Security Awareness Concept
Our security awareness concept is a process that ensures that people in organizations are made aware of cyber security and social engineering in the long term. The higher your employees' awareness of information security, the better they know the scope of their own security responsibilities and can therefore act appropriately.
Our process increases security awareness in the long term and helps to implement security guidelines in your organization. It is essential to see employees not as a risk, but as part of your company's IT security concept. We teach your employees how to consider, apply and implement the basic content of various IT security topics. Cyber security awareness is a process. Attention must be drawn to the topic in order to achieve a high level of awareness among employees. Only in this way can security risks in the company be sustainably reduced.
How does our cyber security awareness process work?
We would be happy to outline our complete cyber security awareness process, which makes a lasting contribution to the security of your company. We start with an inventory of the current cyber security awareness situation in your company. We then conduct workshops that lead to a better understanding of your requirements. Various methods can be used to raise awareness. For example, a keynote speech for board members and executives attracts attention at the top of the company. This can sustainably increase employee awareness. In addition, online courses or face-to-face workshops can be used to provide employees with specific knowledge on the subject of IT security. Subsequently, our security experts develop a concept on which further measures should be based.
IT security awareness training
With our monthly or one-time services, you will receive security awareness training for all of your employees. Security awareness training is an important measure for improving IT security in companies and organizations. These training sessions are designed to make your employees aware of the importance of IT security and help them to recognize and minimize security-related risks. IT security awareness training makes employees an important part of a company's IT security strategy. They can help to minimize security risks and protect sensitive data. However, regular refreshers of the security awareness training content and continuous monitoring of IT security are equally important to maintain a high level of security. That's why we recommend our monthly recurring services!
Selection of monthly recurring services
Fully secured
The Security Awareness Suite provides comprehensive security awareness training for your employees. Various automations in the form of the awareness engine and the spear phishing engine are used to control the training. In this way, employees are trained as needed to reliably recognize and effectively ward off cyber attacks - without administrators or CISOs having to familiarize themselves with the underlying psychology and didactics. The basis of the awareness training is a patented procedure for measuring the security behavior of all groups and users participating in the security awareness training. Based on the measured security behavior, the scientific key performance indicator Employee Security Index (ESI®) and the training KPI are calculated. The levels of spear phishing emails are based on standardized classifications: the higher the level, the higher the attacker's time investment. Like real attackers, they use potentially malicious links, fake login pages, macros, and encrypted file attachments. Spear phishing e-mails are sent at different levels of difficulty, in which, among other things, high-quality spear phishing is implemented with the simulation of fake internal e-mail traffic:
- Level 1: Mass Phishing
- Level 2: Targeted Phishing, also known as CEO Frauds
- Level 3: Spear Phishing using publicly available information about the company, for example from employer review portals
- Level 4: Spear Phishing related to the recipient's individual job position and department, emails from direct colleagues or superiors
Combination of phishing training and interactive learning module
Table of contents
This module combines the two monthly services offered by Network Box. Customers receive 2 phishing campaigns and corresponding reports that show the overall results, weaknesses, and strengths of the participants, so they have a clear overview of next steps after completion. Participants are also trained through eLearning, take exams and receive participant certificates upon success. The eLearning module trains your employees interactively in the areas of Clear Desk, password management, safe surfing, phishing and 2-factor authentication. You also get free access to the "NB Detector" browser plugin, which warns of fake websites.
Fast and easy setup for maximum success
With this phishing attack simulator, your employees become the human firewall of your company. Sophos Phish Threat simulates various phishing attacks to quickly identify and address weaknesses within your organization. Through practical training, participants are educated about the dangers of phishing and trained in prevention. Training content includes:
- 60 effective training modules
- Comprehensive reporting
The anti-phishing training is integrated into the cloud-based security console Sophos Central. If you have access to the console, you can activate the Phish Threat training without installing hardware or software. Sophos Anti-Phish Threat Training is the only solution on the market that offers IT security for email, endpoint, and mobile, in addition to phishing simulation and user training.
Video:
Selection of one-time services
A comprehensive keynote on the topic of Cyber Security
You will receive an IT security situation report from us. We will discuss national and international cyber incidents, report on the attackers' actions, and clarify the damages incurred. We will tell you about classical security techniques, challenges, and to-do's for management, and discuss the IT security status of your company. In the end, we will provide you with action recommendations based on the previous dialog.
Workshop followed by rough concept
This module includes a workshop aimed at company management, IT managers, human resources and HR management, works/staff council, data protection officers, IT security officers, marketing and corporate communications in the company. The selection is determined by your company management. A checklist is used to determine the company's situation in terms of its information security awareness. We start with our keynote and then talk about an information strategy and operational security policies. Based on the results, we will provide you with a rough concept as a recommendation for action.
In-person or online workshops for employees
The employee awareness workshop is based on interactive knowledge transfer. We assess participants' knowledge level and exchange experiences together. We discuss various IT security topics such as email security, endpoint security, social engineering, and hackers' motives. We provide tips on how to defend against attacks and prevent IT outages. You can read all the components of our services in our datasheet.
You are welcome to read about all the components of our services in our data sheet.
Your personal cyber security awareness officers from Medialine
Not sure whether you want to purchase a one-time service or a monthly recurring service? Our Medialine security experts will be happy to advise you on the solution that best suits your individual needs, based on your requirements and demands.
In doing so, we will help you to firmly anchor IT security and thus cyber security awareness in your corporate culture and to make your company sustainably more secure against external attacks.
“Cyber security is a process. Workshops, training and phishing e-mail campaigns are building blocks that need to be established in a process within the company. Only when this process has been completed, the measures well coordinated and tailored to individual requirements can cyber security really work. Only then can protection be actively practiced and also proactively and effectively tackled.”
Adrian Woizik, CEO Medialine Security GmbH
Our security experts will help you define and implement cyber security awareness as a process. We will help you plan, organize and execute campaigns and training. The progress of the training and your employees will be monitored and optimized using reports and management jour fixes to establish a culture where reporting cyber attacks is not met with fear. The security service supports conscious handling of the dangers of cyber attacks. We also advise management, IT and HR on IT security and the development and implementation of campaigns for your employees. If requested, we will assist in the recording and analysis of IT security incidents.
The cyber security officer – as a service!
Are you aware of the scope and importance of the topic, but are unable or unwilling to create a position for a cyber security awareness officer to drive the topic forward in the long term?
Of course, we are also available to assist you as an external officer and help you create a growing awareness of cyber security in your organization.
Scope of services of a cyber security awareness officer
- Anchoring IT security in the corporate culture
- Making IT security a topic of internal communication
- Planning and organizing campaigns
- Planning and organizing training, courses and workshops
- Establishing a culture in which cyber attacks can be reported without fear
- Training in the conscious use of digital communication and internet use
- IT security advice for management and executives
- Participation in and recording of security incident analysis
Contact
Are you interested in our cyber security awareness program? Please feel free to contact us using the contact form.
Downloads
Related Links
- Via phone
+49 (6751) 85378-0
- Via e-mail
Online request
- Service Helpdesk
Support area
- Login for customers
Check cloud status
