In 2023, we launched Shira 1.0 to let anyone take quizzes to learn, in a controlled learning environment, how to identify phishing attacks. Shira was novel in that it covered not just email but also phishing sent by SMS and instant messengers, and let learners customize their quiz to their specific needs, field of work, and languages.
Over the years, we saw people using Shira to build their own anti-phishing skills as well as digital security trainers use the app to train organizations and communities. One trainer single-handedly used Shira to train over a thousand people! As Shira gained steam, we received requests to add new phishing quizzes to cover a wide variety of contexts and threat models, and we soon realized we would never be able to create quizzes relevant to all people in all places. This is why we built Shira 2.0: so digital security trainers and educators could build their own quizzes for the communities they know best. And in the process, we added new tools and capability to make Shira a more comprehensive phishing training platform.
Shira 2.0 is all about letting educators and organizations create and run tailored phishing training programs. In Shira, you can now:
- Create your own "Space" to manage quizzes and learners
- Create fully customizable quizzes, specifically tailored to your team's needs and capacity.
- Pick between public quizzes for easy access or private quizzes to include sensitive information and track each learrner’s progress.
- Display quiz questions in "apps", which make the email or message look as close as possible to what your learners will experience in real life: Gmail, Outlook, WhatsApp, SMS, Facebook Messenger, and Dating App.
- Create questions from scratch or pull from a library of ready-made questions, available in 5 languages, and adapt these questions to your context and needs.
- See how well your learners did on your quizzes, including the rate of quiz completion, average success rates, success rates by learner, and success rates by question.
In our beta testing, we saw a wide range of use cases, from organizations with 200 staff use Shira for internal training to non-profits launching broad public campaigns to raise awareness on phishing in their communities. Organizations that deployed Shira internally reported staff becoming more alert and cautious when receiving suspicious emails and messages, and (something we didn't expect) a notable increase in phishin reports to the IT department.
To ensure Shira's sustainability, we are introducing plans. Anyone can get started with Shira for free with the Starter plan, or pay a small fee to access all features and capabilities with the Pro plan. And we are of course committed to ensuring Shira is accessible to everyone who needs it, so any organizations or digital security trainers who needs Pro but cannot pay can get free or discounted access, just get in touch!
We also know that tech is often not enough in and of itself: some groups may not have the phishing expertise to create their own quizzes, or they may simply not have the time and capacity to it themselves. As a digital security organization, we’ve long been used to creating training programs adapted to our partners’ needs, context, and capacity. So we are also offering, through Shira Enterprise, to design and deliver entire phishing training programs using Shira, including phishing readiness assessments, action plans, and tailored training modules.
If any of the above sounds interesting, head to Shira to get started or get in touch to learn more or explore a partnership!
Cheers,
Raphael from the Shira team
