Cyber Threat Hunting accelerated training

Cyber Threat Hunting accelerated training

by | Feb 25, 2022 | Specialist security training

Cyber Threat Hunting

Accelerated Training

Introducing the Cyber Threat Hunting

Accelerated Training

Cyber threat hunting is a proactive, iterative, and human-centered process of finding cyber threats that are inside a network that hasn’t been caught by existing security controls. It is now possible for attackers to stay inside a network for a long time and get information and move around without anyone noticing. It’s at this point that Threat Hunting comes in to help.

Threat hunting is based on the concept of “Assumed Breach “. It helps businesses answer questions like: How do we know when we’ve been breached? What is the evidence we have for this?  And how do we use this information to improve our security?”

Using the knowledge or intelligence gained through Threat Intelligence, threat hunters can hunt down the advisories within the network and locate Indication of compromised (IoC).

Introduction to Threat Hunting

  • Cyber threat hunting definition and goals
  • Hunting for Indication of compromise (IoC) and Artifacts.
  • Cyber threat hunting methodologies and techniques

Threat Hunting Use Cases

  • Technology Review
  • Real-world Threats
  • Hunt Mission
  • Data Collection and Hunt Execution
  • Analysis
  • Refining the Hunt Mission

Hunting for The Indication of Compromise (IoC)

  • Hunting for network-based cyber threats
  • Hunting for host-based cyber threats
  • Cyber threat hunting technologies and tools

Threat Hunting Methods

  • Threat Hunting with the Mitre Framework
  • Understand how to use DEtect Tactics, Techniques & Combat Threats model
  • Combining DeTT&CT with Mitre Att&CK
  • Using Caldera to simulate threat

Who Should Attend?

  • Network security professionals
  • Incident responders.
  • Penetration testers
  • Red team members and other white hats
  • Security analysts
  • Security consultants and auditors
  • Managers wanting to create threat-hunting teams
  • Sophisticated threats are bypassing both perimeter and endpoint security.
  • Increase the speed and accuracy of incident response
  • Understand and reduce attack surface exposure / hardened network and endpoints.
  • Reduce the time an adversary dwells on the network unnoticed.
  • Detect/prevent the spread of the attack and lateral movement.
  • Collect evidence of compromise.

At the end of this workshop the participants should be able to:

  • Define Cyber Threat Hunting and explain its value to an organization
  • Understand the Threat Hunting process
  • Know the difference between Cyber Threat Intelligence and Threat Hunting and Incident Response, and they are related and can be used together
  • Learn what data to collect and where to collect it
  • Leverage both endpoint and network data for successful hunting
  • Understand how to hunt for threats in your organization’s systems and network
  • Understand the Hunting Maturity Model to measure your organization’s hunting capability
  • Learn how to find and investigate malware, phishing, lateral movement, data exfiltration, and other common threats
  • Network security professionals
  • Incident responders.
  • Penetration testers
  • Red team members and other white hats
  • Security analysts
  • Security consultants and auditors
  • Managers wanting to create threat-hunting teams
  • Basic information security concepts should be understood.
  • A working understanding of networking devices and protocols is required.
  • Exposure to network monitoring and pentesting tools and methodology

Course Registration Form

Type in your details to register for this course below.

SEC 303 Cybersecurity Simplified: for Non-Technical Users

SEC 303 Cybersecurity Simplified: for Non-Technical Users

by | Aug 24, 2021 | Specialist security training

SEC303: Cybersecurity Simplified for Non-Technical Users

 

Course Duration: 2 Days

Cybersecurity is a major concern for everyone, but it doesn’t have to be complicated

Course Introduction

This training is designed to simplify cybersecurity for non-techies. It looks at cybersecurity from a user’s perspective.  It will teach you how to protect your data on any device from anything that could breach digital security and privacy when communicating on the Internet. It is about creating and maintaining basic digital hygiene. The focus is on the actions you could take today to greatly improve your cybersecurity and protect yourself, family and business.

