One of the greatest threats to information security always comes from within your organization. Inside ‘attacks’ have been noted to be some of the most dangerous since they are unexpected. It is not always the employee’s intention to cause the threat, it is often a result of uninformed, uneducated employees.
Uninformed users can do harm to your network by visiting websites infected with malware, responding to phishing e-mails, storing their login information in an unsecured location, or even giving out sensitive information over the phone when exposed to social engineering. One of the most effective and easiest deterrent is education. Educate your employees, via various media, about the organizations security policy, procedure and best practices in order to prevent common breeches.
First Info Sec has taken the lead to help safeguard many organizations across the MENA region. Through our years of experience, we have seen the most successful attack scenarios are targeted towards unaware user. First Info Sec Awareness portal is developed by our certified team of consultants, designed for technical and non-technical employees, managers, and contractors – anyone who needs to be educated on the latest skills in technology and productivity.
Everyone in your organization can benefit from our program to ensure that they are aware of various information security threats.
Our goal is to not only ensure you are compliant, but offer training that changes human behaviors and reduces risk.
Information Security Awareness Training Doctrines
Targeted training and customization
Our Security Awareness training is designed to meet the specific needs of various organizational roles and responsibilities. Be it a manger, technical or non-technical employee or even outsourced contractors. The course material is designed to match the employees and/or contractors level of understanding and comprehension. Technical jargon is kept to a minimum and used only when needed (with appropriate descriptions and definitions). The training material can also be customized to meet your industry specific requirements. Based on the courses, the portal will quiz the users at the end to evaluate their understanding and comprehension of the content. This is done in the form of a questionnaire. Upon successful completion of the quiz the user is granted a certificate of completion with the organizations logo and seal.
Accessibility and Localization
The material can be accessed from anywhere, intranet and extranet. We provide the option of hosting the material at your site with relevant branding or we can provide access directly to our customized, separate instance, hosted portal. The material is designed to be easily integrated within your organizations HR system, if required. All training material is available in both English and Arabic.
We understand that users normally do not want to sit through boring lectures or read huge walls of text. Training is effective as long as the students are being engaged. To this end, we have designed material that can be delivered through multiple channels in the form of publications, animated videos, games, podcasts & attention grabbing flyer’s to ensure there is no attention deficit. With the aim of ensuring the core message is passed to the Employee.
The course material covers multiple domains so each channel of threat is covered. The course highlights risks prevalent on the Internet, social engineering techniques, physical threats, email based threats, the importance of backups and maintenance of a secure identity.