Industrial Security

3 Ways ThreatSwitch Helps to Make Your Organization Safer With John Brooke

Adam Cleveland
September 13, 2021

Every month ThreatSwitch hosts a webinar on a topic of interest to the security and compliance community. Thousands of security leaders and practitioners have attended these webinars, but not everyone has an hour to spare. That's why we'll be sharing our CEO's lessons-learned each month right here on the ThreatSwitch blog. 

“Security training isn’t required to be boring, hard to accomplish, or a waste of time .” -John Brooke

John Brooke shared a demonstration of ThreatSwitch software at work, highlighting it’s uncomplicated ease of use and the benefits it offers to both employees and security professionals.

We’ll pull out a few of the key points and then you can check out the full transcript of the conversation. (Here’s the link to the full webinar.)

Security staff are typically “nomadic” learners

They don’t spend a lot of time in the office. They’re usually out and about or traveling around.

Training for them needs to be easy and available “on demand” because taking them out of the field is taking money from the company. 

ThreatSwitch software is designed with this type of user in mind. Check out three major benefits.

1. It meets them where they are.

And it’s easy to access. Training from anywhere is possible. A few simple clicks and everything that’s needed can be accessed.

2. Offers customized updates

This includes individualized status updates that can be sent for individual people, certain groups, or the organization as a whole.

3. Increased compliance

Automated reminders encourage completion, which leads to compliance with regulations.

If you missed the webinar, you can catch the recording on our resources page. You can find the full transcript of the webinar below.


Full Webinar Transcript

SPEAKER: John Brooke

John Brooke  00:02

All right, thanks a lot, we're gonna go ahead and get started. Appreciate you all joining us for taking security training to school with ThreatSwitch. My name is John Brooke, I'm the head of sales for ThreatSwitch, and I'll be driving the bus today, showing you the application. I know you all had a lot of other things that you could be doing and I appreciate you spending an hour with us to learn about how ThreatSwitch works and how to help you solve some problems related to training. 


Just to get started, you can submit questions, which we're going to take at the end, by simply clicking on the little button that says q&a. We've got people standing by to record those and they'll ask them of me, once the webinar is done, or once the demo part of the webinar is done. If we can't answer one of the questions you put in, we'll get back to you as far as just a direct answer directly to you. And then finally, any slides you see today, and the recording will be sent to you after the webinar is over. So be on the lookout for that as well. 


I'm pleased to be presenting this thing to you. I also apologize for the numerous pictures of me that you had to see in the information about the webinar. Just a little bit about me: I am the head of the sales organization. But I've spent the bulk of my career in the software business with multiple roles, including implementation and project management, product consulting, which is , you know, a demo in advisory type position, account management and sales leadership. And I've spent the last, it's actually 14 years I got my math wrong. And when I put the slide together in the governance risk compliance and ethics world, so this is kind of where I live, or have lived for the past, you know, decade and a half. And I believe we've got some stuff to impart that you all will find valuable, in addition to showing you how the software works. 


Alright, so let's go ahead and get going, you know, Why are your employees and you potentially required to take security training, besides the fact that it's just a good idea to keep the shop at the saw sharpened there is you know, significant regulatory requirements around the need to take security training and refreshers, executive orders to do the manual, and then the new NISPOM it's section 12, and the new NISPOM is all about training and why, you know, you have to do it. So it's a good idea number one, and it's the law, which, you know, both of those are great motivators. 


What you're not required to do, though, is, is, you know, take boring training or provide training that's hard for your team to get a hold of, or at the end of it, they feel like they're wasting their time. 


What we're going to show you today, you know, is how you're going to be able to do that with the application. And I think you're gonna like what you see. 


I've been in the governance, risk compliance, and ethics world for a little while. I pulled one of my good friends, who's the senior vice president of sales at Syntrio. His name's Joel Moershell, his company provides governance risk and compliance solutions with a focus on learning and content. 


So I asked Joel, you know, I kind of explained to him what our learner looks like. And he, you know, based on his experience, suggested that I share with you all, the first thing to do when you're setting up training is to identify the type of learner and as we chatted, Joel determine that, you know, the security staff, the folks that are out in the field doing the billing, they're called, they are what he calls nomadic learners, right there. 