At the end of the training, you will understand security principles, and how to use them to implement simple security hygiene that would result in huge benefits to your digital security.

For the ease of understanding, we have treated Cybersecurity from the user’s perspectives by answering the simple question. What can I do to be safe online and manage my privacy?  The answer to this question can be divided into four main areas of cybersecurity, and privacy. These are

  • Device security
  • User account security
  • Communication security
  • Privacy

The course will teach you several security principles, and how to implement them in real life. Finally, you will get written plan to follow. The subjects covered include how to strongly improve your security by easily implementing the following:

Training Content

Password Management

Each user must manage access to tens, if not hundreds of websites today. It can be confusing and hard to manage password due to the number of passwords that need to be managed. As a result, passwords are repeatedly used on multiple sites. In cybersecurity, this is the first problem that needs to be solved. In this section you will learn how to manage all your account in a central location and properly manage your account credentials in a secure way.

Two factor authentication (2FA)

Using password only is not the strongest form of authentication. Therefore, the user of two factor Authentication (2FA) is highly encouraged. Although, this will increase your security, it creates a new challenge of managing these 2FA codes. So, it is important to know how to manage and backup these 2FA system.

Disk encryption

Disk encryption is not for spies or criminals who have something to hide. Encryption is a legitimate cybersecurity controls which can help you increase security whether you have something to hide or not. It can also help in improving your privacy by protecting confidential information on your computer.

However, encryption is not widely used by users due to the perseived complexity. Your emails, payment information, and other types of information can be protected using different forms of encryption that are easy to use. This section will teach you the types of encryptions that are available to you as part of your security measures for cybersecurity and how to implement them correctly.

System security

Proper security measures should begin with the system. You will learn to secure your system by implementing good Operating Systems security. Setup endpoint security to detect and stop possible intrusion into your system.

Browser security

The browser has become the major tool we use daily. As such, the browser is on the firing line daily from phishing attack, malware, and hackers who tries to make use of misconfigurations or bugs in the browsers to gain access to the system. It is important to choose a secure browser, but also learn to maintain it regularly. Learn to use security extensions that greatly improve your security on the internet.

Mobile security

Mobile phones are used today for everything, from simple telephone calls, and chat to Internet banking. A compromised phone is a compromise of your life. Learning to secure your phone and maintaining security all the time is a highly recommended kills to have.

Backup security

With the proliferation of phishing and ransomware attack, many people are starting to learn about the importance of good backup system. However, it is still very difficult for non-technical people to implement a backup system that could resist a ransomware attack. The goal of this section is to teach you how to implement a good backup system that could mitigate a ransomware attack.

Lock up social media

Social media is a major source of risk to cybersecurity, and online safety. Posting of too many personal information increase your exposing to cybercrime. The chance that a successful phishing attack would work on you partly depends how much information Cyber criminals can learn about you. Many of the information They need can be found on your social media posts and profiles. It is very important to learn how to secure your social media profile and stay safe online.

Email security

Email is still a major way of communicating. However, many of the old problems of email, such as spam, and phishing are still there. Although, there are lots of technologies to deal with these problems, they are not often implemented. As a result, most people are still using email unsecurely.  This section will teach you the types of security available to you to secure your email communications, and how to implement them.

Virtual Private Network (VPN) on all devices

Using a VPN will add a layer of protection to your Internet traffic, and could stop bad actors from seeing your private information. Learn to setup, and use VPN daily because it is designed to provide two things. Privacy of your communication, and confidentiality.

  • This solution provides users the ability to access a private network even though they are not physically connected to it.
  • Allow remote employees access corporate resources without compromising security and prevent information leakage.
  • Improve your online privacy on the Internet to hide web traffic from networks that are not trusted. Hide your Internet Protocol (IP) address and encrypts the data that you send over the Internet while you are connected to a VPN.
  • Provide security when you access public Wi-Fi networks at airports, cafes or hotels. Hackers often use public network to attack users of those networks.

