Security Awareness Training and Simulated Phishing Platform

1. INTRODUCTION

Micro-Enterprises Support Programme Trust (MESPT) is a Kenyan development organization established in 2002. MESPT’s overall objective is to promote economic growth, employment creation and poverty alleviation through enterprise development. This is achieved predominantly through support to the development of agricultural value chains whilst embracing and promoting the green growth and climate change agenda. Through its vision of building a more Prosperous Society, MESPT facilitates increased commercialization, decent employment and green transformation through targeted interventions in the selected value chains. The Trust is a multi-donor entity jointly founded by the Government of Kenya and the European Union who later relinquished their position to the Royal Danish Embassy in Kenya, Ministry of Foreign Affairs of Denmark (DANIDA). To learn more about MESPT, please visit www.mespt.org.

1. OBJECTIVE OF THE ASSIGNMENT

The objective is to solicit applications for a Security Awareness training and Simulated Phishing platform (KnowBe4) that will help us improve cybersecurity awareness within the organization.

.

1. KEY FEATURES OF THE KNOWBE4 SOLUTION

1. Baseline Testing

Ability to provide baseline testing to assess the Phish-prone percentage of users through a simulated phishing attack.

2. Training Content

A library of security awareness training content; including interactive modules, videos, games, posters and newsletters. Automated training campaigns with scheduled reminder emails.

3. Simulated Phishing

Automated simulated phishing attacks with templates

4. Engaging, Interactive Browser-based Training

Interactive training that gives users a fresh new learner experience that makes learning fun and engaging.

1. Assessments

Ability to find out where users are in both security knowledge and security culture to help establish baseline security metrics.

1. Custom Phishing Templates and Landing Pages

Ability to customize scenarios based on personal information and include simulated attachments to create targeted spear phishing campaigns.

1. Phish Alert Button

A safe way to forward email threats to the ICT team for analysis.

1. Security Roles

Ability to define combinations of level of access and administrative ability that specific user groups should have.

1. Advanced Reporting Feature

Reports to provide holistic views and detailed reporting on key awareness training indicators over time.

1. KEY DELIVERABLES
2. MESPT subscription to Knowbe4
3. Knowbe4 customized to MESPTs requirements.
4. Assignment Timelines

MESPT staff should start using knowbe4 by March 2023.

1. Institutional Arrangement

The vendor will work with the ICT manager to customize the solution.