They're rarely in the office, they're there, you know, they're on the road or, you know, on the move. And you said some of the some of the, you know, kind of the characteristics of that type of learner. It's a high value resource. As we know, these are the people that are doing the billing on your contracts, they're generating the high revenue for your organization. They're transient, we just talked about that. And I've got pretty high expectations. As on, you know, things that they're going to spend their time on. Right. 


So knowing that a security person is a nomadic learner, what's the best way to get the nomadic learner engaged in your training process? 


Again, this is, you know, wisdom I gained from Joe, that the training has to be easy to use, right, I have to be able to meet the person where they are, right, which means wherever they happen to be, they need to be able to take the training, and then the training has to be on demand, it can't be something that I've scheduled, and expect this, this type of learner to jump in and take it. Because if I take them out of the field, then I'm taking away revenue from the company, and most people are real fans of that. Right? 


So what we're going to do today is I'm going to show you how you're going to get this nomadic learner plus anybody else that you want to assign training to get that training to them, and be able to follow up on whether they've completed it, and all the loose ends around making sure that this stuff happens. 


Right, so we're going to take a look at training from a couple of perspectives, as well. First we're going to focus on the employee, right, so the nomadic learner, and then the other, the other folks who are subject to the training, I'm going to focus on their experience. And then we're going to spend some time looking at what the security professionals or their experience is going to look like in the application. 


So first, let's take a look at how the employee would utilize the application. Clear a couple things there. Right, so I'm going to go ahead and log in here and demonstrate that our security logs you out fairly quickly if you don't do any activity, right. So your employee user, right the nomadic learner in my example, when they access ThreatSwitch they're going to be presented with this screen, right? This, this is their inbox, right? This is their intersection with all the security processes that they're a part of. Right. So your job as a security professional is to engage this, this nomadic learner, this employee, and this is where they're going to get intersected with the application. But more importantly, right what the application also does, because we rely on workflow, to ensure that things happen, when they're supposed to happen. And if they don't remind people that they have things to do, right, we're also going to notify this employee, I'm over here in Philips inbox, right, that says, hey, Philip, you've got stuff to do, right. So fill up or any, any learner doesn't have to remember how to log into ThreatSwitch necessarily, all they have to do is click one link in an email, and it will launch the application for them and take them to the place they need to go to do the work. 


So meet them where they are right, put it in their inbox, and then make it easy for them to use that. That's the first thing, right? So that, you know, the automation of the notifications. And let me go back here. And I'll show you one other thing. There's also reminders, right, so Philip, does not complete his tasks on a weekly basis, the application ThreatSwitch is going to remind him and anybody else who has open items, that they have things to do. 


Again, it's one click to work to get back over to ThreatSwitch to be able to do that, that one thing. 


We're here to talk about training. So let's click on the training assignments that he's got. And, you know, talk about how to make this happen. Right, so I'm going to click this training assignment, you can see Philips has been assigned a whole lot of trainings to do, right. He's gotten reminders on other things, but all Philips is going to have to do is click on that training, and then he's going to be able to launch the course immediately to be able to start training taking the class and I'll show you that here in a second. 


The other thing is if your user, if your learner has questions about how to utilize the application, you might notice this little smiley face, you know, caption box or whatever down here. This is your access to the archive of information, the documentation about how ThreatSwitch works, so if Philip had a question about You know, how do I do training in ThreatSwitch? Right, he's gonna get a lot of information here that he's able to click on, right away To learn more, you know about what he's supposed to do. So even if you're not, you know, interacting with the application on a regular basis, you're getting your reminders in your email, you're clicking that link, it's going to bring you over here, if you got a question on what to do, you've got help available immediately. And if that's not enough, right, you've also got the capability to interact with any of our support employees to ask specific questions. So that's always available, regardless of where they are. Okay? 


