Blog
 

S.H.I.E.L.D Cybersecurity Awareness Training Catalog

Multi-Topic Foundational Courses

S.H.I.E.L.D training foundational courses are aligned with NIST standards. Not only will your organization demonstrate due diligence and compliance with major security standards, but your employees will be empowered to keep your network secure from insider threats. S.H.I.E.L.D foundational courses expose learners to current cybersecurity risks and how to effectively address them. With four options to choose from, we ensure that our curricula are fresh, engaging, and effective.

 

Security Awareness Essentials

30 min | Employees will master the fundamentals of information security including key threats and how to counter them. Key Topics: password management, identity theft, malware, social engineering, phishing, physical security, travel safety, mobile data, privacy and acceptable use.

Security Awareness

70 min | One course that covers every topic required by major standards and regulations. Key Topics: password management, viruses and malware, mobile data, physical security, social engineering, phishers, acceptable use policies, incident response, security services, risk management, network eavesdropping, encryption, malware, backups, protecting your home computer, identity theft, privacy and legal issues.

Strongest Link Theme - Security Awareness and Literacy

50-60 min | Employees will master the fundamentals of information security including key principles, concepts, vulnerabilities, threats and how to counter them. Key Topics: password management, viruses and malware, mobile data, physical security, social engineering, phishers, acceptable use policies, incident response, security services, risk management, network eavesdropping, encryption, malware, backups, protecting your home computer, identity theft, privacy and legal issues.

A Day in the Life Theme - Security Awareness

65-75 min | In this highly interactive course, learners will explore key information security concepts, examine threats and how to counter them, and review safe computing habits that can be applied at home and in the workplace. Key Topics: password management, viruses and malware, mobile data, physical security, social engineering, phishers, acceptable use policies, incident response, security services, risk management, network eavesdropping, encryption, malware, backups, protecting your home computer, and identity theft.

 


 

Single Topic Courses

S.H.I.E.L.D single topic courses provide employers with a high ROI and learners with more in-depth insight to relevant cybersecurity topics. These courses are key and ensure your employees receive comprehensive cybersecurity training that aligns with best practices. To keep the time commitment low for busy employees, each course is packed with real-world relevant information delivered in an average time of 12 minutes. Work with your dedicated Cybersecurity Representative to create an on-going curriculum that deploys courses on a regularly scheduled basis throughout the year. By keeping cybersecurity issues fresh and foremost in employees’ minds you are equipping them with the knowledge and tools necessary to be ready to make the right decision when a threat presents itself.

 

Phishing

12 min | Because today’s computers and networks are heavily defended from a direct assault, hackers are now much more likely target end-users when trying to break in. This course teaches best practices for recognizing and preventing both phishing and spear-phishing attacks.

Defeating Social Engineers Standard & Advanced

10-17 min | End users have what a hacker wants – a computer that’s behind the network firewall, a network username and password, and possibly access to trade secrets, confidential information, and bank accounts. This course will teach end users how to identify and avoid giving away sensitive information to these hackers.

Protecting Mobile Data and Devices

8 min | Because today’s smartphones and tablets can not only act as a phone, but also as an email client, mobile internet device, camera, GPS navigation system, entertainment console, and platform for any number of applications (apps), they can be exposed to many of the same risks as a desktop computer.

Appropriate Use of Social Media

14 min |  Social media can be an excellent tool to connect and interact with customers, show thought leadership, and build a brand, but it also poses unique security, HR, and public relations challenges. This course covers social media best practices.

Working Remotely

12 min | Mobile computing devices like laptops, smartphones, and tablets can be found everywhere – at home, in the office, and everywhere in between. These devices, combined with high speed wireless connections, make working remotely easier than ever. However, working outside of a company’s secured facilities expose an organization’s physical and information assets to additional threats.

Password Security

15 min | Passwords are the keys to our digital lives and protect us from hackers and cybercriminals, but how exactly could a hacker crack your password and what can you do to protect it? This course shows the tactics hackers use to compromise accounts and the password security best practices that can help prevent that from happening.

Physical Security

10 min | Your personal safety at work is of paramount importance. This course is designed to teach employees how to protect an organization from criminals, espionage, workplace violence, natural disasters, and other threats.

Email Security & Instant Messaging Security

11 min | Email and instant messaging (IM) are essential communication tools that most people use just about every day. They’re incredibly useful applications because they allow you to quickly and efficiently exchange messages and files with just about anyone else in the world. However, it’s a two-way street, meaning that since you can connect with anyone online, anyone else, including hackers and cybercriminals, can connect with you.

