Whilst securing a network and installing a firewall or malware protection can secure the perimeter of the network, staff awareness is critical to the successful implementation of information security.
We offer training across the full spectrum of information security awareness, implementation and management. Our training sessions can be delivered in line with the bespoke requirements of our clients to ensure that your staff receives high quality, focussed instruction, delivered by Information Security Professionals with an established reputation for quality.
Our Security Awareness courses include topics such as email security, phishing, ransomware, attachments, malicious hyperlinks and the correct use of IT equipment (USB policies, personal devices and using a guest network).
The training we provide are highly interactive and focus on the specific risks and threats to your organisation. We include live interactive quizzes, real life examples and focused breakout sessions.
The training can be linked directly to the success of the phishing campaign. We would provide some examples and discuss the tactics used by malicious actors along with the mitigation strategies that could be employed. These sessions would include two round table breakout sessions were the theories would be explored by the attendees and opened to discussion.
We work through risk assessments and cognitive biases. We explain why, as a species, we make poor decisions, we provide examples and get the attendees to interactively estimate the risks. We then see what the actual calculated risks are and explain the differences. The purpose is to demonstrate that through our own cognitive biases what we perceive as low risk and low impact can often be entirely different.
Following on from this we go through technical risks, we build a list of technical risks specific to the organisation and provide real life examples of how these risks can affect individuals and the organisation and what can be done to help prevent or reduce them. Finally, we will discuss actual phishing and social engineering compromises, both ones used in actual breaches and those we have performed successfully in red team tests. We bring together how the cognitive biases and technical strategies previously discussed are exploited to compromise one of the easiest hacking targets of all, us.
- All members of staff
- Understanding that cybersecurity is a serious risk
- Willingness to learn new skills
- Decision biases
- Risk assessments
- Phishing techniques
- Physical access techniques
- How malware is delivered
- Credential harvesting
- Tools to protect users
- Safe internet use
- Online & mobile banking