Cyber Security Awareness Training
An Integral Part of Your Corporate Security Program
While a comprehensive cyber security awareness course should be an integral part of your corporate security program, many businesses overlook the opportunity to tell their employees how to assist with protecting corporate data. Security awareness training is your company’s first line of defense to protect its valuable corporate assets.
” … lack of time and staffing were the top reported challenges facing awareness professionals. Over 75% of security awareness professionals spend less than half their time on awareness.”
– SANS Security Awareness Report
Most cyber attacks exploit weak or stolen employee credentials; your employees are the stewards of your critical data and information assets and, with proper cyber security awareness information and training, corporations can enlist the assistance of all employees to mitigate risks.
Benefits of an effective information security awareness training program include:
- Compliance.
Many regulations and standards, such as the Payment Card Industry Data Security Standard (PCI DSS) 12.6, require implementation of a security awareness program in order to achieve compliance. - Executive Management Support.
Support from executive management creates a holistic message throughout an organization and facilitates information security awareness and acceptance from all employees regarding security policies and procedures. - Common Security Language.
A cyber awareness course gives you the opportunity to identify consistent terms and language for all employees in words that are relevant and appropriate for their roles, environment and corporate culture — from operations and IT to human resources and other functions. - Risk Management
Identification of risk allows for the recognition of vulnerabilities, and treatment of risk minimizes exposure to cyber security threats and reduces liability.
Typical categories covered in cyber security awareness training include, but are not limited to:
- People
- Privacy
- Social Media
- Social Engineering
- Insider Threat
- Process
- Laws and Regulations
- Policies & Procedures
- Physical Security
- Incident Response
- Password
- Outside the Office/Travel
- Technology
- Malware
- Email/Instant Messaging
- Websites
- Mobile Device
- Phishing
- Spear-phishing
- Whaling
- Cloud
- Home Network
- Ransomware
Whether via hosted eLearning coursework or a fully customized cyber security awareness training program, HALOCK’s learning specialists will guide you to the solution that best fits your needs.
The framework of the cyber security awareness information training is “scenario-based” where attendees will be provided with Cyber Rules & Safe Practices for common scenarios attendees will find themselves in. Periodic Knowledge Checks engages participation with attendees.
Common Custom Training Scenarios
Each of these is broken down to the Prevalent Attacks for each
scenario, then Cyber Rules and Safe Practices will be discussed for
each, as well as introducing various Concepts and showing attack
Case Studies.
Scenarios
- Unknown/Fraud Phone Call
- Surfing the Web
- Using Social Media
- Emailing
- Out of the home/office (and using Wi-Fi)
- On Mobile Phone
- Ensuring compliance
- Working with money/Wire Transfers
- Accessing online accounts
- Using phone and web applications
- Setting up your home network
Common Cyber Attacks Discussed
- Social Engineering
- Drive-By-Download
- Malware/Adware/Spyware
- Ransomware/Scareware
- Phishing/Spear-Phishing/Smishing/Whaling
- Extortion/Theft
- Traffic Capture (Wi-Fi Eavesdropping)
- Rogue Wi-Fi (Evil Twin)
- ARP Poisoning (Man in the Middle)
- Insider Threat
- Cyber Security Incidents
- Business Email Compromise (BEC)
- Password Attacks
Concepts Reviewed
- Data Classification Categories
- Attack Approaches
- Virtual Private Network (VPN)
- Cyber Security Incident Examples
- Multi-Factor Authentication (MFA)
- Using Authenticators for MFA
KEEPING YOU INFORMED – HALOCK SECURITY BRIEFING FOR CLIENTS
The HALOCK Security Briefing is a review of significant events, trends, and movements that will influence how you manage cybersecurity, risk, and compliance. Our clients receive periodic overviews with an extensive report file on the topics discussed. This insightful document also includes reference links throughout the report for easy navigation and deeper research.
HALOCK Breach Bulletins
Read HALOCK overviews and analyses about recent data breaches to understand what are common threats and attacks that may impact your organization – featuring description, indicators of compromise (IoC), containment, and prevention.
HALOCK is a trusted risk management and cybersecurity firm headquartered in Schaumburg, IL, in the Chicago area.