Wi-Fi security

Wi-Fi is everywhere. Hackers are also out there to attack you on a Wi-Fi. There are many ways you can secure your Wi-Fi connection at home and when under way. This section will teach you the types of attacks that Wi-Fi networks are vulnerable to, and how to protect against them.

Network segmentation

No matter how small a network is everyone, and every device on the network are exposed to each other. If you let other people access your Wi-Fi network once, they will always have access anytime they are in the area unless you change the Wi-Fi password. Once they have access, they can also access other devices on your network even when you are not at home. This is one reason you would want to divide your network into several partitions or security zones so you can place devices in separate security zones depending on the security requirement.

Internet Safety for all

In this section you will learn how to prevent websites from tracking your every move, and how to protect everyone in your household, or your business.

  • Implement strong privacy on your browsers.
  • Setup strong traffic filtering system for the entire family and control it on your routers.
  • In this section you will learn how to use free tools to setup DNS filtering on your home or small business network to protect your privacy and reduce phishing attack and other malicious activities online.
  • Learn how to set up DNS redirection to stop all malicious site request.

IoT security

If you have security cameras, baby monitoring, smart TV’s and other smart devices then you have IoT devices. These devices are not only connected to the Internet but are constantly exposing your privacy to the internet daily. Many of these devices are not secured because there is no security inbuilt and those with security inbuilt are not properly configured. Learn about simple steps to take to secure your IoT devices and be one step ahead of the attackers.

There are different types of security measures you could implement to prevent any uninvited guests from finding you and your family. This section will give you simple steps to secure your smart gizmos or gadgets from being hacked into. It will also show you how to setup strong security measures to protect you, and your family.

Who Should Attend?

If you are a non-technical user who wants to protect yourself from hackers, this training is for you! You don’t need any prior knowledge or experience with cybersecurity to take this course. It’s designed specifically for non-technical users who want an easy way to learn the basics of cybersecurity as quickly as possible.

How To Attend

This is a 2-day training. To attend, please contact use at:

Sec 302: Preparing, Detecting And Responding To Ransomware Attack

Sec 302: Preparing, Detecting And Responding To Ransomware Attack

by | Jul 9, 2021 | Ransomware, Specialist security training

SEC 302: PREPARING, DETECTING, AND RESPONDING TO A RANSOMWARE ATTACK

A comprehensive training on how to prepare your organization to deal with the effect of a ransomware attack.

About Course SEC302  Preparing, Detecting and Responding to Ransomware Attack (4 Days) 

Ransomware is the single most serious cyber threat that organizations face today. The financial implications of cybercriminal acts are substantial, as are the monetary damages. Ransomware groups are demanding and receiving millions of dollars in ransom payments. Organizations that are unable to pay the ransom costs are left in the dark. Even if they have paid, they may still have to cope with the consequences of a data breach.

Regardless of the hazards provided by various threat actors, Ransomware may be successfully managed, and the risks of a successful assault are substantially decreased.

This four-day jam-packed technical hands-on training is intended to assist professionals understand the problem of ransomware, what they can do to mitigate it, and how they can leverage current tools and resources to prepare for an attack.

Intellfence-Cybersecurity Awareness Training Module

The Training Expectations:

Participants will be able to assess the risk posed by ransomware threat actors to their company and establish an incident response strategy to reduce the impact of an attack. The applicant will understand what mitigations to implement and how to implement them. Furthermore, each participant will be very familiar with the toolkits used by the attackers and can identify and neutralizing them.  Assembling their own tools to access, monitor, respond to, and restore operations when they are attacked.

Day 1: Introduction to Ransomware

Day one is an introduction to ransomware and a thorough overview of the various ransomware groups and their tactics. We look at the tooling this group uses and how effective they are. This will help prepare the students for the various practical exercises that will take place in the next three days.  

On the last day of training, we will go through various ransomware scenarios and how to deal with them technically. We’ll also take a look at some common mistakes that lead to organizations’ data being encrypted by these malicious programs.

Learn about Human Operated Ransomware (HumOR) and why it works so well. What are the points of entrance into your organization? How does this play a role in ransomware attacks?

