Anagram uses a gammified approach to employee cybersecurity training

Despite employers who require their employees to complete annual cybersecurity training courses, cybersecurity disorders are still in human -controlled cybersecurity. The problem can even get great, as generative AI increases the scale and customization of social engineering campaigns.

AnagramKnown as Cipher, it takes a new approach to employee cybersecurity training, which the company hopes to keep up with the changing nature of these campaigns.

The New York -based company has built a platform that contains practical security training for businesses. The training includes videos with the size of bites and custom interactive puzzles to teach employees how to notice suspicious emails and communication. These trainings are designed to be more frequent and more engaged than the current standard of once a year, prolonged training.

Harley Sugarman, co -founder and CEO of Anagram, told TechCrunch that these activities include tasks, as employees to create their personalized phishing emails to teach them how to notice complex campaigns against themselves.

“We accepted very little, in fact there is actually no inspiration from the existing things there,” Sugarman said about existing cybersecurity training. “What we really took were the Ticktock and Duolnging Lessons and the Han Academy. We looked at those platforms that have made really, really well -engaging and changing users’ behavior outside the security space and said: Okay, how can we apply these security lessons? “

The construction of Gamified Cybersecurity Training was not what Sugarman, a former VC at Bloomberg Beta, began to do when the company originally started.

Sugarman’s first idea was a way to adopt the approach to the cybersecurity industry’s training “Banner” to the Upskill Cybersecurity employees. This training approach involves building software with vulnerabilities and security researchers to get into the software to find the mistakes and figure out how to write a code without falling into the same traps.

This company started as a cipher in 2022 and acquired some adhesion. But the main information staff (CISO) began to tell Sugarman that their businesses actually have a bigger security problem they seek to cope: their employees without security. Sugarman said Ciso describes their employees as their most acclaimed cybersecurity relationship.

“What surprised me was just just the amount of hopelessness I heard in their voices,” Sugarman said. “It was an insoluble problem for them.”

Shifer then headed in January 2024 to focus on solving this problem. Starting now changes its name to Anagram to reflect its new focus and is in the process of winding its original product. Anagram has a strong growth from its rotating and landed customers, including Thomson Reuters, Massmutual and Disney, among others.

Recently, Anagram raised a $ 10 million series of Madrona with the participation of General Catalyst, Bloomberg Beta and the operator’s partners, among others. The company plans to use the funds to build its sales team and continue to improve the product. Sugarman said they have so far managed to lead to the failures of the company of 20% to 6%, but he believes they can continue to approach zero.

Sugarman said Anagram launched its product at a really interesting point for folding the cybersecurity industry. With the progress of the generative AI campaigns for social engineering, they can be more personalized than ever, which will make it difficult for people to say what is real and what is not.

“I think the type of side effect of this is that traditional email security platforms will actually have a much harder time, finding those AI-generated AI slips,” Sugerman said. “This ability to generate and randomize is just so strong and really difficult, from an engineering point of view, to defend against it.”

Anagram also works to develop an AI agent, who will sit in enterprise employees and will be trained to mark potential slipping of cybersecurity before they happen. Sugarman said the agent would do things like popping up to ask anyone if they really wanted to send their credit card information by email and other similar precautions.

Meanwhile, Anagram hopes its puzzles and training videos similar to Tiktok will continue to move the needle.

“People are not dumb, we have built skyscrapers that we can make space trips,” Sugarman said. “We can understand how not to click on a suspicious link in an email.”