Kaspersky Automated Security Awareness Platform

 

General description

 

The Kaspersky Automated Security Awareness Platform (K-ASAP) is a training course currently spanning 9 topics (45-50 thousand words in each).

  • Passwords and Accounts
  • Email
  • Web Browsing
  • Social Networks & Messengers
  • PC Security
  • Mobile Devices
  • Protecting Confidential Data
  • GDPR
  • Personal Data

Platform materials are based on a competency model including more than 450 practical skills for trainees.

The platform is multilingual and currently available in 17 languages: English, German, French, Italian, Spanish, Arabic, Czech, Slovak, Hungarian, Serbian, Greek, Turkish, Dutch, Portuguese (European and Brazilian), Polish and Kazakh (and this list continues to grow). Platform localizations take into account the cultural nuances of each region, so the content isn’t a word-for-word translation, it’s a full adaptation that also includes text and images.

Each topic consists of 18-20 lessons broken down into four difficulty levels. Each lesson is presented as interactive slides (theory, test, etc.) focusing on a specific aspect of the topic.

In addition to lessons, the platform also includes final tests that users must pass after each level, as well as a number of informative study guides. The total volume of material on the Kaspersky ASAP platform is about 420,000 words (for comparison, The Forsyte Saga is roughly 120,000 words).

 

My role on the Kaspersky ASAP team

 

General management of content development

Since September 2018, I’ve been managing the team responsible for creating Kaspersky ASAP content, including lessons, interface, phishing emails, etc.

Competency model

In 2019–2020, I released the current version of the competency model with necessary skills dispersed between platform topics, levels and lessons.

Lessons

I personally wrote the following topics for the platform:

  • Passwords and Accounts — 14 lessons, 3 final tests, 3 study guide emails and a simulated phishing attack;
  • Email — 14 lessons, 3 final tests, 3 study guide emails and 3 simulated phishing attacks;
  • Web Browsing — 15 lessons, 3 final tests and 3 study guide emails;
  • Social Networks & Messengers — 16 lessons, 3 final tests, 3 study guide emails and 2 simulated phishing attacks;
  • PC Security — 15 lessons, 3 final tests, 3 study guide emails and 2 simulated phishing attacks;
  • Mobile Devices — 18 lessons, 3 final tests, 3 study guide emails and a simulated phishing attack;
  • Protecting Confidential Data — 13 lessons, 3 final tests and 3 study guide emails.

I also managed the development of the GDPR and Personal Data topics, and handled the scientific and literary editing of all platform topics.

Phishing emails

I created 8 of the 9 phishing attack simulations to test trainee practical skills in the platform, as well as more than 20 phishing attack simulations for the phishing simulator.

Local office and agency liaison

I played an integral role in managing the localization of K-ASAP, including multiple presentations and master classes on how to use the platform.

 

Training materials

 

Each Kaspersky ASAP lesson consists of 10-20 slides, including introductory slides, theory, question slides, conclusion slides, etc.

Introductory slide example:

Theory slide examples:

Question slide example:

Conclusion slide example:

To confirm the material was actually learned at the end of each level, trainees take a test with 10-15 questions. Main test page example:

Question slide examples:

After each level, trainees are emailed a study guide with a summary of what was covered in the lesson. Email example:

Based on the results at certain levels, trainee skills are also tested via simulated phishing attacks. Phishing email example from level 1 of the Passwords and Accounts topic:

The system also has a number of interface emails for training managers and trainees, including a welcome email, program completion email, training statistics emails, topic certificates, and more.