214-379-4200 - Business Only support@avaren.com

Cyber Security &
Phishing Awareness Training

Harden your company’s cyber-defenses with periodic security awareness training for end-users.

Internet criminals are now targeting end-users with fake vendor “phishing” emails and other deceptions.

Deliver a standardized security message to all employees.

Why Security Awareness Training?

Brief Interactive Video Courses

Short interactive video courses make “cyber-security training” easily digestible for end-users. Each course typically 5-15 minutes in length.

Ongoing training

Proactive end-user training helps ensure that your people are briefed on what the latest cyber-attacks look like; so they too can help protect the business on an ongoing basis.

Regulatory Compliance

Protect client, end-user, and company data. Ensure compliance with HIPAA, FINRA, NIST, PCI, SEC, and other training regulations.

It Works

Phishing attacks have become a common forms of computer system breach. With minimal effort companies can identify the people in their organizations that need additional cybersecurity training. Assigning brief cyber-security videos to your people can give them the computer savvy needed to help protect your organization.

You Pick the Schedule

Our SAT platform allows us to deploy content related to security training on any schedule you choose. Some customers like to do “lunch and learns”, so they can do the training together. Other customers prefer to go through the material quarterly or on their own inidividual schedules. Reports on training status (per user) is also possible. 

Customizable Phishing Campaigns

Generally it makes sense to use our pre-tested templates, but the system is customizable (beyond scheduling). We can send test phishing emails from different “senders” to vary the phishing emails your people encounter. On the back-end, the learning management system (LMS) keeps track of end-user link “clicks”, training completion, and more.

Deluxe “Phishing” Simulator

Using our mail simulator, we can send realistic phishing email simulations to end-users and monitor and report on their reactions (if any). Doing this allows us to uncover those who may need additional short training videos assigned.

Management of Contacts & Campaigns

The SAT LMS allows us to manage campaigns, contacts, email templates, the course library, as well as reports.

Report Center

End-user activity reports can be created and shared with management as needed. Identifying high risk employees beforehand helps us to keep your organization safe. Reporting for compliance purposes is also possible.

What is Security Awareness Training?

Security awareness training (SAT) is an educational process that trains end-users on matters related to cybersecurity, computing best practices, and regulatory compliance. A complete program for security awareness training should teach end-users about an assortment of general IT, cyber-security, or other business-related topics.

These topics may include: avoiding phishing and other types of social engineering cyberattacks, spotting potential malware, reporting potential security concerns, following company best practices and policies, and maintaining any applicable compliance or data privacy regulations (HIPAA, PCI DSS, NIST, etc.)

Does a Business Need Security Awareness Training (SAT)?

“Phishing” email is essentially a form of social engineering whereby an email is sent that is intended to trick an employee into thinking the sender is a legitimate employee or vendor. The unscrupulous people involved in sending these mails are generally: seeking a payoff such as stealing user credentials for an important computer system, access to additional systems (ex. banking by taking credentials out of an email folder), or monetary gain. An example of a well-executed “phishing email attack” might be an email that looks exactly that of a user’s bank or other important online system. The emails (often employing fear related tactics) will try to incite a user to click on the included link (versus a vendor’s actual website) to provide their credentials.

If an end-user does happen to click the included links in one of these bogus emails and provides cyber-criminals with their logon credentials to an email or other important system; it is safe to assume that cyber-criminals will fully use this system, extracting or encrypting the data at a minimum.

Although some may feel their employees would not be fooled by phishing email or social engineering, we see it happen more frequently than would be thought. Not only do we see it in the real-world, but we can also see it in our testing. One aspect of our SAT program is that we can send fake “phishing” email campaigns and also track their effectiveness. We can see who has clicked on the links within a phishing email and assign brief cybersecurity training videos to these end-users to help get them up to speed.

Periodic training for end-users can include:

  • Phishing email simulations to help proactively uncover “weak links”.
  • Brief videos and other content on cyber-security, protecting business data, compliance training, and IT best practices.