Learn about Human Operated Ransomware (HumOR) and why it is so effective. We will show you the entry points into your organization for ransomware. Learn about the various types of malware and tools used by ransomware threat actors and how to detect them. What are the different strategies for protecting your organization’s data from being exfiltrated by these malicious actors?

Hackers have many different tools that they use to gain access and exfiltrate data from their networks. The most common types of attacks are phishing, malware (including ransomware), attacking a vulnerable system such as unpatched systems or those with open ports, social engineering, and brute force login attempts.

Day 2: Preparing to Respond to Ransomware

The first day includes an introduction to ransomware as well as a comprehensive discussion of the main ransomware organizations and their methods. We shall examine the tools that these organizations use and how effective they are. This will assist students in preparing for the numerous practical activities that will take place over the next three days.

We will go through numerous ransomware situations and how to deal with them technically. We will also look at some of the most prevalent errors that cause businesses’ data to be encrypted by malicious applications.

Hackers employ a variety of methods to gain access to and exfiltrate data from networks. Phishing, malware (including ransomware), targeting a weak system such as an unpatched system or one with unprotected ports, social engineering, and brute force login attempts are the most prevalent forms of assaults. Learn about the many types of malware and tools used by ransomware threat actors, as well as how to spot them. What are the various techniques for preventing dangerous applications from infecting your organization’s data?

We will investigate an integrated solution that includes anti-malware, sandboxing, and other controls aimed at controlling ransomware and other threats. We will explore an integrated solution that incorporates anti-malware, sandboxing, and other controls focused on containing ransomware and other malware. The students will learn how to:

  • Develop a ransomware mitigating plan.
  • Develop a holistic improvement of security using the tools you already have.
  • Secure all operating systems, networks, and end users?
  • Defend the endpoints devices and users
  • Use next Generation Anti-virus/Anti-malware
  • Set up a back works and restore system that works.

Email Security

  • Reduce the risk of ransomware by improving the security of your email system
  • Reduce the chance of email domain spoofing and prevent phishing attacks
  • Implement email encryption/digital signature to stop the impersonation of company staffs.
  • Have solutions in place to detect and eliminate potential attack via email.

Day 3: Monitor and Detect Ransomware Attacks

Threat actors using ransomware are not particularly covert in their activities. In a Human Operated Ransomware, a threat actor infiltrates the network and snoops about for weeks or months, learning everything it can about the organization and its network. They then begin exfiltrating data from the network before beginning data encryption. This type of behavior is highly loud, and it may be identified with adequate network monitoring and appropriate remedial action.

The second day is devoted to teaching students how to build up a system and network monitoring capabilities for detecting ransomware assaults in real time. The students will learn how to recognize attack signatures and how to respond while under assault.

Learn how to utilize network traffic capturing tools to collect and read network traffic and search for ransomware signatures.

Discover how to use SIEM, UEBA, and SOAR technologies to log, track, monitor, and respond to ransomware attacks.

Day 4: Respond, clean up and Restore after a Ransomware Attack

What should you do in the event of an attack? An assault consists of several phases. It is critical to take the appropriate action at every given stage to halt the invader. The student will learn how to execute the response that was planned during the preparation phase. The main steps are as follows:

  • Respond to the attack and end it.
  • Restore or rebuild systems from their present configuration, depending on how far the infection process has progressed.
  • Repair the system by reinstalling it and replacing any damaged components.
  • Restore data from a previous point in time.

