Wizer Free Security Awareness Blog

Your Security Awareness Plan: Month 2

Written by Gabriel Friedlander | Feb 26, 2024 2:58:17 PM

Welcome to Month 2 of our 2024 Cybersecurity Training Plan - your free Virtual Security Awareness Manager.

Your Security Awareness Plan Month 2: Focusing on Relationships

This month, we're concentrating on building from last month's training while nurturing the human side of cyber, relationships. Gaby hosts one of our community members, Brian Wright, to talk through phishing simulations in light of the bigger pictures of the human element.

If you missed Month 1 packed with Annual Training and Monthy Video, you can view it here.

Set up your Phishing Game (Core Training) 

Month 2 begins with setting up a Phishing Game for your employees. This is an excellent opportunity to give employees experience with those hard-to-simulate attacks such as wire fraud and business email compromise (BEC) but in a safe and friendly environment.

In our phishing exercise, we not only teach people to spot phishing emails but also show them what actions they can take when they come across suspicious messages. They'll need to determine if they should call and verify, report it, or check the social app and in that way reinforce positive actions to build a strong security culture.

Everyone should complete this game within 30 days to boost their likelihood of spotting phishing attacks.

Here is how to launch your Phishing Game: 

  1. Create an account on wizer-training.com
  2. Click on the “Phishing Exercise” section and follow the instructions to set it up here.

Set up your Phishing Simulation  (Core Training) 

Next, run the phishing simulation to test your team's proficiency in recognizing and reporting these types of threats. Our Phishing Simulation puts their new skills to the test in real life to see how well people can identify real-life phishing attacks. Plus, determine whether they report them or ignore them and carry on with their day. We have over 100+ templates available for you to select from for these phishing simulations.

You can send out a one-time simulation or a recurring simulation. Our One-Time Phishing Simulation Campaign is our most popular. You just select the desired templates, select your audience of specific employees or departments, then send. Or, our Smart Campaign is a similar process, with automated recurring phishing templates that will go out based on your preferred frequency.

Here is how to launch your Phishing Simulation:

  1. Create an account on wizer-training.com
  2. Click on the “Phishing Simulation” section and follow the instructions to set up a One-Time Campaign here or a Smart Campaign here

Don't have the time or team to dedicate to this? Let our team of Awareness Experts do it for you with Wizer Managed, saving you time and money while upgrading your security culture. 

Monthly 1.5-Minute Video Updates (Add On)

Last month, we implemented Monthly Video updates. This is a 1.5 min video users receive every month, covering a range of topics that keep everyone updated and informed about new scams or the latest cyber attack trends.

If you have not already, here is how to set up Monthly Video:

  1. Sign into your account on wizer-training.com
  2. Follow the directions here to implement Monthly Video

Cultivate A Love For Security Awareness Through Positive Relationships

As a Security Awareness Manager, fostering strong relationships with various departments is crucial for creating a comprehensive and effective security culture within your organization. We want to provide some actionable strategies to help you connect and collaborate effectively across your organization:

Certificate of Love

  • Recognize and appreciate departments and individuals who make significant contributions to security awareness.
  • A personalized “Certificate of Love” can be a fun and meaningful way to show appreciation.

      

Download Certificate

 

Be Curious and Come Prepared

  • Research each department to understand their functions, challenges, and successes.
  • Approach interactions with genuine curiosity and knowledge about their specific domain.

Participate in Department Meetings

  • Request to join department meetings not just as a guest but as an active participant.
  • Use these opportunities to listen, learn, and offer tailored security insights.

Understand Department-Specific Applications

  • Get to know the applications and tools each department relies on.
  • This knowledge allows you to provide more relevant and actionable security advice.

Share Personal Stories

  • Connect on a personal level by sharing stories and experiences that departments can relate to.
  • Demonstrating your own vulnerabilities and learning moments in security can foster trust and openness.

Engage Beyond Management

  • While talking to managers is important, also identify and engage with departmental influencers and informal leaders.
  • These individuals can champion security awareness within their teams.

Talk to the CEO

  • Understand the broader vision and concerns of the organization by discussing with the CEO what keeps them up at night.
  • Align your security awareness objectives with the organization’s goals and challenges.

Have Empathy

  • Recognize the struggles and frustrations that departments may have with security protocols.
  • Approach these challenges with empathy, offering solutions that minimize disruption while enhancing security.

Collaborate with the SOC

  • Reach out to the Security Operations Center (SOC) team, offering your support.
  • Understand the types of threats they are facing and explore how you can alleviate some of their burdens through awareness and training.

Up Next 

During Month 3, we will implement an Artificial Intelligence Training add-on. 

Don't want to wait for the monthly series to see what's down the road? View or download the full annual security awareness plan here

Want to get all the cybersecurity training mentioned in this post for FREE? Create an account with Wizer Training to try Wizer Boost with full access FREE with a 14-day trial. Or request a demo instead