Security Awareness Training 

Security Awareness Training 

Technology alone cannot defend against malware, viruses, and social engineering attacks. If you hold information of commercial interest and sufficient value for others, eventually someone will hire a hacker to attempt to obtain it. Your employees are key to defending against these attacks. 

As you may be aware, many large organisations have experienced breaches and the loss of important data. Indeed, we forensically investigate around a third of all credit card data breaches in the UK, on behalf of the card brands. 

Why traditional ‘corporate security’ training falls short 

In our experience, simply teaching staff about ‘corporate security’ is ineffective; it is seen as a task for the business, not the individual. Instead, we teach people about securing their personal lives, as the same principles apply to protecting themselves as to protecting the business. This ensures staff pay attention and retain the information.  

Social networks and social engineering 

Social networks are a common source of information used to compromise a business, yet they are under the control of the individual. The result is that the business benefits from increased security awareness by their staff.  

Most high profile hacks and data losses now involve a degree of social engineering.  Most security environments have to be worked around through theft of passwords and personnel information in order to achieve a compromise.  

Your employees can be manipulated into volunteering passwords and corporate information that can enable a hacker to compromise your network.  Even without direct contact with the employee, information is inadvertently leaked via the internet, in particular social networking sites.  

Your employees are the best defence against social engineering attempts, whether they occur online or in person. 

Who is it for?   

Awareness training is for anyone and everyone in your organisation, from receptionists to CEOs. It doesn’t require any advanced technical knowledge, although general familiarity with the internet and computers is important.

The sessions include:

• live hacking demos, showing how easy it is to steal information from users that haven’t paid attention to security. 
• A ‘cheat sheet’ will be circulated after the training with detailed explanations showing how to secure users social network profiles, mobile devices, and home computers and avoid scams at work. 
• Social network information disclosure and corporate/personal data theft  
• Phishing scams: what to look for and what to do about them  
• Wireless network security  
• Mobile phone and tablet security  
• Tips and tricks for securing home PCs  
• Social engineering: how to spot these scams  
• Internet of Things security  
• Creating a strong password that’s easy to remember  
• As a result of the training sessions, your employees will be much better prepared to defend the business from motivated attackers, such as those trying to steal intellectual property.   

Can you record it? 

Yes! We recommend that, if possible, you record one or more of the sessions for ‘internal use only’ to add to your training resources.