Awareness programmes

People-centric security

We make not just an awareness program. We train practical security skills. We instil a security culture and foster secure thinking and behaviour. We periodically measure our performance with social engineering penetration tests.

Our features in security awareness and user behaviour management:

	High-quality teaching Trainers with experience in teaching IT and corporate security since 2000.
	Captivating materials We actively use multimedia and interactive tools, develop fascinating educational films, animations, etc.
	Reduced maintenance effort Automated management of notifications, as well as reminders and escalations, relieves you of the burden of manual event management.
	Effective feedback and KPIs Testing the effectiveness of the program using socio-technical penetration tests.

Awareness methods and components:

1. Instructing about security rules during interviews before hiring.
2. Signing commitments (security policy, code of ethics, non-disclosure agreement, personal data, copyright, etc.).
3. Security responsibilities in job descriptions and security briefings by line managers when introducing a new employee.
4. Face-to-face and online training, as well as probation testing. Successful testing is a condition for passing the probationary period.
5. Regular testing of personnel (every 1, 2 or 3 years).
6. Training and workshops for selected user groups (managers, accountants, software developers, marketing and sales, PR, etc.).
7. Training and workshops on selected relevant topics for anyone interested (PCI DSS, blockchain, secure software development, SDLC, penetration testing, Risk Management, BCM, Operations Security, Incident Management, etc.).
8. Automatic tracking system for training and testing, with reminders, escalations, and calculation of statistics for departments.
9. Information security blog.
10. Notifying by e-mail: follow-ups on incidents in the company and in the world, warnings about major vulnerabilities, security rules, disciplinary measures, etc.
11. Groups in messengers. Duplicate mailing lists and small notifications.
12. Handouts (booklets, brochures, etc.).
13. Posters on walls, doors, dining rooms, toilets, etc.
14. Electronic posters (banners) on corporate intranet websites. Replacement of website ads with the posters, using the anti-banner filter on the corporate proxy server.
15. Security research community. Discussing security issues online and offline in a select group.
16. Training of project team members about the customers’ security specifics.
17. Training for customers, suppliers, and partners.
18. Polls. Receiving and analyzing user feedback.
19. Games, contests, competitions.
20. Taking into account the comments of the Incident Response Committee during regular performance appraisals and estimations of career growth.
21. Proactive Security Awareness. Friendly, corporate-style warning tips that are generated in real-time before the users try to take a potentially dangerous action (opening a website, attachments, etc.).

Check out our additional services and business cases. Send the form below to request the awareness programme. Get a free consultation.