“By taking these proactive steps to heighten employee understanding of modern cyber-security threats, business managers can help their teams: decrease system infections, reduce help desk and outage related costs, and further secure their overall business infrastructure.”

 

AVAREN is an IT Consulting Company
Providing Computer & Network Support
Services for Dallas/Fort Worth

Example Courses

 

Our short video courses are specifically designed to help proactively prevent inadvertent end-user errors;
simultaneously enhancing the security of your business and that of your customers as well.

Cybersecurity Basics
Length: 10 min
Understanding “Phishing”
Length: 8 min
Understanding PCI DSS
Length: 20 min
GPDR: General Data Protection Regulation
Length: 20 min

Further Reading on Security Awareness Training (SAT)

Modern Computing Threats Necessitate User Training

Many businesses and non-profits invest in security systems to protect their computer systems, often purchasing solutions such as firewalls and intrusion detection systems (IDS/IPS) devices. However, too many of these organizations inadequately address the human element. Employees just like our computer systems, transfer and process important information. Since so little has been done to educate our people about modern cyber-security risks, they remain one of our weakest security “links”. Consequently, cyber criminals are now engaging end users directly with emails designed to trick them into giving away important HR, banking, and other important company information. Therefore, we must address the human element as technology spending alone cannot keep us adequately secure. AVAREN can help your organization proactively secure against these concerns with an effective Security Awareness Training (SAT) program.
Security Awareness Training helps us inform users that they are valuable targets to cyber criminals. SAT training also helps us to change end-user behavior by teaching them how to use company tech assets securely while maintaining compliance initiatives.

Interactive Security Training

Our training videos also include interactive features such as simple multiple-choice quizzes and more, which provide a hands-on approach to the learning process. This allows learners to test their computer security related skills so that when real-life situations arise, they are better equipped to employ these new skills. For more information on the types of training topics available; please see the further examples on this page.

Updated Content

One of the greatest challenges for all organizations in authoring their own SAT program is the need to keep the training updated with the latest information about new threats. There is no need to re-invent the wheel authoring your own program when our pre-designed content can be assigned to your users to complete.

Individual User Training

The training programs are broken down into short easily consumable videos (usually 5-15 minutes). The programs can be watched in groups, or if you would prefer the programs can be watched and progress tracked on an individual basis. The training videos focus on a specific grouping of security related topics. Additional support materials can provide additional communication to end-users. (Ex. When performing “phishing” testing we will usually direct those users that “click links” to informational info-graphics for further reading.

Policy, Training, and Awareness

Awareness and training work together to help end users understand why computer security policies are important. The result is a change in end-user behavior which helps to create a security-oriented mentality and culture.

Training Framework

Based on your specific needs or wishes (Basic, HIPAA, etc.) AVAREN can deploy SAT content to your users and track their progress. The content is well designed and updated regularly to ensure end-users are exposed to the latest and most valuable concepts.

To learn more, ask an AVAREN representative about how Security Awareness Training (SAT)

can improve the cyber-threat awareness capabilities of your people.