Security Awareness for the Home

7 min | Threats to our home network can quickly turn into threats to our workplace infrastructure and vice-versa. To combat against threats on all fronts, we must learn to practice safe computing habits both in the home and in the workplace. Participants will learn techniques to develop a regime of security-conscience behavior that will help keep important data safe from cybercriminals.

Cloud Security

9 min | Cloud-based services offer incredible convenience and can help people be more productive, especially while on the go. But they also create new security challenges, because the security of any information stored on the cloud is only as good as the security of the service provider who holds it. This course uses high-quality video and real-world simulations to teach best practices for cloud security.

Internet of Things & Home Security

10 min | Almost anything can be made into a “smart” device, such as security cameras and sensors, TVs, garage door openers, door locks, wearable devices, pacemakers, and even cars. These devices are what we refer to as the “Internet of Things” (IoT), which holds the promise of adding a whole new level of convenience and connectedness to everyday life. Having that many new, connected computing devices, most of which record activity, presents new challenges for security and privacy.

Incident Reporting

7 min | Reporting incidents of suspicious activity and the loss of assets or sensitive information is extremely important. In this module, employees will learn about common physical and information security incidents that should be reported and how to report them.

 


 

Standards, Compliance & Regulations

Protect what matters most to you by sharpening your employees’ knowledge of relevant standards and compliance requirements. Non-compliance leads to fines, vulnerabilities, brand damage, and loss of customers’ trust. S.H.I.E.L.D offers courses focused on ensuring compliance with industry specific standards. Our offerings range from GDPR, PCI, HIPPA/HITECH to data/record retention and Human Resources related topics. *Some of these courses are not part of our standard training package but these course packages allow our S.H.I.E.L.D. platform to serve as your complete enterprise wide learning management system.

 

HIPAA/HITECH Privacy for Business Associates

60 min | The final Omnibus rules for the Health Insurance Portability and Accountability Act (HIPAA), as amended by the HITECH Act places greater responsibility on all business associates to safeguard Protected Health Information. Business associates and their subcontractors will, for the first time, have some absolute obligations for how they can use and disclose protected health information that they handle on behalf of the covered entity. This privacy course is specifically tailored to help employees of business associates understand what information is private, why it is private and what they can do to protect it.

HIPAA/HITECH Privacy for Covered Entities

60 min | Training employees to safeguard Protected Health Information (PHI) is a requirement of all “covered entities” based on the Health Insurance Portability and Accountability Act of 1996, as amended by the HITECH Act. This privacy course is specifically tailored to help healthcare employees understand what information is private, why it is private and what they can do to protect it.

HIPAA/HITECH Security Awareness

45 min | The final Omnibus rule greatly enhances a patient’s privacy protections, provides individuals new rights to their health information, and significantly strengthens the government’s ability to enforce the law. Training employees to safeguard Protected Health Information (PHI) is a requirement of all “covered entities” based on the Health Insurance Portability and Accountability Act of 1996, as amended by the HITECH Act. This privacy course is specifically tailored to help healthcare employees understand what information is private, why it is private and what they can do to protect it.

HIPAA/HITECH Medicare Fraud, Waste, and Abuse

15 min | Fraudulent and abusive practices put the health and welfare of millions of Americans at risk, and cost U.S. taxpayers billions of dollars every year. If organizations do not have programs designed to prevent, detect, and correct noncompliance, patients’ Medicare services might be delayed, they might not be able to use the providers of their choice, or their benefits could be denied. In this course, you will learn how you can help fight fraud, waste, and abuse in Medicare programs, including, what the major laws are that prohibit abusive practices, how to recognize unlawful activities, how to prevent, correct, and report fraudulent, wasteful, and abusive actions, and where to get help.

How to Comply With the GDPR in the US

10 min | The General Data Protection Regulation, or GDPR, contains principles for protecting the privacy of EU citizens’ personal data. Every organization, worldwide, that gathers, stores, or processes this data in any way, must comply with the strong data protections required under the GDPR. Upon completion of this module, learners will be able to recognize situations where the GDPR comes into play and what to do when they encounter data that falls under GDPR regulations in the US.

GDPR Introduction and Overview

20 min | This comprehensive course is delivered in a series of short, concise modules targeted to specific areas of the law and targeted to defined roles contained within the GDPR. Participants will learn the fundamentals of the new regulations and the key concepts behind them. By the end of this course series, learners will be able to recognize situations where the GDPR comes into play and what to do when they do encounter data that falls under GDPR regulations.

