Do Nothing

Do Nothing approach to Security Awareness Training

We don’t really do security awareness training and rely on our technical solutions for IT security. (Firewall, spam filters, Intrusion Detection, etc.)


The Break Room

Sacurity awareness training death by powerpoint approach

We gather employees for a lunch & learn and show them in a PowerPoint what to avoid when surfing the Web, in emails from unknown sources, etc. (usually in-house created “death-by-PowerPoint” training.)


The Monthly Security Video

Monthly security awareness training video approach

We have employees view short security awareness training videos to learn how to keep the network and organization safe and secure. (e.g. SANS videos)


The Phishing Test Approach

Phishing Test approach to security awareness training

We pre-select certain groups of employees, send them a simulated phishing attack, see if they fall prey to the phishing attack, and train them if they fail. (e.g. Phishme and Wombat)


The Human Firewall Approach

Human firewall approach to security awareness training

We test everyone in the organization and find the percentage of employees who are prone to phishing attacks. Next we train everyone on all major attack vectors, and keep sending simulated phishing attacks to everyone on a very regular basis. (KnowBe4) 

Get the latest about social engineering

Subscribe to CyberheistNews