Security Awareness Categories
- Micro Learning Mini Course
- Single Topic Course
- Multi-Topic Foundational Course
- Standards, Compliance & Regulations Course
- Role-based Course
Micro Learning Mini Module
1. Social Engineering - How it works (4 min)
The more you learn about how social engineering works, the better you can defend yourself and your organization against social engineering attacks.
2. The Malware Threat (5 min)
Learn about how malware is used to steal information, destroy or lock users from data, or disrupt operations.
3. Preventing Malware (3 min)
This course acknowledges the commonplace usage of mobile devices at work and explains key vulnerabilities that users must be aware of. By mastering the information presented in this course you will be able to help defend your mobile devices from security threats.
4. Online and Targeted Social Engineering (4 min)
Social engineers may use both technical and non-technical methods in a “targeted attack,” aimed at select individuals. Attacks are tailored; therefore, they can be very difficult to recognize, making them an effective threat.
5. Protecting Against Malicious Insiders (8 min)
The threat is real. It’s taking place somewhere, right now. A malicious insider has decided to mount a cyberattack against your organization from the inside out. This malicious insider will stop at nothing to get the data they need to commit theft, fraud or sabotage. Protect your workplace by applying the strategies provided in this module.
6. Secure Use of Social Media (4 min)
Improper use of social media can also expose you to a wide range of security and privacy issues, malicious software, and scams.
7. In-Person Social Engineering (4 min)
Social engineering attacks can often occur in person. In-person social engineers will use information obtained both online and offline, along with lies and manipulation, to gain access to your systems and facilities.
8. Ransomware: How to Defend Yourself (4 min)
Ransomware is a type of malicious software used by hackers to encrypt files and other functions from a user until the victim pays a “ransom.” This form of cyberattack has become one of the most used and most costly threat to businesses and individuals alike.
9. Social Media Best Practices (4 min)
When posting a comment, file, image, or video to social media platforms, you never know who will see it. Whatever you choose to express can be quickly copied and spread without your knowledge.
10. Outwitting Internet Phishers (7 min)
Phishers will typically send fake emails that appear to come from someone you trust, such as a bank, credit card company, or popular website. The email may ask you to “confirm your account details” and direct you to a website that looks just like the real website, but whose sole purpose is stealing your information.
11. Social Engineering - Countermeasures & Incident Response (4 min)
Understanding what to do in the event of a social engineering attack can be just as important as prevention. Utilizing effective countermeasures and incident response procedures will help you to avoid falling prey to social engineers.
12. Protecting Kids From Cyberbullying (4 min)
Cyberbullies use electronic communications to torment others with an onslaught of teasing, humiliation, and threats with the intent to do harm. According to research, cyberbullying may be a preferred attack method due to the perceived anonymity of the internet. Help prevent cyberbullying by applying the recommendations presented in this module.
13. Protecting Mobile Data and Devices (4 min)
Learn how smartphones and tablets are exposed to many of the same risks as desktop computers. This course provides an overview of these risks as today’s mobile devices can not only act as a phone, but also as an email client, mobile internet device, camera, GPS navigation system, entertainment console, and platform for any number of applications (apps).
14. Additional Best Practices for Mobile Devices (4 min)
Today mobile devices are exposed to many of the same risks as desktop computers. This course provides an in-depth understanding into how today’s smartphones and tablets can not only act as a phone, but also as an email client, mobile internet device, camera, GPS navigation system, entertainment console, and platform for any number of applications (apps).
15. Outwitting Spear Phishers (4 min)
Whereas internet phishers target a wide audience by sending fake emails to any address they can find, spear phishers target a select group, or a few individuals, with a highly tailored message. This method is much harder to counter because the email messages can seem so authentic.
16. An Introduction to Insider Threats (7 min)
Across the globe, organizations spend countless hours working to keep sensitive data out of the hands of cybercriminals. This task has become even more difficult to manage due to an increasing number of data compromises that stem from insider threats. Internal threats can be successfully addressed using the strategies shared in this module.