The Audience

This is a highly technical training for IT and Security Professional

  • IT engineers
  • Information Security engineers
  • Threat Hunters
  • System Administrators
  • Security Engineers
  • Incident Response Managers

How To Attend

This is a technical 4-day training dealing solely on Ransomware.
From September 2021 we will start this training.
For more information or a quote, please contact us at: 
info@intellfence.com
                                                                                                                                                                             

Advanced Security: Stop Ransomware and Phishing Attacks before they happen

Advanced Security: Stop Ransomware and Phishing Attacks before they happen

by | Jul 7, 2021 | Ransomware, Ransomware, Specialist security training, Specialist security training

SEC301: Geavanceerde Security training:

Stop phishing & ransomware-aanval

 

Cursusduur: 2 dagen

Leer hoe u phishing en ransomware kunt stoppen en herstellen van een aanval

Cursus Introductie

Ransomware is niet langer een bedreiging, maar eerder een duidelijk en aanwezig risico voor bedrijven van elke omvang. Ransomware-aanvallen zijn de afgelopen twee jaar toegenomen. Het gevraagde losgeld is ook gestegen. Veel grote organisaties met geavanceerde IT-infrastructuur en een aanzienlijk aantal geschoold beveiligingspersoneel zijn ook geïnfiltreerd en gedwongen om miljoenen dollars/euro’s losgeld te betalen.

Dit toont aan dat, ongeacht hoe robuust uw IT-infrastructuur is, ransomware op iedereen of elke organisatie kan worden gericht. De belangrijkste redenen hiervoor zijn dat de meeste aanvallen phishing gebruiken om de payload binnen organisaties te krijgen en iedere organisatie gebruikt e-mail.

Deze tweedaagse diepgaande training is bedoeld om organisaties helpen in te zien met informatie over ransomware en te helpen bij de voorbereiding op een ransomware-aanval. Het zal organisaties kunnen helpen om te weten wat ze moeten doen als ze worden aangevallen en correct en snel reageren op de aanval.

Deze cursus gaat verder dan het standaard advies dat vaak aan organisaties wordt gegeven; het is bedoeld om beheerders en beveiligingsingenieurs te leren hoe ze meer bescherming kunnen creëren door de vele aanvalsroutes te onderzoeken en te leren hoe ze het risico van elk kunnen verminderen.

Trainingsinhoud

Ransomware Infectie Vectoren

  • Wat zijn de meest voorkomende infectievectoren die door aanvallers worden gebruikt en hoe kunt u ze tegengaan?
  • De meest voorkomende exploit kits door aanvallers gebruikt en waarom ze werken
  • Wat kunt u aan deze tools doen en hoe kunt u voorkomen dat ze uw netwerk binnenkomen?
  • De command and callback (C&C) en compromisindicatoren
  • Hoe u een Ransomware-infectie op uw netwerk kan detecteren

Ransomware Incident Response Plan:

  • De levenscyclus van een incidentrespons
  • Het maken van een strategie voor incidentrespons in het geval van een ransomware-aanval.
  • Het creëren van een ransomware reactiebeleid – betalen of niet betalen van het losgeld
  • Wat zijn de eerste cruciale maatregelen die u moet nemen als u wordt aangevallen?

Inzicht in de compromis-incidentresponsindicatoren:

  • Insluiting en detectie
  • Hoe een aanval in de vroege stadia kunt herkennen
  • Meer informatie over het stoppen van een ransomware-aanval.
  • Vernietigen en herstellen van incidenten
  • Hoe te herstellen van een ransomware geïnfecteerde computer
  • Lokale en netwerkbestanden herstellen
  • Tools en middelen voor het bestrijden van ransomware

E-mailbeveiliging

  • Verbeter de beveiliging van uw e-mailsysteem om het gevaar van ransomware te verminderen.
  • Verminder de kans op e-maildomein spoofing en phishing-pogingen.
  • Implementeer e-mailversleuteling en digitale handtekeningen om imitatie van zakelijke werknemers te voorkomen.
  • Zorg voor systemen om mogelijke e-mailbedreigingen te identificeren en te verwijderen.

