Cybersecurity Awareness and Data Privacy Training
- Interactive, online training for employees on information security and data privacy
- Learn how to avoid cyber schemes and comply with data privacy laws
- Practical guidance on email, internet, physical, and password security practices
- Take on computer, tablet, or phone
Book Demo Now
In this interactive online training, employees learn how to protect confidential information from accidental disclosure or theft by bad actors. Among other things, employees learn about:
- The legal requirements for data privacy
- How to identify which information is confidential
- Common schemes that criminals use to access our technology systems and our confidential information
- Best practices for email, internet, physical, and password security, and
- How to report a potential data breach
At some point, nearly every organization will become a victim of a cybersecurity or information security attack. And according to the FBI, since the beginning of the COVID-19 crisis, there has been a 300% increase in cybercrimes.
Cybersecurity attacks can be incredibly costly. For example, Barbara Corcoran, one of the hosts of the TV show, “Shark Tank,” fell for a $400,000 “phishing” scam. Hackers sent Ms. Corcoran an email that appeared to come from her assistant and included an invoice. While Ms. Corcoran thought she was paying a contractor’s invoice, in reality, she wired $400,000 to a cybercriminal’s overseas bank account.
In addition to tricking employees into making fraudulent payments, criminals also attempt to gain access to organizations’ trade secrets and other proprietary information and the confidential information organizations maintain on their employees, customers, and vendors. These data breach incidents can be incredibly costly, harm organizations’ reputations, and lead to litigation.
While your organization may have implemented a firewall and antivirus software, more than 90% of data breaches are caused by human error, such as an employee clicking on a link in a suspicious email or falling for a “social engineering” scam. To prevent information security attacks, you must train your employees on how to recognize and report them.
Some states have passed “safe harbor” laws that provide an “affirmative defense” to data breach lawsuits for employers that implement robust cybersecurity programs that include employee training.
Through a series of interactive scenarios and learning games, employees learn the nuances of the following topics:
Data Privacy Laws
- Legal requirements
- Duty to report a breach
- Game: Classifying information as protected, sensitive, non-public, or public
Security Threats Overview
- Social Engineering
- Clicking links
- Emails to personal accounts
- Phishing schemes
- Phishing red flags
- Spear phishing
- Phishing by Phone/Text
- Watering Hole
- Installing unauthorized software
- Wifi networks
- File sharing services
- Use of social media
- Simple Passwords
- Names and birthdates
- Complex characters
- Writing down passwords
- Non-secure document
- First letter of lyrics
- Reusing passwords
- Changing passwords
- Sharing passwords
- Password management software
- Leaving out confidential information
- Easy access
- Locking screens
- Shared workspaces
- Proper disposal
- Thumb drives
- Insider threats
- Watch my device
Reporting a Data Breach
- Duty to report
- Data breach examples
- Red flags
- How to report
- Retaliation & confidentiality
The training is customized to reflect your organization’s specific policies and procedures related to information security, cybersecurity, and data privacy. For example, the training provides specific instruction on:
- How employees should report inquiries related to the data your organization maintains on employees, customers, partners, and others.
- Your organization’s system for classifying information (such as, Protected, Sensitive, Non-Public, Public).
- Which file sharing service, if any, employees are allowed to utilize.
- How to report a potential data breach.