Information Security & Privacy Awareness Program

Format: On-Demand (OD)
Prerequisites: None
Language Options: Arabic, Spanish, French-Canadian 

Information Security Awareness

Our Information Security and Privacy Awareness training curriculum is comprised of a series of courses designed for all staff.

These highly interactive and scenario-based educational courses equip employees to recognize the value of different types of information; to understand the scope, nature and origin of the diverse risks to such information; and to behave proactively to protect sensitive information and incorporate information security best practices in their everyday work. Each course combines instruction with highly interactive games and comes with a suite of complementary communications materials, designed to enhance the learning process.

Our information security awareness training courses include:

Email Security

Email security is about much more than a spam filter. In this course, learners will be taught to distinguish sensitive information from public, discern what is safe to send over email, recognize the common threats of the email platform, and learn best practices around how and when to use email and encryption tools to send specific types of information.

Malware Awareness

In this course, learners will be introduced to the goals of malware, the many types of malware, and most importantly, how to prevent malware infection both at work and at home.

Mobile Security

In this course, learners will be introduced to the unique nature of mobile devices, the ways in which data can be leaked or lost, and the challenges that arise when the line of what is corporate and what is personal is blurred (including an exploration of “Bring Your Own Device” or BYOD). This course will look at mobile device security from a number of platforms.

Password Security

Learners will recognize the risks surrounding password security, identify safeguards used to protect passwords, and summarize techniques used by attackers to obtain passwords. In an interactive exercise, users will learn how to create and remember strong passwords, eliminating the need to turn to insecure practices.

PCI Compliance

In this course, learners will follow the PCI Security Standards in order to understand how to identify different types of sensitive data and handle it properly. Learners will be introduced to the risks associated with improper data management and given an understanding how to safely handle, transmit and store sensitive information.

Phishing Awareness

In this course, learners will learn how to recognize malicious email before it can become a threat, understand the various ways in which attackers try to trick and entice users to trigger malicious events through email, and best practices to properly handle and avoid phishing attacks.

Physical Security

Physical security remains an important level of protection against technological threats. In this course, learners are taught accepted practices for minimizing breaches as well as how to identify different types of data that may be exposed by infiltration and hardware theft.

Social Engineering Awareness

In this course, learners will identify the many forms of social engineering and its potential impacts, identify techniques used by social engineers and understand how to establish validity of requests in order to perform daily business functions in light a social engineering attack.

Travel Security

With the amount of data we are able to carry around in devices as small as a pack of gum, travel security is more important than ever. This course introduces students to the risks associated with transporting sensitive data, offers guidance around how to travel safely with sensitive information and when to leave it at home, and examines the importance of maintaining personal security while traveling.

More titles are scheduled for development as part of this curriculum, including but not limited to Social Media Security; Data Privacy; and Data Classification, Handling and Destruction.