GDPR Key Principles of the GDPR

15 min | Become compliant with GDPR rules and its far-reaching implications. This comprehensive course is delivered in a series of short, concise modules targeted to specific areas of the law and targeted to defined roles contained within the GDPR. Participants will learn the fundamentals of the new regulations and the key concepts behind them. By the end of this course series, learners will be able to recognize situations where the GDPR comes into play and what to do when they do encounter data that falls under GDPR regulations.

GDPR for Data Handlers

8 min | The European Union’s General Data Protection Regulation (GDPR) ushered in sweeping changes to requirements for any organization that collects, maintains, or processes the personal data of individuals residing in the EU. Compliance with the GDPR affects all our organization’s data handling activities, either directly or indirectly, and all staff whose responsibilities include use of PII will be expected to operate in accordance with the regulation’s safeguards. This course will provide employees a general awareness of the GDPR’s requirements and how they affect our day-to-day data processing activities, as well as helping them to recognize potential problems should they arise.

Navigating the GDPR with our US Partners

8 min | The European Union’s General Data Protection Regulation (GDPR) ushered in sweeping changes to requirements for any EU organization that collects, maintains, or processes the personal data of EU citizens, and exchanges of that data with organizations outside the EU will be significantly impacted. Since data transfers with the US represent a major share of these cross-border activities, this course will focus on a comparison of the differences between EU and US privacy laws, as well as exploring avenues by which EU-US information exchanges can be conducted.

GDPR Transfers of Data Outside of the EU

15 min | 15 min | This course is one of a multi-part series that covers the fundamentals of the EU’s General Data Protection Regulation, or GDPR, as well as its origins and key concepts. The GDPR contains principles for protecting the privacy of EU citizens’ personal data. Every organization, worldwide, that gathers, stores, or processes this data in any way, must comply with the strong data protections required under the GDPR. In this module, you learn how the GDPR affects our organization when transferring or receiving EU citizens’ private information outside the borders of the UK and EU.

PCI-101: PCI Essentials for Account Data Handlers and Supervisors - DSS 3.2

25 min | The Payment Card Industry (PCI) Data Security Standard is a set of security standards that were created by the major credit card companies (American Express, Discover Financial Services, JCB, MasterCard Worldwide, and Visa International) to protect customers from increasing identity theft and security breaches. Every company that accepts, processes, or stores credit card information is required to comply with these standards. This course teaches employees and supervisors what PCI DSS is, how it affects your organization and the best practices they should follow to protect cardholder data and detect and prevent fraud.

PCI-120: PCI Requirements Overview for IT Professionals - DSS 3.2

40 min |The Payment Card Industry (PCI) Data Security Standard is a set of security standards that were created by the major credit card companies (American Express, Discover Financial Services, JCB, MasterCard Worldwide, and Visa International) to protect customers from increasing identity theft and security breaches. Every company that accepts, processes, or stores credit card information is required to comply with these standards. This course teaches I.T. professionals what PCI DSS is, how it affects your organization, how to comply with the 12 requirements and the best practices that front-line staff should follow to protect cardholder data and detect and prevent fraud.

P-101: Privacy and Data Protection

30 min | Protecting customer, organization, and employee private data is not just a core organizational value, it’s the law. This HTML5-based, iPad-compatible course will help employees understand what information is private, why it is private, and what they can do to protect it throughout the data lifecycle, which is the life of a piece of information, whether in paper or digital format, from creation to destruction within an organization.

DR-101: Data and Records Retention

35 min | Data in electronic and hard copy format within organizations is growing at a rate of about 125% per year and yet only 20% of that data is actually used to conduct business. Managing all of that data can become an administrative nightmare for you and the organization as a whole. This is especially true when litigation is pending and we must sift through all of our records to find certain pieces of data. This course will help you understand how to comply with the many laws, regulations, policies, and best practices that govern how long certain kinds of data should be kept and how and when to dispose of that data properly.

Ethics & Code of Conduct for All Employees

30 min | This course targets all employees and covers the importance of an ethical culture, how to make complaints, safeguarding confidential information and intellectual property, gifts and entertainment, improper payments, conflicts of interest, respectful workplace, accurate records, and fraud and abuse.

Global Anti-Bribery & Corruption Training

35 min | Global business can present new legal and ethical challenges. This anti-bribery and corruption training course is designed to help prepare you for those by explaining anti-corruption laws and our anti-corruption policy, which prohibits bribes and improper payments of any kind.

Preventing Workplace Harassment for All Employees (Video)

35 min | In this course, employees will learn to spot and report violations of the respectful workplace policy, which prohibits including gender, ethnic background, race, color, national origin, ancestry, religion, age, disability, sexual orientation, gender identity, marital status, pregnancy, genetic information, and military.