Single Topic Course
17. Email and Instant Messaging Security (11 min)
Email and instant messaging (IM) are essential communication tools that most people use just about every day. They’re incredibly useful applications because they allow you to quickly and efficiently exchange messages and files with just about anyone else in the world. However, it’s a two-way street, meaning that since you can connect with anyone online, anyone else, including hackers and cybercriminals, can connect with you.
18. Defeating Social Engineers – Advanced (10-15 min)
End users have what a hacker wants – a computer that’s behind the network firewall, a network username and password, and possibly access to trade secrets, confidential information, and bank accounts. This course will teach end users how to identify and avoid giving away sensitive information to these hackers.
19. Incident Reporting (7 min)
Reporting incidents of suspicious activity and the loss of assets or sensitive information is extremely important. In this module, employees will learn about common physical and information security incidents that should be reported and how to report them.
20. Password Security (15 min)
Passwords are the keys to our digital lives and protect us from hackers and cybercriminals, but how exactly could a hacker crack your password and what can you do to protect it? This course shows the tactics hackers use to compromise accounts and the password security best practices that can help prevent that from happening.
21. “Internet of Things” & Home Security (10 min)
Almost anything can be made into a “smart” device, such as security cameras and sensors, TVs, garage door openers, door locks, wearable devices, pacemakers, and even cars. These devices are what we refer to as the “Internet of Things” (IoT), which holds the promise of adding a whole new level of convenience and connectedness to everyday life. Having that many new, connected computing devices, most of which record activity, presents new challenges for security and privacy.
22. Cloud Security (9 min)
Cloud-based services offer incredible convenience and can help people be more productive, especially while on the go. But they also create new security challenges, because the security of any information stored on the cloud is only as good as the security of the service provider who holds it. This course uses high-quality video and real-world simulations to teach best practices for cloud security.
23. Appropriate Use of Social Media (14 min)
Social media can be an excellent tool to connect and interact with customers, show thought leadership, and build a brand, but it also poses unique security, HR, and public relations challenges. This course covers social media best practices.
24. Phishing (12 min)
Because today’s computers and networks are heavily defended from a direct assault, hackers are now much more likely target end-users when trying to break in. This course teaches best practices for recognizing and preventing both phishing and spear-phishing attacks.
25. Protecting Mobile Devices and Data (8 min)
Because today’s smartphones and tablets can not only act as a phone, but also as an email client, mobile Internet device, camera, GPS navigation system, entertainment console, and platform for any number of applications (apps), they can be exposed to many of the same risks as a desktop computer.
26. Physical Security (10 min)
Your personal safety at work is of paramount importance. This course is designed to teach employees how to protect an organization from criminals, espionage, workplace violence, natural disasters, and other threats.
27. Security Awareness for the Home (7 min)
Threats to our home network can quickly turn into threats to our workplace infrastructure and vice-versa. To combat against threats on all fronts, we must learn to practice safe computing habits both in the home and in the workplace. Participants will learn techniques to develop a regime of security-conscience behavior that will help keep important data safe from cybercriminals.
28. Working Remotely (12 min)
Mobile computing devices like laptops, smartphones, and tablets can be found everywhere – at home, in the office, and everywhere in between. These devices, combined with high speed wireless connections, make working remotely easier than ever. However, working outside of a company’s secured facilities expose an organization’s physical and information assets to additional threats.
Multi-Topic Foundational Course
29. Security Awareness – A Day In The Life (65-75 min)
In this highly interactive course, learners will explore key information security concepts, examine threats and how to counter them, and review safe computing habits that can be applied at home and in the workplace. Key Topics: password management, viruses and malware, mobile data, physical security, social engineering, phishers, acceptable use policies, incident response, security services, risk management, network eavesdropping, encryption, malware, backups, protecting your home computer, and identity theft.