So, in order to take the course, all Philips going to do is click on the coursework, right, so I'm going to show you in a second how the security professional creates the course and determines what the coursework is. I'm just going to show you here how Philip would, would take the coursework in this example, I'm linking to the course that was set up links to a course in the cbse awareness hub, right, I'm gonna launch the course, we're going to take the course, when we come back, right, then Philips going to have the opportunity to say he took the course, he's going to click on completing the assignment, right, and this is where he's going to certify, right that, that he took the course, right, and then he's also gonna have the opportunity here to upload his certificate of completion. Right, so I'm gonna put that thing in there. I tell you, what's even better, though, is because the certificate of completion is required, based on how the course was designed and defined, he's not able to complete the course without the certificate. So there's no opportunity for somebody to just, you know, kind of click the box, and say they did it when they did, right. 


So you have that choice as a security professional, but I wanted to point that out here, right. So as soon as he put his certificate in there, he's going to mark that complete. And then he's going to be able to go back here to his list of training. And, and that thing is going to, it's off the list, because I've got a filter here, that's only showing me, you know, the incomplete items. So that's it, right? That's all that that employee has to do when he's done, he can log out and move on. We're not wasting his time. 


That's one of the things that we talked about. You know, as far as you know, you have the obligation to take the training, in order to maintain your clearance, you are not obligated to waste your time trying to figure out where to go to do it. So the third, one of the big things we're trying to provide is that capability to always go to the same place to accomplish the same types of tasks, regardless of where it comes from. The last time that those high dollar employees waste, doing things that are administrative in nature, the more time they're available to bill. And if you've got a lot of those employees, which I'm sure most of you do, that really leads to a lot of extra revenue opportunity, that's not there with current processes, right. 


So let's go take a look at how the security professional does it. So I'm going to log out as Philip, we're going to log in as the security professional. And we're going to see a couple of different items here. Similar look and feel on the security professionals, desktop, couple more things, lots of there, they're engaged in a lot of processes. So their inbox is a little more busy. 


They've also got some reminders up there in the upper left corner. But let's go ahead and close the loop on Philip and let's go out here and take a look at the personnel roster. The great thing about the way ThreatSwitch works is when the person completes the training or any other assignment, they are going their actions or updating their personnel record in the application automatically. 


So down here, you know, we've got the whole roster of the entire group, right click on Philip, I can go down here and look at the training. Right and I can I can you know let's go ahead and remove this filter. Let me add the filter for the assignment status and I'll look for the completed ones. Click on Apply. Right so the training that we do Yes did was completed. And I've got, I've got that full peer it is right here, I've got the full load of information about it. Right. So you can see that I assigned it to him, he completed it today, everything's wonderful. If anybody has a question about whether Philip has completed a course or not, you've got, you've got full access to that, in addition to all the other information that will show and some other demonstrators that when we have an opportunity to do that great thing about threats wishes, we put the person at the middle. 


So you've got a full 360 degree view of that person's interaction with security at any point in time. Right, I give you one other quick example here, on the people page, right in the filters are important. But you know, if I, if I'm looking for a group of individuals that match a specific set of criteria, like a contract, and we're going to do this when we create the training, all I have to do is add the filter. And I've got that list of folks within the organization that match that criteria. And then the application provides immediately a way to launch a macro to launch this thing, but to launch XML report of those kinds of things. 


So it's something that makes your life easier, but because that person, you've got all that information about the person, you don't have to go to a lot of different places to figure it out. 


Now let's look at how the security professional actually sets up training. 


First thing we're going to do, we'll review the one that I had assigned to Philip. You can see here, you know, the metaphor, you've got an idea of what the completion rate is on the training, we're going to, we're going to look at some other reporting capabilities as well. Right? 


