ISPA Modules & Content

Built to drive employee behavioural change

The contents of the modules below which are contained in our Information Security & Privacy Awareness training include the contents of our 365 Communication program to support the training, which includes tip sheets, articles and infographics.

FREE - Essential Guide to online Security (PDF)

FREE - Cyber Security Awareness (PDF)

All training customers receive a dedicated Customer Care Manager who will help optimize your training by providing: • Internal roll-out plans • Creating success benchmarks and metrics • Providing resources and best practices • Communication strategies to increase adoption • Ongoing guidance and tools for success • Developing a change management program

A quick overview:

MODULE #1: PHISHING AWARENESS

Throughout this course, learners will recognize malicious email before it becomes a threat, understand the various ways in which attackers try to trick and entice users to trigger malicious events through email, and best practices to properly handle and avoid phishing attacks.

Training Topics

  • How phishing works
  • Examples of phishing scams
  • Common characteristics
  • Warning signs
  • Best practices on how to avoid a phishing attack
  • Identifying malicious attachments in email

Tip Sheets

  • Phishing Awareness Best Practices
  • How to Spot a Phishing Attack

Articles

  • Targeted Phishing Attacks
  • Phishing Facebook
  • Spear Phishing

Infographic

  • Dangerous Waters: A Map of Spoofs, Spams, and Spammers

MODULE #2: PASSWORD SECURITY

Throughout this course, learners will recognize malicious email before it becomes a threat, understand the various ways in which attackers try to trick and entice users to trigger malicious events through email, and best practices to properly handle and avoid phishing attacks.

Training Topics

  • Password uses, safeguards, and risk
  • Attacker techniques
  • Creating strong passwords

Tip Sheets

  • Creating Strong Passwords
  • Password Safety at Home

Articles

  • Better Safe Than Sorry: System Level Password Safeguards
  • Those Who Can’t Do, Steal: Identifying Commons Password Attacks
  • LinkedIn

Infographic

  • Creating Complex Passwords

MODULE #3: EMAIL SECURITY

Learners will be taught to recognize malicious email before it can become a threat, how to properly handle email, and best practices around how and when to use email to send specific types of information. This module includes a customized interaction activity called "Inbox Challenge".

Training Topics

  • Defining sensitive information
  • How information travels via email
  • What not to send over email
  • Email encryption
  • Recognizing malicious attacks
Course Preview - E-Mail Security

Tip Sheets

  • Public, Private, PII
  • Safe Sending

Articles

  • 4 C’s of Email Exposure
  • Email Encryption Solutions
  • Understanding Email Security Risks

Infographic

  • Anatomy of a Data Breach

MODULE #4: SOCIAL ENGINEERING

Learners will identify the many forms of social engineering and its potential impacts, identify techniques used by social engineers, and understand how to establish validity of requests in order to perform daily business functions in light of social engineering threats.

Training Topics

  • How humans are the weakest link
  • What is sensitive information and why attackers want it
  • Art of the attacker
  • Social engineering approaches and methods
  • How to recognize an attack
  • How to handle a suspicious request
  • Where to report attempts
  • Summary of policies

Tip Sheets

  • Social Engineering Defenses
  • Social Engineering Tactics

Articles

  • Tech Support in Social Engineering
  • Explaining the Mat Honan Breach
  • See How It’s Done: Walmart DefCon CTF
What Hackers can learn about you in less than 30 minutes (PDF)

Infographic

  • Social Engineering on the Silver Screen
FREE - Infographic - Social Engineering

MODULE #5: MOBILE DEVICE SECURITY

In this course, students will learn about mobile devices, the ways in which data can be leaked or lost, and the challenges that arise when the line of what is corporate and what is personal is blurred. This course examines mobile device security from a number of platforms.

Training Topics

  • Mobile device characteristics
  • Mobile platforms
  • Ownership
  • Mobile risk landscape
  • Mobile device security best practices
Mobile Security Course Preview

Tip Sheets

  • Mobile Security Best Practices
  • In Case of Emergency

Articles

  • Enterprise Mobile App Best Practices
  • Mobile Device Hardware and Software
  • Mobile Malware Case Study
  • What You Didn’t Know About Your iPhone
FREE Article - The rise of mobile security (PDF)

Infographic

  • Mobile Bay: Security Isn’t Always a Day at the Beach

MODULE #6: TRAVEL SECURITY

With the amount of data, we are able to carry around in devices, travel security is more important than ever. This course introduces students to the risks associated with transporting sensitive data, offers guidance around how to travel safely with sensitive information and when to leave it at home, and examines the importance of maintaining personal security while travelling.

Training Topics

  • Travel security:
  • • Before you travel

    • At the airport

    • Upon arrival

    • At the hotel

    • While you are working

    • Best practices

Tip Sheets

  • Travel Best Practices
  • Overseas Considerations

Articles

  • Device Security
  • Espionage Abroad
  • Privacy at the Border iPhone

Infographic

  • Governmental Intrusion

MODULE #7: AVOIDING MALWARE

Throughout this course, learners will be able to identify and define types of malware. Learners will also be able to recognize evidence of active infection and understand what the proper actions are to prevent such attacks.

Training Topics

  • Types of malware
  • Goals of malware
  • Impact of malware
  • Recognize sources of malware
  • Malware prevention
Course Preview - Malware Prevention

Tip Sheets

  • Malware Prevention at Home
  • Malware Prevention at Work

Articles

  • Malware Impacts/Cyber Sabotage Through Flame
  • How Malware Infects & Spreads
  • Malware Goals

Infographic

  • The Evolution of Malware
FREE - Malware Prevention at Work (PDF)

MODULE #8: PHYSICAL SECURITY

This course teaches students accepted practices for minimizing breaches and gives them the ability to identify different types of data that may be exposed via hardware theft. Students will be introduced to the risks associated with transporting sensitive data and the importance of maintaining personal security while travelling.

Training Topics

  • Defining physical security
  • Physical security attack avenues
  • Clean office exercise
  • Best practices
FREE Checklist - Conference Room Clean-up

Tip Sheets

  • Clean Desk Check List
  • Physical Security Dos & Don’ts

Articles

  • Mind the Gap
  • Procedural Pitfalls
  • Technological Terrors

Infographic

  • Office Space

MODULE #9: PCI COMPLIANCE

Available as an add-on module, our PCI Compliance course, teaches employees to recognize appropriate protection mechanisms for cardholder data. Those in the retail and ecommerce industry are required to be PCI Compliant. This course is intended to teach students to follow the PCI Security Standards in order to understand how to identify different types of sensitive data and handle it properly.

MODULE #10: DATA PRIVACY - CLASSIFYING DATA

The Data Privacy Awareness course is designed for general staff in roles such as human resources, legal, marketing, finance, sales, operations and customer service. This course equips employees with information on how to recognize the importance of understanding how to classify private data.

Training Topics

  • Recognize what constitutes as private data

Tip Sheets

  • What is PII
  • Handling Sensitive Data

MODULE #11: DATA PRIVACY - PROTECTING DATA

The Data Privacy Awareness course is designed for general staff in roles such as human resources, legal, marketing, finance, sales, operations and customer service. This module equips employees to recognize the importance of how to behave in a proactive manner to protect their information in their everyday work.

Training Topics

  • How to Protect this data in a proactive manner

Tip Sheets

  • Securing PII
  • Protecting the Application

Get a FREE demo of ISPA.

What better way to find out how ISPA will work for you.

Request a free Demo