Cybersecurity Awareness Training (Staff Programme)

COURSE OVERVIEW

The most sophisticated security technology in the world is circumvented every day by employees who click on phishing links, share passwords, connect personal USB drives to work computers, or fall for convincing social engineering. These are not failures of intelligence — they are failures of awareness and habit. And they are preventable through the right training.

Our Cybersecurity Awareness Training Programme is designed for the Nigerian workplace — addressing the specific threats, social engineering tactics, and digital behaviours most relevant to employees across the sectors we serve. We do not deliver generic compliance content: we deliver training that is engaging, relevant, and designed to produce lasting behaviour change.

WHY THIS PROGRAMME MATTERS

• 74% of all data breaches involve the human element — phishing, social engineering, credential theft, and human error (Verizon DBIR 2023). No technology investment addresses this risk as directly as quality awareness training.
• Nigerian regulatory requirements, including the CBN Cybersecurity Framework and sector-specific guidance from NITDA, mandate regular cybersecurity awareness training for staff of regulated entities — making this both a risk management imperative and a compliance requirement.
• We have delivered cybersecurity awareness training to major Nigerian organisations including First Bank and NNPC Limited — making this one of our most extensively tested and refined programmes.
• Security awareness research consistently demonstrates that organisations running regular phishing simulation programmes reduce employee susceptibility by over 80% within 12 months — with KnowBe4's 2025 analysis of 67 million simulations showing an 86% reduction in phishing click rates after sustained training.
• Employees who receive security awareness training are 3-4 times more likely to report suspicious activity — turning each employee into an early-warning sensor that no automated system can replicate.

WHAT THE PROGRAMME COVERS

The programme is modular and customised to each client's industry and threat profile. Core modules include:

Understanding Cyber Threats: What cybercriminals are after, how they operate, and why every employee — not just senior executives — is a target. Real case studies from Nigerian organisations make the threat tangible.

Phishing and Social Engineering: Recognising phishing emails, smishing (SMS phishing), vishing (voice phishing), and pretexting attacks — the tactics that bypass technical defences by targeting human psychology.

Password Security and Account Protection: Creating and managing strong credentials, using multi-factor authentication, and recognising credential-harvesting attempts.

Safe Use of Company Devices and Data: USB security, remote working risks, personal device use, and the behaviours that protect company data in daily work.

Protecting Sensitive Information: Understanding data classification, handling confidential information appropriately, and recognising the insider risk dimension of data mishandling.

Recognising and Reporting Incidents: What to do when something looks wrong — how to report suspicious activity and whom to contact, without fear of blame for honest mistakes.

Social Media and Online Safety: The intersection of personal online behaviour and corporate security risk — including OSINT risks, social engineering through social platforms, and reputational exposure.

DELIVERY OPTIONS

We deliver this programme in a variety of formats: interactive classroom sessions, on-site workshops, targeted executive briefings, and ongoing reinforcement programmes that sustain behaviour change over time. Phishing simulation campaigns can be integrated as part of a comprehensive awareness programme.