30. Security Awareness - Strongest Link (50-60 min)
Employees will master the fundamentals of information security including key principles, concepts, vulnerabilities, threats and how to counter them. Key Topics: password management, viruses and malware, mobile data, physical security, social engineering, phishers, acceptable use policies, incident response, security services, risk management, network eavesdropping, encryption, malware, backups, protecting your home computer, identity theft, privacy and legal issues.
31. Security Awareness - Human Firewall (70 min)
One course that covers every topic required by major standards and regulations. Key Topics: password management, viruses and malware, mobile data, physical security, social engineering, phishers, acceptable use policies, incident response, security services, risk management, network eavesdropping, encryption, malware, backups, protecting your home computer, identity theft, privacy and legal issues.
32. Security Awareness – A Day In The Life (65-75 min)
In this highly interactive course, learners will explore key information security concepts, examine threats and how to counter them, and review safe computing habits that can be applied at home and in the workplace. Key Topics: password management, viruses and malware, mobile data, physical security, social engineering, phishers, acceptable use policies, incident response, security services, risk management, network eavesdropping, encryption, malware, backups, protecting your home computer, and identity theft.
33. Security Awareness Essentials (35 min)
Employees will master the fundamentals of information security including key threats and how to counter them. Key Topics: password management, identity theft, malware, social engineering, phishing, physical security, travel safety, mobile data, privacy and acceptable use.
Standards, Compliance & Regulations
34. Privacy and Data Protection (30 min)
Protecting customer, organization, and employee private data is not just a core organizational value, it’s the law. This HTML5-based, iPad-compatible course will help employees understand what information is private, why it is private, and what they can do to protect it throughout the data lifecycle, which is the life of a piece of information, whether in paper or digital format, from creation to destruction within an organization.
35. PCI Requirements Overview for IT Professionals - DSS 3.2 (40 min)
The Payment Card Industry (PCI) Data Security Standard is a set of security standards that were created by the major credit card companies (American Express, Discover Financial Services, JCB, MasterCard Worldwide, and Visa International) to protect customers from increasing identity theft and security breaches. Every company that accepts, processes, or stores credit card information is required to comply with these standards. This course teaches I.T. professionals what PCI DSS is, how it affects your organization, how to comply with the 12 requirements and the best practices that front-line staff should follow to protect cardholder data and detect and prevent fraud.
36. PCI Essentials for Account Data Handlers and Supervisors - DSS 3.2 (25 min)
The Payment Card Industry (PCI) Data Security Standard is a set of security standards that were created by the major credit card companies (American Express, Discover Financial Services, JCB, MasterCard Worldwide, and Visa International) to protect customers from increasing identity theft and security breaches. Every company that accepts, processes, or stores credit card information is required to comply with these standards. This course teaches employees and supervisors what PCI DSS is, how it affects your organization and the best practices they should follow to protect cardholder data and detect and prevent fraud.
37. Data and Records Retention (35 min)
Data in electronic and hard copy format within organizations is growing at a rate of about 125% per year and yet only 20% of that data is actually used to conduct business. Managing all of that data can become an administrative nightmare for you and the organization as a whole. This is especially true when litigation is pending and we must sift through all of our records to find certain pieces of data. This course will help you understand how to comply with the many laws, regulations, policies, and best practices that govern how long certain kinds of data should be kept and how and when to dispose of that data properly.
38. Privacy and Data Protection (30 min)
Protecting customer, organization, and employee private data is not just a core organizational value, it’s the law. This HTML5-based, iPad-compatible course will help employees understand what information is private, why it is private, and what they can do to protect it throughout the data lifecycle, which is the life of a piece of information, whether in paper or digital format, from creation to destruction within an organization.
Role-Based Course
39. OWASP Top 10 Web Application Vulnerabilities Course (20 min)
The Open Web Application Security Project (OWASP) is a global community focused on improving the security of web application software. The OWASP Top Ten list is highly respected and has been adopted by, among other organizations, the Payment Card Industry (PCI) Security Standards Council.