Tailored Security Awareness Briefings (Cyber/Physical)
With decades of experience in education and training at all levels, we can design an appropriate program for your employees that is both engaging and informative. It is important to note security has two sides, physical and cyber. Some of the basic concepts apply to both, but they become different very quickly. The most requested training programs involve email-based threats, phishing, spear phishing, ransomware, and social engineering.
“Bad” guys are extremely adept at “hacking” the human. They prey on human error, which is often times unwitting. ARRUDA Group’s training methodology attempts to change employee behavior and build a security focused culture; one in which employees understand what is at stake. This training seeks to educate employees on current Cyber Threats such as Spear Phishing, Ransomware, Business E-mail Compromise, Credential Stuffing, and Social Engineering. The solution to this problem is not purely a technical one, employee training is the best return on investment with regard to Cybersecurity spending. This class can be used as is or modified to meet your organization’s annual Cybersecurity training requirement.
Hidden Threat of Social Media
Social Media fuels Cyber Crime!!! As a society, we live our lives on Social Media and the criminals know and take full advantage of this. Learn how, terrorists, criminals, and spies, “bad guys” take the seemingly innocuous information your employees post online and use it to compromise your company’s network. Specifically, you will see how these “bad guys” are able to take this information to create infected emails or attachments that will be opened. In these instances, it does not matter how robust your IT budget is, because the offender has totally bypassed it.
Social Media Vulnerability Assessment (SMVA)
ARRUDA Group will analyze your organization’s Internet presence, including employee Social Media, through the lens of a “bad” guy. The purpose is to show how threat actors can use this information to break into your organization. The findings are assimilated into a training session for the organization. This approach has been exceptionally successful in educating employees on the threat associated with social media and email, because the content of the training is relevant to the organization. The training has resulted in a number of policy changes at different organizations. The attendee feedback is extremely positive.
Cybersecurity for the C-Suite
The first order of business in training the C-Suite and the Board of Directors is to explain the job descriptions of the Chief Technology Officer, CTO, and the Chief Information Security Officer, CISO. They are two completely different roles. One is responsible for technology and the other is responsible for information security. Their jobs may overlap in some places, but that is where it ends. The next point to illustrate is it is no longer if your network will be compromised, it is when you discover the compromise. The purpose of this training class is not to turn the C-Suite into cyber security experts, but to educate the C-Suite on the reality of the organization becoming a victim of cyber threats.
Please contact us to discuss your specific training requirements. We can design classes to meet your needs.