Cyber security awareness programme

The Cyber Security Awareness Program service covers the analysis of the training needs of individual roles in the organization from a security perspective and the subsequent creation of a detailed proposal for an optimal security awareness plan across the entire organization.

Service description

Most successful cyber attacks today do not primarily exploit weaknesses in the technical security of networks and systems, but rather weaknesses in the knowledge and skills of people. Yet a well-trained human has the potential to be the best security tool, both at the level of preventing security incidents and in responding to them. However, the needs of technical and non-technical roles for security training are dramatically different, as are the needs of regular and managerial employees. As part of the Cyber Security Awareness Program, our specialists help organizations of all types implement an effective security awareness program that fully reflects the needs of each role.

The service includes an analysis of internal and external security standards, existing security awareness plans (if they already exist in the organisation) and the training needs of individual security roles. Subsequently, detailed long-term plans for training, courses and other educational activities are established for all roles, including the definition of their content. The plans also include the design of mechanisms for testing the effectiveness of the training activities.

The dominant role in the prepared training plans for end-users in most organisations is mainly a general overview of the most important threats and the possibilities of protection against them in the context of the relevant internal security documentation of the organisation. In contrast, security awareness activities for top management are most often focused on the specific threats with which employees in senior positions most often come into contact and on managing security incidents from the perspective of top management. However, the prepared plans always reflect the specifics of the target organisation and may thus deviate from the above-mentioned usual format.

Based on the prepared plans, it is easy to create proposed one-off and periodic training sessions and implement other recommended training activities. Training plans for individual roles are always included in the overall safety awareness programme, which then serves as a guiding document for training all employees of the organisation.


Who is the service for?

The service is designed for all organisations interested in building an effective security awareness programme taking into account the specific training needs of individual roles.


Main advantages of the service

Creation of a security awareness plan to guide the security training of all employees of the organisation

Ensuring the continuous enhancement of safety knowledge in both professional and non-professional roles

Ability to measure the effectiveness of learning activities with appropriately designed testing and control mechanisms

How is the implementation done?

  1. Analysis of the organization's environment and its security documentation
  2. Analysis of external (e.g. legislative) and internal requirements and needs of the organisation in relation to training/raising security awareness
  3. Assessment of the organisation's current safety awareness programme and baseline knowledge of each role
  4. Design detailed training plans for each role
  5. Establishing control mechanisms for testing the effectiveness of training activities
  6. Developing a formal security awareness programme