When you set up the training, you decide what the you know what the title is, you know, what the instructions are, you know, and what the what the training is, we'll go ahead and set one up here, you have a choice, if you look down here, whether you're going to require a third party certificate or training providers certificate with this course, and then you're able to assign people, right, so all that stuff is what's provided, 


The application ThreatSwitch keeps track of the completion rate. So based on the folks that the training was assigned to, it's going to, it's going to calculate a completion rate. And we'll show you some other ways to do that here in a second. But let's, let's see just how easy it is to create one of these things. I'm going to add a training course here, and we're going to call it deminar. Training. Right, and, and, you know, instructions are whatever you want them to do. We do the training materials, sort of the coursework, right, so you've got a choice here, this, this is another thing with ThreatSwitch we're not a content company, we weave, we are content agnostic, which means you can provide content from multiple sources, the course that I had assigned to fill up, I use the link to that CDSE course, drop that into the coursework, place here, I can just as easily utilize a file. Right, so I've got a file pre staged out here, I'm going to go ahead and do that. Right. So this can be a PowerPoint, this can be a PDF, this could be a whole lot of things. 


And we're going to talk about that once we're done. So I've got the coursework assigned, and you can have as many of these things as you want, when you're creating the course. Right, and then you get to choose whether you want to require certificate of completion or not. Right. So if you don't, that's fine. I'm not going to require it on this one. I'm going to click Save. And then I'm going to get the opportunity to assign personnel to this training. And this is where it gets really powerful. 


So I showed you on the personnel roster, how it was easy to assign folks, you know, with a filter, right? So yeah, lots of ways you can assign things. You can just click, you know, collect the names on the list. That's great. But if this particular training was related to a Particular contract that we had gotten. And it said that everybody that's working on the contract has to take the training, I'm going to get the list of everybody that's on there. Right, all I got to do is click that box at the top, I've now selected everybody, I pick a due date, I click, I get to choose whether I notify them immediately, or let their weekly reminders notify them. And then I just click save and assign. And we have completed a training, or we have completed setup of a train. And now it's just up to those users to be able to, you know, go out, take the training, if they don't, they're going to get reminded on a weekly basis, if they have training to complete. 


And then you are also going to have lots of ways to, you know, remind others. One of them is through that personnel roster. Right. So if I wanted to create a list of people who hadn't completed, you know, certain trainings, I can do that there, I also have a full reporting capability to be able to do it. So that's as hard as it is to, you know, to set up a training class in ThreatSwitch. Really, really, really, really simple. No, no real, you know, hard work, nobody's going to break a nail doing this. 


So that's it, that's setting up the training, and then it's just a matter, you know, if I get additional people that I want to have take the training, I can do that as well. I can set the due date for them, right, save and assign same kind of thing. All of these items are, you know, taken care of for you in the background. Now it's up to you to go wait and take a look at, you know, what's going on with that particular training. Right. So the final thing I want to show everybody is, you know, kind of additional information that's available, because the folks that are part of your security program are out there, taking the training classes. 


I'm going to show you an example. That's part of an existing dashboard. But this is functionality, that's part of threats with ThreatSwitch, that allows you to visualize information about the security activities that are going on within the organization. Right. So I've got a training specific one here on this more general dashboard. But know that you have complete control over setting up additional views of that information. 


But a couple of examples here, right within the visualization tool, right is the ability to set up alerts. Right. So if you know that you've assigned a training, and it has to be 100%, complete, because it's a contractual requirement. Right. So if it's less than 75%, right, I want to get notified. Ryan put my email address in there. And I want to get notified every day until it's until it's fixed. Right once I've once I've put in all the information, then the application is going to remind me every time every day when that number stays below the whatever the rate is that I put in there. 


Likewise, you've got lots of capabilities to, you know, go take a look at additional views of the information and drill down on the data that that created this, this visualization. That's all provided as part of the part of the application. Right. And then finally, let's go back over there. What you've also got within this dashboard data visualization capability is a way for you to notify others in the organization, let's say about the status of your security program. 


Our example today was around security or around training, but any of these, any of these visualizations, any of these dashboards are eligible for you to be able to notify folks outside the organization or senior leadership about what the you know what the status is. So I'm going to click on schedule here to give you an example of what I'm talking about. Right I'm going to send what I'm going to do here is is send via email a copy of this particular dashboard to a list of people whose email addresses I would add to this, this list here, right? Tell him what, how I wanted sent, right? I want to send him a PDF, right? And then when do I want to send it? Right? 