Complete Security Awareness Training

(SAT) Course Catalog

Cybersecurity Courses

Compliance Courses

Email Phishing Awareness
  • Course Description: Brief video on risks and avoidance of email phishing.
  • Ideal Use: New Hire/As Needed
  • Topics:
    • Risks of Email Phishing
    • Common Appearance of Phishing
    • Recognition of Phishing Emails
    • 5 Question Quiz
Understanding Cybersecurity
  • Course Description: Basic Security awareness and best practices employees should know to help reduce risk of data loss and malware.
  • Ideal Use: Annual/New-hire
  • Topics:
    • Email and internet Best Practices
    • Keeping PCs clean
    • Managing Passwords
    • Social Engineering & Email Phishing
    • Signs of a data breach
    • 8 Question Quiz
Physical Security
  • Course Description: Physical Security overview and how to reduce office risks.
  • Ideal Use: Annual/New Hire
  • Topics:
    • Types of Security Risks (Physical)
    • Awareness and Internal Process
    • Physical Security Best Practices
  • 5 Question Quiz
Social Media Awareness
  • Course Description: Overview of identify theft and other risks of Social Media.
  • Ideal: New Hire
  • Topics:
    • Overview of Social Media
    • Practical Tips
    • Examples of Inappropriate/Appropriate Corporate Use
    • Social Media Policy Recommendations
    • 8 Question Quiz
Email Security
  • Course Description: Inbox best practices to reduce risk.
  • Ideal Use: Annual/New Hire
  • Topics:
    • Security Risks Associated with Email
    • Protecting One’s Inbox
    • More Practical Tips
  • 5 Question Quiz
Working Securely
  • Description: Keeping your office environment safe and secure.
  • Topics:
    • Overview of Physical Security
    • Procedures for Security
    • Best Practices Regarding Visitors
    • 6 Question Quiz
Ransomware Obligations & Acts
  • Course Description: Ransomware Types: screen-lockers, scare-ware, encrypting ransomware. Laws and Prevention.
  • Ideal Use: New Hire/Reinforcement.
  • Topics:
    • Types of Ransomware
    • Backing Up Data
    • Remote Worker Best Practices
Travelers & Remote Workes
  • Course Description: Associated risks with travelers and remote workers.
  • Ideal Use: Annual/New Hire
  • Topics:
    • System Security Awareness (Remote)
    • Remote Worker Risks
    • Practical Tips
  • 5 Question Quiz
Cybersecurity Overview
  • Course Description: Cyber security overview and PC best practices.
  • Ideal Use: Annual/New hire
  • Topics:
    • Basic of Cybersecurity basics
    • Email, Malware, Passwords,Internet
    • 10 Question Quiz
Software and Websites
  • Course Description: The risks of browsing nonproductive websites and downloading software while at work.
  • Ideal Use: Annual/New-hire/Quaterly
  • Topics:
    • Non-productive website risks
    • Keeping one’s machine clean
    • Risks of download sites
  • 5 Question Quiz
Understanding Malware
  • Course Description: The basics of malware risks.
  • Ideal Use: Annual/New Hire/Quarterly
  • Topics:
    • Malware Types
    • Viruses, Trojans, Worms, Spyware
    • Infection walk-through
  • 3 Question Quiz
Ransomware Introduction
  • Course Description: Develop a more thorough understanding of cybersecurity and encryption Learn to keep company data safe and prevent malware infestations.
  • Usage: Computer Security Refresher
  • Topics:
    • Cybersecurity Intro
    • Encryption Intro
    • Protecting data and preventing attacks
Password Security
  • Course Description: Best practices for passwords. Brief overview of password managers and Multi-factor Authentication (MFA).
  • Ideal Use: New Hire
  • Topics:
    • Best Practices
    • Password/Credential Manager Use
    • Multi Factor Authentication (MFA)
  • 5 Question Quiz
Understanding Phishing
  • Course Description: Longer phishing overview on types and risks of phishing attacks. Avoidance best practices. Real-world examples.
  • Topics:
    • Phishing Types
    • Phishing Risks
    • Avoidance
  • Multi-choice Quiz
Cybercrime and Ransomware
  • Course Description: A brief overview on how cyber-criminals profit from their use of ransomware. Primary targets are businesses, hospitals, and governments in addition to individuals. A review of the 2017 “WannaCry” case.
  • Ideal Use: Annual/New Hire
  • Topics:
    • Cybercrime (Details of)
    • WannaCry Worm Attack
    • Cybercrime Avoidance
HIPAA Security & Privacy
