"People will always be the weakest link."
"You can’t fix human nature."
"Hackers will always find a way in."
That’s what the security industry keeps saying. But it’s wrong.
We built skyscrapers. We put a man on the moon. We can figure out how not to click a suspicious link.
And yet, security awareness training today feels like it was built in 1999:
- 45-minute compliance videos that no one actually watches.
- Dry, outdated slides that feel more like “death by powerpoint”.
- Simple reading quizzes that could give the SAT a run for its money
Is it any wonder that employees check out?
We wouldn’t tolerate this level of mediocrity anywhere else. So why do we settle when it comes to the one factor responsible for nearly 70% of breaches — human error?
CISOs tell us they feel stuck. Training isn’t working. AI is making attacks smarter and more scalable than ever. And the shift to remote work has exponentially expanded the number of tools and locations hackers can attack.
We’re at an inflection point. The traditional approach to security awareness isn’t just outdated—it’s actively harmful.
That’s why we built Anagram.
Anagram is a new kind of cybersecurity training—one built for how people actually learn.
We looked at what actually engages people and helps them to learn – think: TikTok, Duolingo, Khan Academy – and applied those tactics to security training.
Instead of passive, forgettable training, we built our system using puzzles: super-short, interactive exercises that force users to think critically.
- Customizable to match company policies.
- Role-specific for targeted, relevant training.
- Engaging and fast, treating employees like adults.
And it works.
Since our early launch, we’ve partnered with over 30 customers, including several Fortune 500 companies. Our training has reached over half a million employees, helping enterprise security teams cut phishing click rates in half, increase incident report rates by 5x, and turn employees into the strongest part of their security strategy.
I’m thrilled to announce our official launch with a $10 million Series A led by Madrona with participation from General Catalyst, Bloomberg Beta, operator partners, and Secure Octane. We’re also lucky to count among our investors and advisers CISOs and security leaders with experience from MongoDB, McDonalds, Nestle, T-Mobile, Levi Strauss, and Bloomberg LP.
And we’re just getting started. Beyond our core training platform, we’re building:
- An AI-powered “security agent” that provides context-aware, real-time “nudges” that meet employees where they are, helping them make smarter decisions in the moment.
- Smarter phishing simulations, individualized and tailored by role, geography, and ability level, so teams can test and train employees without the guesswork.
If you’re ready for a smarter, more effective approach to human security, let’s talk.