So every Monday at six o'clock in the morning, whoever I put in that list, once I, once I save this thing, they're gonna get a visualization, they're gonna get a snapshot of what the security program looks like at that point in time. So it's a great way for you to help others understand, you know, how the, how the security program is doing, and get the information out there. 


One final thing I want to talk about in training, you know, we talked about the fact that it's, it's, it's training agnostic. You know, as far as content, the other thing you're able to utilize, because the application is going to take care of notifying people, and reminding people that they have things to do think about alternate use cases, for this type of functionality, trainings, a great use case for it, it's one that our customers utilize pretty much 100%. 


But also think about if I need a policy at a station, right, I've got I've got a new policy that's related to some function, or related to a contract, or some, some group of individuals that are part of your organization, need to read or a test that they've done something, use the training application to be able to send out the notification, get them to do the reading, certify they did it, and then update their personnel record with that. So even though it's called training, that's a that's a great use case. That's a primary use case. 


But there's lots of other ways that you can utilize the same set of functionality to be able to, to take, you know, take advantage of it. Right. So, again, you've got lots of information about everybody in the organization, right, including training and all these other items. It's all available to you to be used on that visualization and other reporting capabilities. But from a strict training standpoint, I'm going to go back and let's, let's, let's kind of review what we've done. 


Right. So what we've done today, we've shown how easy it is for that nomadic learner to actually utilize the application, right, they get notified email, one click to work takes them right into threat switch to do the job. They do the work, if they don't do the work, they get a reminder that you don't have to send out, you don't have to be an ag, the system takes care of nagging people to get there to get their obligations completed. Right, great, great automated process, make sure that stuff doesn't fall through the cracks. 


Second, because of that automation, you're going to increase compliance and decrease risk of non compliance. Right. We also talked about the fact that ThreatSwitch is content agnostic, right, so it doesn't matter what the content is, I showed you a link out to a CSE course, I showed you how to create one that was a PDF of a PowerPoint, I can link out to an LMS. Right, if you have a learning management application that your organization has, and most of them do, that the HR organization maintains. I can link to content that's stored out there at but also be able to maintain the security record on the people that are covered by the security program. 


And then the final point here is that the personnel records are automatically updated based on the activities that the learner is taking. Okay. So I'm going to stop here and and look, let me see. I'm going to take a look for questions here. Adam, are you I've got some helpers out there. We we got any questions? Let's see. Let's say all right, I've got I've got a couple that I got beforehand. This one's pretty good. It says we, we conduct training classes on a particular topic for a number of employees in an on site classroom. Are we able to track attendees that were invited and perform, you know, record on their records that that they took the class Yeah, and that that answer is yes. When I didn't show it, but but as the security professional,



the, the,


John Brooke  30:11

I'm able to complete for the assignees, I can say that those people have completed the training. So if I'm doing an in person to stand up class, I've got the roster of people that were in there. I can I can select them from the, from the list that were assigned the class, and their record is updated automatically. I hope, I hope that I think that's what you're asking.



If not, give us another ring in the q&a there. I got one here that says is there somewhere tells you approximately how long the train will take? And also, can you start and stop the training and come back to it at a later time to complete? Excellent question, that is all dependent on the content that you use to do the



do the



training from right, so CDSE? Because we take those same training classes, so I'm very familiar with those.



It tells you how much time do you expect to take to take a particular class, a lot of commercial training content does the same thing. So it gives the learner a way to do that learning management applications are really good at that with a status bar and things like that, likewise, with the ability to, you know, kind of start and stop and come back and take on later. But that is that one's going to be dependent on the on the



the content. I hope that answers the question. I think that was Kara.



Let's see, I got another one here about API availability for a for a couple of other applications. ADP, no before in Salesforce.



We are we have a, you know, a REST API with ThreatSwitch that can update in both directions, any amount of information. So it's dependent on what you're thinking about providing to those other applications. But absolutely, those things are possible. You know, like, the links, especially, I'm familiar with a couple of those. ADP specifically, I can link out to the training out there, and have the person take it, and that that works. Today,






Let's see. Oh, this is good. This is good. You know what, let's go ahead and launch a poll real quick. And I've got a couple more questions I'll answer. So bear with me here. We're interested to see if you're interested in hearing from us.



