Information Security & Privacy Awareness Program
Format: On-Demand (OD)
Language Options: Arabic, Spanish, French-Canadian
Our Information Security and Privacy Awareness training curriculum is comprised of a series of modules designed for all staff.
These highly interactive and scenario-based educational modules equip employees to recognize the value of different types of information; to understand the scope, nature and origin of the diverse risks to such information; and to behave proactively to protect sensitive information and incorporate information security best practices in their everyday work. Each module combines instruction with highly interactive games and comes with a suite of complementary communications materials, designed to enhance the learning process.
Our information security awareness training modules include:
Email security is about much more than a spam filter. In this module, learners will be taught to distinguish sensitive information from public, discern what is safe to send over email, recognize the common threats of the email platform, and learn best practices around how and when to use email and encryption tools to send specific types of information.
In this module, learners will be introduced to the goals of malware, the many types of malware, and most importantly, how to prevent malware infection both at work and at home.
In this module, learners will be introduced to the unique nature of mobile devices, the ways in which data can be leaked or lost, and the challenges that arise when the line of what is corporate and what is personal is blurred (including an exploration of “Bring Your Own Device” or BYOD). This course will look at mobile device security from a number of platforms.
Learners will recognize the risks surrounding password security, identify safeguards used to protect passwords, and summarize techniques used by attackers to obtain passwords. In an interactive exercise, users will learn how to create and remember strong passwords, eliminating the need to turn to insecure practices.
In this module, learners will follow the PCI Security Standards in order to understand how to identify different types of sensitive data and handle it properly. Learners will be introduced to the risks associated with improper data management and given an understanding how to safely handle, transmit and store sensitive information.
In this module, learners will learn how to recognize malicious email before it can become a threat, understand the various ways in which attackers try to trick and entice users to trigger malicious events through email, and best practices to properly handle and avoid phishing attacks.
Physical security remains an important level of protection against technological threats. In this module, learners are taught accepted practices for minimizing breaches as well as how to identify different types of data that may be exposed by infiltration and hardware theft.
Social Engineering Awareness
In this module, learners will identify the many forms of social engineering and its potential impacts, identify techniques used by social engineers and understand how to establish validity of requests in order to perform daily business functions in light a social engineering attack.
With the amount of data we are able to carry around in devices as small as a pack of gum, travel security is more important than ever. This module introduces students to the risks associated with transporting sensitive data, offers guidance around how to travel safely with sensitive information and when to leave it at home, and examines the importance of maintaining personal security while traveling.
More titles are scheduled for development as part of this curriculum, including but not limited to Social Media Security; Data Privacy; and Data Classification, Handling and Destruction.