Kaspersky Automated Security Awareness Platform
General description
The Kaspersky Automated Security Awareness Platform (K-ASAP) is a training course currently spanning 12 topics (45-50 thousand words in each).
- Passwords & Accounts
- Websites & the Internet
- Social Media & Messengers
- PC Security
- Mobile Devices
- Protecting Confidential Data
- Personal Data
-
Physical Data Security
- GDPR
- Industrial Cybersecurity
- Bank Card Security & PCI DSS
Platform materials are based on a competency model including more than 700 practical skills for trainees.
The platform is multilingual and currently available in 24 languages: English, German, French, Italian, Spanish, Catalan, Arabic, Czech, Slovak, Hungarian, Serbian, Bosnian, Croatian, Romanian, Greek, Turkish, Dutch, Danish, Swedish, Portuguese (European and Brazilian), Japanese, Polish and Kazakh (and this list continues to grow). Platform localizations take into account the cultural nuances of each region, so the content isn’t a word-for-word translation, it’s a full adaptation that also includes text and images.
Each topic consists of 18-20 lessons broken down into four difficulty levels. Each lesson is presented as interactive slides (theory, test, etc.) focusing on a specific aspect of the topic.
In addition to lessons, the platform also includes final tests that users must pass after each level, as well as a number of informative study guides. The total volume of material on the Kaspersky ASAP platform is about 640,000 words (for comparison, The Forsyte Saga is roughly 120,000 words).
My role on the Kaspersky ASAP team
General management of content development
Since September 2018, I’ve been managing the team responsible for creating Kaspersky ASAP content, including lessons, interface, phishing emails, etc.
Competency model
I released the current version of the competency model with necessary skills dispersed between platform topics, levels and lessons.
Lessons
I personally wrote the following topics for the platform:
- Passwords & Accounts — 20 lessons, 4 final tests, 4 study guide emails and a simulated phishing attack;
- Email — 14 lessons, 3 final tests, 3 study guide emails and 3 simulated phishing attacks;
- Websites & the Internet — 20 lessons, 4 final tests and 4 study guide emails;
- Social Media & Messengers — 21 lessons, 4 final tests, 4 study guide emails and 2 simulated phishing attacks;
- PC Security — 20 lessons, 4 final tests, 4 study guide emails and 2 simulated phishing attacks;
- Mobile Devices — 22 lessons, 4 final tests, 4 study guide emails and a simulated phishing attack;
- Protecting Confidential Data — 18 lessons, 4 final tests and 4 study guide emails.
I also managed the development of the GDPR, Industrial Cybersecurity, Physical Data Security, Bank Card Security & PCI DSS and Personal Data topics, and handled the scientific and literary editing of all platform topics.
Phishing emails
I created 8 of the 9 phishing attack simulations to test trainee practical skills in the platform, as well as more than 150 phishing attack simulations for the phishing simulator.
Local office and agency liaison
I played an integral role in managing the localization of K-ASAP, including multiple presentations and master classes on how to use the platform.
Training materials
Each Kaspersky ASAP lesson consists of 10-20 slides, including introductory slides, theory, question slides, conclusion slides, etc.
Introductory slide example:
Theory slide examples:
Question slide example:
Conclusion slide example:
To confirm the material was actually learned at the end of each level, trainees take a test with 10-15 questions. Main test page example:
Question slide examples:
After each level, trainees are emailed a study guide with a summary of what was covered in the lesson. Email example:
Based on the results at certain levels, trainee skills are also tested via simulated phishing attacks. Phishing email example from level 1 of the Passwords and Accounts topic:
The system also has a number of interface emails for training managers and trainees, including a welcome email, program completion email, training statistics emails, topic certificates, and more.