Cybersecurity awareness

An interactive format that goes further than a simple phishing campaign.

The human factor is part of security

Employees are often the first line of defense. The goal is not to blame them, but to give them practical reflexes for real situations.

The session is interactive and concrete: participants can ask questions, challenge examples and connect the content to their own work environment.

It covers the everyday decisions that reduce exposure: messages, passwords, sensitive data, mobility, physical situations, reporting channels and AI-assisted threats.

Topics covered

Phishing and social engineering

Recognize manipulation, urgency, fake identities, suspicious messages and business email compromise attempts.

Passwords and access

Understand password hygiene, MFA, account protection, password managers and shared-account risks.

Sensitive data

Know what should not be sent, copied, uploaded or discussed without the right safeguards.

Everyday situations

USB drives, mobility, workspaces, badges, visitors, public Wi-Fi, remote work and AI usage.

Interactive format

  • Estimated duration: around two hours, adaptable to context
  • Questions and interruptions encouraged
  • Concrete examples, scenarios and small decision exercises
  • Content can be adapted to the client’s sector, tools and recurring situations

Expected reflexes

Identify risk

Spot suspicious behavior before clicking, opening, forwarding or sharing information.

React properly

Report, verify and communicate when in doubt instead of trying to solve everything alone.

Maintain hygiene

Updates, strong authentication, locked sessions, clean data handling and safe digital habits.

Accept uncertainty

Know that asking for verification is a security reflex, not a weakness.

Beyond phishing campaigns

Broader threat model

The course covers social engineering, information leakage, physical situations and current AI-enabled manipulation.

Useful for teams

The content is designed to create shared vocabulary and practical reactions across the organization.

No blame culture

The approach encourages reporting and learning instead of hiding mistakes.

Anchoring the reflexes after the session

Shared vocabulary

Participants leave with common words for suspicious messages, data exposure, verification channels and reporting, which makes incidents easier to discuss.

Sector examples

Examples can be adapted to the organization’s sector, tools and recurring situations so the session feels close to daily work rather than generic.

Manager support

Managers can receive simple talking points to reinforce good reporting behavior and avoid creating pressure that encourages risky shortcuts.

Practical reminders

Key messages can be reused in internal communications, onboarding or periodic reminders without turning awareness into a one-off event.

Connection to incidents

The training explains what to do after a mistake: preserve information, report quickly and avoid hiding weak signals that could help contain an incident.

Progressive maturity

The session can be complemented by targeted exercises, phishing simulations or technical training when the organization wants to go further.