  • Course Description: HIPAA compliance course. Includes security, privacy, and laws regarding breaches.
  • Ideal Use: Annual compliance
  • Topics:
    • HIPAA Introduction
    • Confidentiality & PHI
    • Security requirements & Privacy
    • Laws – Breach notification
  • 10 Question Quiz
PCI DSS
  • Course Description: PCI security standard basics and how to implement this understanding in the workplace.
  • Topics:
    • Who must Complay with PCI DSS?
    • Responsibilities, Terminology, & Standards
    • The Sensativity of Payment Card Information
    • Best Practices While Handling Payee Info
    • 8 Question Quiz
GDPR (Shorter)
  • Course Description: Shorter version of full GDPR course-ware.
  • Ideal Use: Refresher or initial introductory to GDPR.
  • Topics:
    • GDPR Overview 
    • Who Shall Comply
    • Which organizations Supervise Compliance
    • Securing personal data
Bribery Act
  • Course Description: Bribery Act of 2010 compliance course.
  • Topics:
    • Bribery Act Overview
    • Facts and Falsehoods Surrounding Bribery
    • Bribery Act Responsibilities
  • 4 Question Quiz
Whistle-blowing (UK)
  • Description: Whistle-blowing overview. Why it is significant. How whistle-blowers are protected.
  • Topics:
    • Defining whistle-blowing
    • Legal Protections in the UK
    • Whistle-blowing Example
    • Who Can Support Whistle-blowers
  • 7 Question Quiz
Anti-Money Laundering
  • Course Description: Defining and recognizing money laundering.
  • Topics:
    • Testing the Definition
    • Why Should Money Laundering Be Illegal?
    • Anatomy of a Money Laundering Scheme
  • 4 Question Quiz
Cybersecurity Overview
  • Course Description: Cyber security overview and PC best practices.
  • Ideal Use: Annual/New hire
  • Topics:
    • Basic of Cybersecurity basics
    • Email, Malware, Passwords,Internet
    • 10 Question Quiz
General Data Protection Regulation (GDPR)
  • Course Description: GPDR. Awareness of privacy concerns for global companies. Key concerns of organizations that operate across international boundaries.
  • Topics:
    • What is personal data
    • Necessary protections for personal data
    • Processing and handling data
  • 10 Question Quiz
Data Breach Notification
  • Course Description: Responsibilities surrounding data breaches and required notifications. 
  • Ideal Use: Annual/New hire.
  • Topics:
    • Laws Regarding Data Breach Notifications
    • Data Breach Risk
    • Notification Responsibilities
    • Data Breach Avoidance
  • 5 Question Quiz
Global Privacy and Data Protection
  • Course Description: GPDR. Awareness of privacy concerns for global companies. Key concerns of organizations that operate across international boundaries.
  • Topics:
    • What is personal data
    • Necessary protections for personal data
    • Processing and handling data
  • 10 Question Quiz
Freedom of Information Act
  • Course Description: Freedom of Information Act Compliance Course.
  • Topics:
    • Freedom of Information Act Overview
    • FOIA and what it means for your people
    • What FOIA covers
  • 10 Question Quiz
Data Protection
  • Course Description: Data privacy/protection. Course focuses on Data Protection Act compliance principles.
  • Usage: Data privacy best practices.
  • Topics:
    • Data protection
    • The Principles of Data Protection
    • Management and Classification of Data
    • Compliance with the Data Protection Act
    • 6 Question Quiz
Understanding Cybersecurity
  • Course Description: Basic Security awareness and best practices employees should know to help reduce risk of data loss and malware.
  • Ideal Use: Annual/New-hire
  • Topics:
    • Email and internet Best Practices
    • Keeping PCs clean
    • Managing Passwords
    • Social Engineering & Email Phishing
    • Signs of a data breach
    • 8 Question Quiz

Recently Added:

Ransomware Prevention
Malware and Viruses
Internet of Things
Cryptography
Breach Avoidance/Response
Cloud Computing
Network and System Audits

Microsoft Office Courses

Using Microsoft Excel
  • Microsoft Excel Basics
Using Microsoft Outlook
  • Microsoft Outlook Basics
Using Microsoft PowerPoint
  • Microsoft PowerPoint Basics
Using Microsoft Word
  • Microsoft Word Basics

Next Steps

 

AVAREN can help implement a Security Awareness Training (SAT) program for your computer users.

To get started simply call or send an e-mail to support@avaren.com

Contact Us