments, and Data Entry Phishing
  • Securing Your Email Advanced–Email Protection Tools, Email Security on Mobile Devices, and Spear Phishing Threats

Compliance-Related Topics and Associated Interactive Training Modules

Our three compliance-related Predefined CyberStrength assessments deliver a set selection of 10 to 15 questions associated with the General Data Protection Regulation (GDPR), PHI/HIPAA, or PCI DSS cybersecurity requirements. Auto-Enrollment can be used to automatically assign the targeted follow-up training modules noted, if a user's assessment score reveals a need for additional education.

  • Payment Card Industry – Payment Card Industry Data Security Standard (PCI DSS)
  • Protected Health Info – Protected Health Information (PHI)
  • GDPR - GDPR Overview, GDPR in Action


CyberStrength reports give you an at-a-glance view of strengths and weaknesses and allow you to tailor follow-up training efforts to address the most important topics in different areas of your organization. These reports allow you to review key factors related to your cybersecurity assessments, including the following:

  • Individual, group, and overall scores
  • Benchmarking data that compares your users' scores to other end users around the world
  • Scores by topic/category
  • Most missed questions
  • Completion status

Integrated With Our Security Education Platform

CyberStrength is a component of our Security Education Platform, a learning management system that is purpose-built for infosec professionals. You can access all of our assessment and education tools from a single sign-on, and our intuitive interface simplifies program configuration and management.

The administrative capabilities of this tool allow you to easily build and assign assessments, measure progress, share business intelligence, and evaluate ROI.

Multinational Support

We offer a comprehensive portfolio of 260+ CyberStrength questions. These are available in more than 35 languages—and counting. And using  key administrative features in our Security Education Platform, you can streamline the creation, delivery and management of security awareness and training programs across all regions.