icon icon

Cybersecurity Awareness – digital security in practice

icon

Training process

Training needs analysis

If you have specific requirements regarding the training programme, we will carry out a training needs analysis for you. This will guide us on which aspects of the programme should receive greater emphasis, so that the training programme meets your specific needs.

What will you gain?

icon

Spot threats faster - You will learn to tell phishing, malware, ransomware, and social engineering apart from normal workplace activity, so you can catch risks earlier and avoid costly mistakes.

icon

Handle scam attempts - You will learn how to identify fake emails, text messages, and phone calls, and how to respond to CEO fraud, fake invoice scams, and courier impersonation attempts.

icon

Protect accounts better - You will practice creating strong passwords, understand the value of password managers and MFA, and better protect your work accounts from takeover and unauthorized access.

icon

Use cloud tools safely - You will understand how to sign in securely, share files properly, and work safely in Microsoft 365, OneDrive, SharePoint, and Teams without exposing company data.

icon

Communicate more safely - You will learn to assess suspicious messages, notice red flags in emails, and run calls and video meetings in a safer way without exposing sensitive information.

icon

Secure remote work - You will learn practical ways to protect your laptop, phone, and tablet, use Wi-Fi more safely, and apply updates and encryption to reduce risk while working remotely.

icon

Protect company data - You will learn how to handle personal, confidential, and financial data, apply clean desk rules, and store or dispose of documents without creating security gaps.

icon

Respond with confidence - You will practice what to do after a security incident, how to report suspicious activity, and how to work with IT so you do not worsen the problem and can trigger the right response.

Training programme

1. Introduction to cybersecurity

  • why is digital security so important?
  • the biggest incidents and their consequences for companies,
  • the role of employees as the first line of defense,
  • basic concepts: phishing, malware, ransomware, social engineering attack.

2. The most common threats in office work

  • Phishing – fake e-mail messages and SMS messages,
  • Spear-phishing – targeted attacks on employees,
  • Smishing, vishing, spoofing,
  • malicious attachments and links,
  • attacks on Microsoft 365 / Google Workspace accounts,
  • „CEO fraud”, „invoice scam”, „courier scam” – examples from Poland.

3. Strong passwords, MFA and account hygiene

  • rules for creating secure passwords,
  • password managers – why is it worth it?
  • multi-factor authentication (MFA) – how it works and why it is necessary,
  • typical user mistakes and how to avoid them,
  • exercises: recognizing strong and weak passwords.

4. Safe work in the cloud and Microsoft 365

  • principles of secure logging in,
  • sharing documents – what is allowed and what is not,
  • hybrid and mobile work – how to secure devices,
  • safe use of OneDrive, SharePoint, Teams.

5. Secure e-mail and Teams communication

  • how to recognize a suspicious message?
  • analysis of sample suspicious e-mails (workshop),
  • what to watch out for during conversations and videoconferences,
  • screen sharing – good practices.

6. Company devices – security principles

  • computers, phones, tablets – how to protect them,
  • updates, antivirus, firewall,
  • encryption of disks and data,
  • security in Wi-Fi networks,
  • how to work safely outside the office?

7. Company data and their protection

  • protection of personal data (GDPR),
  • confidential, sensitive and financial data,
  • how to avoid data leaks?
  • secure storage and destruction of documents,
  • „Clean desk policy” – why is it important?

8. Social engineering – psychology of manipulation

  • how do criminals obtain information fraudulently?
  • the most common manipulation techniques,
  • examples of real social engineering attacks,
  • exercises: recognizing a social engineering attack.

9. Ransomware and malware in practice

  • how modern ransomware attacks work,
  • which behaviors increase the risk of infection,
  • what an infection looks like and what to do then,
  • examples from companies in Poland and Europe.

10. Security procedures in the company

  • what an employee must know about security policies,
  • reporting incidents and suspicious situations,
  • what the proper response looks like after a security breach,
  • cooperation with the IT department and the security team.

11. Practical workshops (optional)

  • analysis of suspicious emails – exercises
  • creating a strong password and configuring MFA
  • security incident simulation
  • practical scenarios: what to do in situation X?

12. Summary and good practices

  • „10 golden rules of cybersecurity”,
  • daily user work checklist,
  • most common mistakes – how to avoid them,
  • Q&A with participants.

What are the prerequisites for participating in the training?

icon

Basic computer use - You should be comfortable using a computer, a web browser, and email so you can focus on security topics during the training rather than on basic tool navigation.

icon

Office work familiarity - You should understand common office tasks such as reading messages, opening attachments, and sharing files, because the examples and scenarios will build on them.

icon

Work account experience - You should have experience signing in to work accounts and using basic company services so you can more easily understand risks related to access and authentication.

icon

Willingness to practice - You should be ready to review examples, ask questions, and take part in simple exercises, because the training is built around practical everyday work situations.