Preventing Workplace Harassment & Discrimination for All Employees (Video)

60 min | This course will teach employees how to maintain a safe and respectful work environment by helping to spot and report violations of the respectful workplace policy, which prohibits workplace harassment and discrimination based on any protected characteristic.

Preventing Workplace Harassment for Employees (Global)

40 min | In this course, we’ll review international legal standards regarding sexual harassment and other types of workplace harassment. We’ll also look at our organization’s zero tolerance policy, which prohibits discrimination, harassment, and retaliation for opposing discriminatory employment practices.

Preventing Workplace Harassment for Employees

60 min | This course is designed to help employees understand how they can foster a positive workplace environment, comply with laws, regulations, and policies, as well as how to respond if they feel they are the target of workplace harassment based on protected characteristics.

Preventing Workplace Harassment (Standard Video)

95 min | Supervisors play an important role in ensuring policies are enforced and that all employees live up to your high standards of conduct. In this workplace harassment training video, supervisors will learn about their special role in the organization, being a role model, handling complaints, setting a positive tone and reaching out for assistance when needed.

Advanced Sexual & Workplace Harassment Prevention

25 min | This course covers advanced harassment topics in depth, such as retaliation and other types of workplace harassment based on sex, race, national origin, religion, sexual orientation, marital status, physical disability, mental disability, medical condition, and other characteristics protected by federal and state law for supervisors.

Wage & Hour for Supervisors

15 min | Supervisors have a special role in ensuring that businesses comply with applicable workplace laws. One of the most important of those laws is the Fair Labor Standards Act (FLSA), which governs working hours and wage payments. This course will help supervisors understand the law and how it applies to employees.

Wage & Hour for Employees

11 min | Employee wage and hour law is governed by a federal statute called the Fair Labor Standards Act, or FLSA for short. This course will help employees understand the law and how it applies to them.

Workplace Violence Prevention Training for Supervisors

13 min | This course will help supervisors understand the basic of workplace violence, including how to recognize risk factors and warning signs, and how to manage incidents when they occur.

Handling Complaints for Supervisors

12 min | In this course, supervisors will learn how to effectively recognize, respond to, and report workplace complaints and explore best practice methods to prevent complaints before they become a problem.

Lawful Hiring

13 min | This hiring process training course provides supervisors an overview of the hiring process, including writing an effective job description, selecting candidates, narrowing the field of candidates, interviewing, conducting background checks, and offering the job.

Conducting a Lawful Interview

13 min | In this course, employees will learn how to lawfully conduct an interview, the types of questions that can and cannot be asked, and where to go if they need assistance.

Understanding and Complying with FERPA

7 min | The Family Educational Rights & Privacy Act (FERPA) is a federal law that protects the privacy of children’s educational records. This course will help educators and school officials understand the basic requirements of FERPA and how to remain compliant when handling student records.

Diversity Training in the Workplace

7 min | Diversity makes an organization better by empowering it to: Deliver superior customer service, attract and retain talented employees, maximize productivity, maintain its reputation, and serve its community. This course will provide the foundation and background needed to foster a respectful and diverse workplace.

Preventing Workplace Discrimination

12 min | This course will help supervisors understand workplace discrimination laws, the importance of complying with those laws, and provide best practices for preventing workplace discrimination.

Workplace Bullying Training

9 min | Workplace bullying is repeated malicious conduct of one or more employees by one or more perpetrators. This course will help supervisors understand how to recognize workplace bullying, differentiate between bullying and harassment, and handle bullying complaints.

Active Shooter

15 min | Knowing the proper procedures to follow if there is an active shooter in the workplace could mean the difference between life and death. The purpose of this course is to familiarize you with the basic response practices when encountering an active shooter event, practices that will help you be prepared for and to respond to a violent emergency.

 


 

Micro Learning Mini Modules

S.H.I.E.L.D micro learning modules are short and targeted courses that can be deployed in a manner that works best for your organization. This flexibility allows you to determine whether you would like to offer employees courses that are available in an on-demand library or simply scheduled and delivered as part of your ongoing curriculum. The mini modules are perfect for allowing and encouraging employees to reference cybersecurity topics based on their needs. You may also choose to deliver micro-learnings as a monthly course in place of or in addition to our single topic trainings.

 

In-person Social Engineering

4 min | Social engineering attacks can often occur in person. In-person social engineers will use information obtained both online and offline, along with lies and manipulation, to gain access to your systems and facilities.

Social Engineering – How It Works

4 min | The more you learn about how social engineering works, the better you can defend yourself and your organization against social engineering attacks.