Ransomware-tegenmaatregelen ontwikkelen

  • Verbeter de beveiliging van uw e-mailsysteem om het gevaar van ransomware te verminderen.
  • Verminder de kans op e-maildomein spoofing en phishing-pogingen.
  • Gebruik e-mailversleuteling/digitale handtekeningen om imitatie van bedrijfsmedewerkers te voorkomen.
  • Zorg voor de juiste systemen om mogelijke e-mailbedreigingen te identificeren en te verwijderen.
  • Ten slotte zullen we kijken naar enkele van de beste anti-ransomware technieken.
  • Welke risicobeperkende maatregelen heeft u?
  • Welke rol spelen verzekeringsmaatschappijen in de strijd tegen ransomware?
  • De beste strategieën leren te implementeren voor het beschermen van uw bedrijf tegen ransomware.
Doelgroep:

Deze cursus is bedoeld voor professionals die verantwoordelijk zijn voor het plannen, beschermen en reageren op ransomware-gebeurtenissen binnen hun organisatie. Het is bedoeld voor iedereen die geïnteresseerd is in het meer weten over ransomware en hoe dit te beperken in de organisatie. Evenals degenen die verantwoordelijk zijn voor de beveiliging van de informatiesystemen:

  • IT-managers
  • Chief Information Security Officers (CISO)
  • Informatiebeveiliging professionals
  • Systeembeheerders
  • Beveiligingsingenieurs
  • Incident Response Managers
  • Operationele managers
  • Risicomanagers

Deelnemen

Dit is een 2-daagse training. Voor deelname, kunt u contact opnemen.

Advanced Security: Stop Ransomware and Phishing Attacks before they happen

SEC 201: Stop Ransomware and Phishing Attacks before they happen

by | Jun 15, 2021 | Ransomware, Specialist security training

SEC 201: Advanced Security: Stop Phishing & Ransomware Attack

 

Course Duration: 2 days

Learn How To Stop Phishing & Ransomware And Recover From Attack.

Course Introduction

Ransomware is no longer a threat, but rather a clear and present risk to businesses of all sizes. Ransomware assaults have increased in the last two years. The ransom requested has risen as well. Many major organizations with sophisticated IT infrastructure and a significant number of skilled security personnel have also been infiltrated and forced to pay millions of dollars in ransom.

This demonstrates that, regardless of how robust your IT infrastructure is, ransomware can be directed at anybody or any organization. The major reasons for this are that most attacks employ phishing to get the payload inside organizations, and every organization uses email.

This two-day in-depth course is intended to educate organizations with information on ransomware and to assist them in preparing for a ransomware assault. It will assist organizations in knowing what to do when they are attacked and responding correctly and quickly to the assault.

This course goes beyond the standard advice given to organizations; it is intended to teach administrators and security engineers how to create greater protection by examining the many attack routes and learning how to reduce the risk provided by each.

Training Content

Ransomware Infection Vectors

  • What are the most frequent infection vectors utilized by attackers, and how can you counter them?
  • The Most Common Exploit Kits Used by Attackers and Why They Work
  • What can you do about these tools, and how can you prevent them from entering your network?
  • The Command and Callback (C&C) and Compromise Indicators
  • How to Detect a Ransomware Infection on Your Network

Ransomware Incident Response Plan:

  • The Lifecycle of an Incident Response
  • Making a strategy for incident response in the event of a ransomware attack.
  • Creating a ransomware response policy – pay or not pay the ransom
  • What are the first crucial measures you must-do if you are attacked?
  • Understanding the Compromise Incident Response Indicators:
    Containment and detection
  • How to Spot an Attack in Its Early Stages
  • Learn how to stop a ransomware assault.
  • Eradication and Recovery of Incidents
  • How to Recover from a Ransomware Infected Computer
  • Recovering Local and Network Files
  • Tools and resources for combating ransomware

Email Security

  • Improve the security of your email system to reduce the danger of ransomware.
  • Reduce the possibility of email domain spoofing and phishing attempts.
  • Implement email encryption and digital signatures to prevent impersonation of business employees.
  • Have systems in place to identify and remove possible email-based threats.

