Across industries, training videos are known to be the opposite of fun. In most cases, they even struggle to be interesting, which surely isn’t great for their intended purpose. Still, these training videos — essential to employee orientation and famous for being dreadful — are necessary, and usually mandatory for anyone hired into a new position.
And they’re probably no less boring when it comes to technology and cybersecurity.
Curricula, an Atlanta-based company that creates character-based training videos specifically to help companies teach cybersecurity awareness to employees, announced this week that it just raised $3 million in Series A funding to begin 2020.
The 5-year-old bootstrapped company calls itself “the only character-driven security awareness platform that focuses on connecting employees with heroes, villains, and memorable security stories.” With the successful funding round, led by RCP Equity, Curricula plans to grow from a current staff of nine employees to at least 30 by year’s end, according to CEO and co-founder Nick Santora.
Santora says the typical cybersecurity training video can be summarized as “an hour-long death-by-PowerPoint, with a lot of lawyer language.” And, he says, with so much at stake for the companies involved, making these videos engaging, beneficial and results-based is critical.
“You’re hearing about companies getting hacked almost daily,” Santora told Hypepotamus. “The only way to solve this is to invest in your people. Connect with them at their level. That’s what we’re doing with our episodes. We flipped the script and showed them how to feel familiar with what they’re learning from, which is stories told through animation.”
Companies set up the platform in a series of steps that immerse employees into learning defense strategies. First, they create a customized schedule of sessions for employees to view the training episodes, which are all under 10 minutes in length. These episodes are chosen according to current real or potential threats to the organization, and can include ransomware, browser security, removable media, and phishing, among others.
Next, Curricula’s suite of platform tools, including email reminders, downloads, and phishing simulations, drive security awareness and active employee engagement. As employees defend against characters like the AI hacker “DeeDee” (a villain that sends employees phishing tests), they become part of the story, learning how to defend their companies against real-world threats, in an experience Santora calls “fun and memorable.”
Finally, employers can visualize employee behavior through in-platform dashboards and downloadable reports, in order to identify ongoing risks and measure effectiveness at reducing them.
He admits there was hesitation at first from some of Curricula’s clients. “Some of our biggest customers said, ‘This feels a little cartoony,’ at first. They’ve since become our biggest advocates. They have an entirely different security culture because of Curricula.”
Santora’s desire to grow Curricula includes both staff size and clients, but he says that’s not just for entrepreneurial reasons. “If we can do a great job at expanding that portfolio of episodes, and getting those episodes into every employee across the globe, we’ll have a safer community.”
“The cyber security awareness training space has become stale and far too technical,” Joel Smith, partner at RCP Equity and co-founder of the recently acquired AppRiver, said in a statement. “What we see in Curricula is an opportunity to completely change this industry by creating a fun security awareness training experience for employees.”
In the meantime, Santora says Curricula is actively hiring. “For the Atlanta SaaS community, it’s a great opportunity to support a company with a great mission: Solve an epidemic we’re in, and teach people how to defeat the hackers.”