We've got a couple of options here, you know, right now, in the next six months in the next 12 months, or not at this time, and all of those are acceptable. We're just curious to see if this is something you'd like to talk some more about to, to me or one of the other members of the sales team here. We'll give it a I don't know another.



I don't have the music again.



Give it another 10 seconds.



Great. Great. Thanks a lot. Thanks a lot. We appreciate you, you know, sticking with this to



let me get a couple more questions. Let's see, I got one here.



We've used video clips for training on specific procedures and slps. Can we include a video link for review rather than a file? Yes, I think that similar answer to the question, the previous question. But yeah, that that the content agnostic thing, you're probably going to hear that. I'll say that too many times. But that it's important. The content can be whatever the content needs to be, which again, you know, we could speak for a full hour on, you know, kind of the theory behind the learning and uptake. Joel, I think it'd be a great webinar presenter, we'll probably get him down the road to talk about that. But yeah, any content that you've got, you can launch I know I've got I've got other organizations that are that are linking to all kinds of stuff out there to be able to provide the training.



Got a question here about



So I think this is a question about if you choose to implement ThreatSwitch what's the timeframe, from initial setup to roll out to the employees,



it's I hope you saw that the application, it's easy to use, right? One of our, one of our corporate values is zero training, user interface and user experience. And I hope you saw that that that is the case, it's pretty obvious where to go and what to do. So the real work during onboarding, is loading up information. So loading data about your employees, we can utilize that same API to do that.



We can also use flat files and other things, loading up information about your existing contracts, assets, locations, all the other pieces that we didn't have time to go into today. Those are all part of the initial onboarding. That can happen really quickly. There's not a, there's not a set timeframe, but it's it's weeks, if not months, or years, folks can get up and rolling, if they're ready to go. Most of the time, it's kind of delays in internal process that that require us to take some additional time to do that.



Let's see. I got another one here about the Oh, that's a good one. The



is your information safe? Right? Yeah. I



in like, don't take my word for it. But you can ThreatSwitch is its cloud application, it's hosted in a FedRAMP high environment, in your IT guys will know what that means if you know.



And it's, you know, at the Amazon Web Services. gov cloud, it's highly secure. It's also encrypted in transit and at rest. So your data is extremely well taken care of, and



safe, much safer than then probably any organization outside of a couple could do on their own. You get it as part of the license for the application.



I hope that helps. Let's see got a couple more on the variety ends here.



Oh, this is this is where I already answered that one. Right. Got the LMS. One?



can we send multiple courses at one time?



Yeah, yeah, I can you can assign multiple, multiple courses,



you know, like new hires or something like that, they could get loaded up with individual training classes in the like, so that that is a good one.



I am not seeing any more questions right now. I do have if I can indulge, if you will indulge me ThreatSwitch this is john as the as the sales leader, and and I've got my marketing later on, as well. We're trying to decide where we're going to go if we go to in person events for the remainder of 2021. The thing, well, I think I'd let you pick two. If you pick more than that you may get a question when we when we end the meeting.



About You know, answering a couple others. This is just a favor to me, really appreciate it. If you can take, you know, 10 seconds here. Tell me if you're going if you're you know, just we're trying to decide what we're going to do. Last year, as everybody knows, nobody went to anything. This year, we're kind of hoping to get to, at least, I don't know Gobbo but people are now even wearing a mask just to see if we can get in front of some folks.



Thanks. All right. The last thing I want to do before we shut this down because it looks like we're done with the questions is tell you about next month's



event. It's less than 30 days from today.



The next speaker is going to be fantastic. This is a fireside chat or discussion, really a seminar with Karen Evans, who's the former CIO of the Department of Homeland Security.



That that's going to be on September 9, of this year at same time, one o'clock eastern 11 o'clock Pacific. We hope you can join us.



I can't thank you enough again for spending time with me. I'll give you 15 minutes of the hour back that we had blocked. We look forward to talking to you and hopefully seeing you on another webinar in the future.



Take care

Keep Reading

Posts by Topic

Subscribe to our