Developing Ransomware Countermeasures

  • Improve the security of your email system to reduce the danger of ransomware.
  • Reduce the possibility of email domain spoofing and phishing attempts.
  • To prevent impersonation of corporate employees, use email encryption/digital signatures.
  • Have systems in place to identify and remove possible email-based threats.
  • Finally, we will look at some of the finest anti-ransomware techniques.
  • What risk-mitigation measures do you have in place?
  • What role do insurance companies play in the fight against ransomware?
  • Learn to implement the best strategies for safeguarding your company against ransomware.
Who Should Attend?

This course is intended for professionals who are responsible for planning, protecting, and responding to ransomware events inside their organization. It is intended for anybody interested in learning more about ransomware and how to mitigate it in the organization, as well as those who are responsible and accountable for the security of information systems:

  • IT managers
  • Chief Information Security Officers (CISO)
  • Information Security professionals
  • System Administrators
  • Security Engineers
  • Incident Response Managers
  • Operational Managers
  • Risk Managers

How To Attend

This is a 2-day training. To attend, please contact use at:

How to Build Effective Cybersecurity Training and Awareness that works.

How to Build Effective Cybersecurity Training and Awareness that works.

by | May 14, 2021 | Specialist security training

How to Design and Build Effective Cybersecurity Training and Awareness Program

Intellfence BV teach and mentor professionals to develop and implement a cybersecurity training and awareness program for their organization.

Intellfence BV Home

How To Empower
Your End Users For CyberSecurity

The training covers what an organization should do to design, develop, implement, and maintain a Cybersecurity training and awareness training for user as a part of the IT security program.  It includes awareness and training needs of all users of an organization’s IT, from employees to supervisors and functional managers, to executive-level managers.

Intellfence-Cybersecurity Awareness Training Module

Content of the Training and Awareness Kit

The Cybersecurity Training and Awareness Kit contains the following aspects:

  1. Security Awareness and Training Program development Kit
  2. The Training Modules
  3. Awareness Kit
  4. Phishing Simulation Software.

The Training Content

The training is aimed at teaching

  • How to create a training and awareness program development plan.
  • Determine the priority levels of the current security topics.
  • Select Security topics for training modules
  • Assess potential training groups
  • Perform a group risk analysis.
  • Review audience groups and determine which topics need to be delivered to each group
  • Identify the unique audience groups within your organization and the threats they face.
  • Build a training program development plan.
  • Identify Metrics for Program Success Measurement
  • Select and prioritize security topics for training content.
  • Select metrics for measuring program effectiveness.
  • Execute some of the low-hanging fruit initiatives for collecting metrics: e.g. create a knowledge test, feedback survey, or gamification guide.
  • Discuss potential delivery mechanisms for training, including the purchase and use of a vendor.
  • If selecting a vendor, review vendor selection criteria and discuss potential vendor options.
  • If creating content in-house, review and select available
  • Build training modules.
  • Create an ongoing training schedule.
  • Define and document your end users’ responsibilities towards their security.

The Training Deliverables

At the end of the training/workshop the participants will be able to do the following:

  1. Customized development plan for the program.
  2. Tool for tracking metrics.
  3. Customized knowledge quiz ready for distribution.
  4. Customized feedback survey for training.
  5. Gamification program outline.
  6. Risk profile for each identified audience group.
  7. Priority scores for all training topics.
  8. List of relevant security topics for each identified audience group.
  9. Vendor assessment tool and shortlist.
  10. Customized security training presentations.
  11. Training schedule.
  12. Security job description template.
  13. End-user training policy.

The Training Modules

The Toolkit contains training materials to get you started on remote training and awareness.

  • Training Materials – Phishing
  • Training Materials – Incident Response
  • Training Materials – Cyberattacks
  • Training Materials – Web Usage
  • Training Materials – Physical Computer Security
  • Training Materials – Passwords
  • Training Materials – Security for Remote workers
  • Training Materials – Social Engineering
  • Training Materials – Email Templates
  • Training Materials – Mobile device Security
  • Training Materials – Password Management

Security Awareness and Training Program development Kit

  • A needs assessment tool
  • End user Job description security addition template
  • Security Training Program Manual
  • Security awareness and training feedback template
  • Security Training campaign development