Click Armor Security Awareness Training Content (and Syllabus)
Click Armor’s solution includes a fully functioning learning management system that enables easy employee onboarding, notifications and reminders, as well as automated course content scheduling and reporting.
Click Armor’s foundational training courses provide in-depth coverage of security awareness topics for risk and compliance. The interactive approach uses “learning challenges” such as graphic novel scenarios, quizzes and word puzzles to introduce terminology and reinforce knowledge. This approach builds confidence simply and enjoyably.
After learning challenges are completed, students’ knowledge is typically assessed in interactive quiz form and decision-making skills are exercised in immersive simulations. The immediate feedback from these exercises helps students retain knowledge.
Sample of Off the Shelf Foundational Courses
Below is a sampling of courses and outlines that are currently available. For a full syllabus of content currently available on the Click Armor platform please make a request via the Click Armor sales team.
- Suitable variants available for compliance with SOC 2, ISO 27001, CMMC, and PCI security standards
- The importance of working securely
- Phishing risks and best practices
- Social engineering risks and best practices
- Passwords and authentication risks and best practices
- Physical security risks and best practices
- Mobile security risks and best practices
- Wi-Fi security risks and best practices
- Web surfing risks and best practices
- Social media risks and best practices
- Internet risks and best practices
- Working from home risks and best practices
- Final compliance knowledge assessment quiz
- Impacts from cyber security breaches and why security awareness is important
- Suspicious senders – Checking sender names and email addresses for suspicious domains and accounts
- Suspicious links and attachments – Checking link targets URLs for suspicious domains; and attachment file extensions
- Suspicious content – Checking content for common indicators of deception and manipulation, and how to verify requests
- Immersive phishing inbox simulations – Common types of impersonation and deceptive email messages, using mixes of senders, links and content
- Multiple versions of Gone Phishin’ are available:
- A “Gone Phishin’ Lite” for compliance and confirmation of knowledge (15-20 minutes)
- Attacker motivations – Why people should assume they can be a target
- Profiling – How attackers collect useful information for attacks
- Pretexts – How attackers create plausible scenarios for scams
- Softening up – How attackers make innocent approaches
- Clues and warning signs – What to look for as indicators of a scam
- Final assessment with immersive social simulations – Common scams (e.g., helpdesk, credit card, sales scams, trade shows, invoicing, etc.)
- How working from home poses security risks
- Physical security – Keeping workspace and devices secure
- Portable devices for business – Using only authorized devices
- Security software – Using proper business safeguards
- Cloud storage – Using only approved cloud services
- Phishing and social engineering at home – Refresher on phishing
- Final assessment with immersive social simulations – Example situations (e.g., found USB drive)
- How attackers gather useful information
- Social media exposures - oversharing
- Sharing information with friends – need to know
- Discussions in public places – avoiding sensitive discussions
- Travel security risks and best practices
- Exploration of the “Kill Chain Awareness” method of disrupting an attack
- Knowledge verification quiz
- The importance of protecting passwords
- Creating strong passwords
- Storing passwords
- Using passwords safely
- The importance of “Two-Step” (or Multi-Factor) Authentication
- Knowledge verification quiz
- Introduction to privacy
- Personal information
- Collection of personal information
- Purposes for collection
- Meaningful consent
- Protecting personal information
- Final assessment quiz
- Understanding HIPAA’s importance
- Understanding important terms
- Understanding patients’ rights
- Protecting PHI
- Breach notifications
- Limiting use and disclosure of PHI
- Consequences for compliance violations
- Final assessment quiz