<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

Course Overview

The 2-day Security Awareness class for Information Workers and 2-day Security Awareness class for Information Technology workers use the same principle materials but are delivered at different technical levels. 

Information Workers are defined as any employees that use the organization’s IT resources. These users are often referred to as “end users” or “power users”, along with their managers and organization officers.

Information Technology Workers are defined as employees that have technical experience in some discipline such as database administration, network administration, developers, etc.

No two organizations are the same and in order for security awareness training to be effective, it must be flexible and not rely on a cookie cutter approach. To allow a flexible, non-cookie-cutter approach to security awareness training, this course uses a menu of cybersecurity topics and case studies to adapt the content to the needs of each class’ attendees. Each class incorporates not only the latest information available in the cybersecurity field but also employees scientific adult learning and neuroscience principles to not only make learning more effective but also to better combat social engineering exploits.

Security Awareness Training can be tailored to meet all major compliance standards including: HIPAA, PCI-DSS, GLBA, FISMA, NIST 800-53, ISO/IEC 27002, Red Flags, NERC CIP, CobiT, GDPR and U.S. State Privacy Laws.

Duration: 2 Day Course (12 Hours)

Prerequisites: To ensure your success in Information Workers version of this security awareness class, you should possess basic computer user skills and a fundamental understanding of computer and internet concepts, such as how to use a web browser and email.

For the Information Worker version of this security awareness class, CompTIA A+ and Network+ certifications, or equivalent knowledge, and six to nine months experience in networking, including configuring security parameters, are helpful but not required.

Price: $450-$900*

* Quantity discounts available upon request

Schedule a Call


Who Should Attend

This course is intended for both novice and experienced IT professionals, network administrators, help desk personnel, network support personnel, desktop support personnel, managers who oversee IT personnel and developers and any information worker using cloud products or mobile operating systems.

Course Objectives:

Upon successful completion of this course, students will be able to:
  • Understand the concept of Security Awareness and how it can be practiced with personal accounts as well as at work
  • Recognize the underlying forms of attacks common to all social engineering exploits
  • Become fluent with mobile device usage that reduces personal and organizational exposure to exploits
  • Understand and implement secure methods of authentication through the use of good log-on policies
  • Effectively execute compliance practices with a full buy-in as to why such practices are important
  • Understand and correctly use the fundamental terminology in cybersecurity

Course Agenda:

Lesson 1:  Introduction 

  • What is "Security Awareness” and what does it have to do with me

Lesson 2:  Keeping up with the Bad Guys

  • Understanding the value of security controls
  • How to stay on top of security exploits “without even trying”
  • Email and browser hygiene

Lesson 3:  Understanding Cybersecurity

  • Terminology 
  • Are humans included as part of “Defense in Depth" policy
  • Governance, Retention Policy and Metadata
  • Mitigation and Deterrents
  • Hashes and One-way Encryption
  • Single Key and Two Key Encryption
  • TCP/IP Primer and Review
  • Cyber Attacks and Exploits
  • Selected Case Studies
  • Social Engineering
  • Hoaxes

Lesson 4:  Personal Privacy and Why it is Important to Both You and Your Employer

  • Is what is good for the goose good for the farmer
  • Keeping your personal life out of work and vice versa

Lesson 5:  Cloud Migrations and Cloud Resources

  • What is “the Cloud” and how do I know if it is secure
  • Cloud data location matters
  • Who controls information in the cloud and what are my responsibilities
  • Data Encryption and Protection
  • Avoiding cloud migration failures
  • How does the Cloud provide disaster protection

Lesson 6:  PKI Fundamentals

  • What does PKI do
  • Understanding keys is the key to understanding PKI
  • What is a CA and why should I care

Lesson 7:  Managing Security Incidents

  • Keeping conflicts from making a security incident worse
  • BYOD Problems and mitigation techniques
  • Continuing your Security Education
  • Suggested Labs and Exercises

Lesson 8: Case Studies and Discussions:

  • Case Study Analysis: Social Engineering
  • Case Study Analysis: Ransomware
  • Case Study Analysis: DDOS
  • Case Study Analysis: USB Memory Sticks and removable devices
  • Case Study Analysis: Mobile applications
  • Case Study Analysis: Bluetooth scams
  • Case Study Analysis: Information leakage
  • Case Study Analysis: Wifi Exploits
  • Case Study Analysis: Evil Twins
  • Case Study Analysis: Signs of fake and real malware infection
  • Case Study Analysis: When and how to get help
  • Case Study Analysis: Ghostbusters, getting effective cybersecurity responses 
  • Case Study Analysis: Do click through and attachment opening rates really rate security awareness
  • Case Study Analysis: Why are employees going around security controls
  • Case Study Analysis: Cloud security exploitations and breaches

Hands-On Labs