Online and Targeted Social Engineering

4 min | Social engineers may use both technical and non-technical methods in a “targeted attack,” aimed at select individuals. Attacks are tailored; therefore, they can be very difficult to recognize, making them an effective threat.

Social Engineering – Countermeasures and Incident Response

4 min | Understanding what to do in the event of a social engineering attack can be just as important as prevention. Utilizing effective countermeasures and incident response procedures will help you to avoid falling prey to social engineers.

Appropriate Use of Social Media

5 min | Properly used, social media can be a great asset to any organization. However, there are many pitfalls associated with using social media, especially since these sites tend to blur the lines between what’s personal and professional.

Secure Use of Social Media

4 min | Improper use of social media can also expose you to a wide range of security and privacy issues, malicious software, and scams.

Social Media Best Practices

4 min | When posting a comment, file, image, or video to social media platforms, you never know who will see it. Whatever you choose to express can be quickly copied and spread without your knowledge.

Outwitting Internet Phishers

7 min | Phishers will typically send fake emails that appear to come from someone you trust, such as a bank, credit card company, or popular website. The email may ask you to “confirm your account details” and direct you to a website that looks just like the real website, but whose sole purpose is stealing your information.

Outwitting Spear Phishers

4 min | Whereas internet phishers target a wide audience by sending fake emails to any address they can find, spear phishers target a select group, or a few individuals, with a highly tailored message. This method is much harder to counter because the email messages can seem so authentic.

An Introduction to Insider Threats

7 min | Across the globe, organizations spend countless hours working to keep sensitive data out of the hands of cybercriminals. This task has become even more difficult to manage due to an increasing number of data compromises that stem from insider threats. Internal threats can be successfully addressed using the strategies shared in this module.

Protecting Kids from Cyberbulling

4 min | Cyberbullies use electronic communications to torment others with an onslaught of teasing, humiliation, and threats with the intent to do harm. According to research, cyberbullying may be a preferred attack method due to the perceived anonymity of the internet. Help prevent cyberbullying by applying the recommendations presented in this module.

Protecting Mobile Devices and Data

4 min | Learn how smartphones and tablets are exposed to many of the same risks as desktop computers. This course provides an overview of these risks as today’s mobile devices can not only act as a phone, but also as an email client, mobile internet device, camera, GPS navigation system, entertainment console, and platform for any number of applications (apps).

Additional Best Practices for Mobile Devices

4 min | Today mobile devices are exposed to many of the same risks as desktop computers. This course provides an in-depth understanding into how today’s smartphones and tablets can not only act as a phone, but also as an email client, mobile internet device, camera, GPS navigation system, entertainment console, and platform for any number of applications (apps).

Ransomware – How to Defend Yourself

4 min | Ransomware is a type of malicious software used by hackers to encrypt files and other functions from a user until the victim pays a “ransom.” This form of cyberattack has become one of the most used and most costly threat to businesses and individuals alike.

Protecting Against Malicious Insiders

8 min | The threat is real. It’s taking place somewhere, right now. A malicious insider has decided to mount a cyberattack against your organization from the inside out. This malicious insider will stop at nothing to get the data they need to commit theft, fraud or sabotage. Protect your workplace by applying the strategies provided in this module.

The Malware Threat

5 min | Learn about how malware is used to steal information, destroy or lock users from data, or disrupt operations.

 


 

Role-Based Courses

Role-based courses ensure training is relevant to all employees. These courses are specifically geared to those who are in positions that provide high level access to data and information, therefore making them a prime target of cybercriminals. Ensure your Managers, Executives, and/or IT Professionals gain a deeper understanding of their unique role in keeping the organization secure and are well prepared to address cybersecurity concerns.

 

Security Awareness for Managers

30 min | Reduce organizational risk, increase productivity and comply with policies, laws and regulations by increasing you and your employees’ knowledge of security awareness.

Information Security for Executives

14 min | Cybercriminals use focused and sophisticated attacks to target C-level executives, upper management, and those with privileged access to an organization’s systems. They are out to steal money, personal /credit info of clients and customers as well as intellectual property and other assets from organizations across the globe.

Privileged User Security

20 min | Hackers and cybercriminals specifically target privileged users. Learn about security best practices to defend against hackers.

Baseline Information Security Training for IT Professionals

60 min | This course is designed to provide fundamental information security knowledge that every employee in the IT Department must have in any organization. This course is easily customized to fit your particular policies, procedures, best practices & guidelines.

Introduction to the OWASP Top 10

20 min | The Open Web Application Security Project (OWASP) is a global community focused on improving the security of web application software. The OWASP Top Ten list is highly respected and has been adopted by, among other organizations, the Payment Card Industry (PCI) Security Standards Council.