Information Security Training Course
Empowering your staff to protect data, minimize risk, and seamlessly integrate best practices into their daily responsibilities
Information Security Course Description
Information Security Awareness training is designed to provide all employees who have access to your organization’s computer systems and networks with the awareness and motivation to protect and reduce the risk associated with managing sensitive information.
- Target Audience: All faculty/staff
- Course Length: 8-12 minutes/module; total: 250 minutes
InfoSec Awareness Course Learning Objectives
CampusGuard’s information security awareness course provides training on a variety of topics, including email security, social engineering, phishing, data classification, remote work, password security, and more.
With flexible micro-modules, organizations can select modules to deploy to staff throughout the year, keeping cybersecurity top of mind.
Real-world scenarios and case studies are utilized to reinforce best practices and provide relevant guidance that staff can implement in both their professional and personal roles.
Information Security Awareness Course Modules
Our Information Security course is designed with micro-learning modules, making the content easier to retain. You can choose to launch the training all at once or roll it out throughout the year to fit your team’s schedule.
-
An Introduction
This module will discuss what information security is and why it is important to everyone. Training is designed to provide all employees who have access to your organization’s computer systems and networks with the awareness and motivation to protect and reduce the risk associated with managing sensitive information. -
Data Classification
This module will discuss the classification of sensitive data types and various security and compliance requirements that organizations are responsible for adhering to. -
Social Engineering
Statistics continue to indicate that a lack of awareness among employees is the biggest risk facing information security today. This module will review common social engineering attacks so users can more easily identify and protect their organization against potential attacks. Phishing is a major focus of the training, with an included sample email with warning indicators highlighted. -
Email Security
This module discusses email best practices along with prevention strategies for identifying and avoiding potential risks including spam messages, malicious attachments, and email hoaxes. -
Password Management
This module teaches staff how to create and select strong passwords to help prevent unauthorized access to systems and information. -
Remote Work Environments
This module primarily focuses on remote work environments and understanding the risks and best practices for keeping data and devices secure when operating outside of the corporate environment. -
Incident Management
Incident management describes the activities of the organization to identify, analyze, and remediate a potential incident or compromise. This module teaches staff about the importance of identifying and reporting suspicious incidents. -
Internal Controls
Internal controls include all of the policies and procedures an organization uses to safeguard assets, ensure reliability and integrity of information, ensure compliance, promote efficient and effective operations, and accomplish operational goals and objectives. This module will review why just having policies in place for acceptable usage, least privilege, etc., is not sufficient alone, and why it is important that all users adhere to them. -
Security Components
Technical solutions to address security continue to evolve, and new products and versions are being released daily. This module discusses common components used to secure devices and networks, including firewalls, intrusion detection systems, vulnerability scanning, anti-virus software, encryption, and multi-factor authentication. -
Physical Security
If physical access to sensitive information and/or systems is not restricted, unauthorized individuals could easily get their hands on this sensitive data. This module provides best practices for physically securing your environment, and basic steps for information storage and disposal are covered in this module. -
Cyber Crime
This module reviews some of the most common risks and threats to information systems, like malware, viruses, advanced persistent threats, bots, ransomware, crypto-jacking, and more. -
Internet Usage
This module reviews the importance of using common sense and following information security best practices when accessing the Internet. -
Security at Home
It is important for employees to understand the importance of protecting their home network and ensuring the right tools are in place before accessing organizational resources. This module also reviews best practices for connecting to networks, installing applications, social networking, and more. -
Data Breaches and Compromises
With data breaches continuing to increase, it is critical that organizations understand where the desirable data lives, what the risks are, and limit the risks as much as possible. This module will review some of the weaknesses identified in recent breaches and the average cost of a data breach. -
Third-Party Risks
While outsourcing services is chosen for a number of reasons, including increased efficiency, decreased cost, or a lack of internal resources, it doesn’t come without risk. This module reviews why it is critical to properly evaluate third-party vendors, understand responsibilities, and implement a program to monitor their compliance on an ongoing basis. -
Travel Security
Traveling can pose a significant risk to information stored on or accessible through laptops, tablets, and smartphones. This module reviews steps to protect employee devices and sensitive information before and during potencial business travel. -
Artificial Intelligence (AI) Security
AI, or Artificial Intelligence, if used appropriately, can be a valuable business tool. Applications can be used to automate tasks, analyze data, generate reports, and even detect fraud. However, before any AI applications are implemented for organizational use, it is important to understand any associated security risks. This module provides users with an understanding of AI and its usage and discusses requirements to ensure AI is used in a way that aligns with industry best practices, privacy and consumer protection regulations, and organizational policies and procedures. -
Help Desk Security
Help desks have become a common point of entry for hackers attempting to gain access to organizational systems and/or data. This module provides users with an understanding of social engineering risks targeted at help desk staff, necessary processes for verification of callers, incident reporting and response, how to monitor help desk calls, and best practices for new system updates and/or applications. -
Managing AI Risks
As the usage of Artificial Intelligence tools increases, cybercriminals are taking advantage of available tools and exploiting the technology to create sophisticated cyberattacks. This module explores some of the more prevalent AI-powered cybersecurity threats and shares guidance on how to detect potential risks and protect your organization. -
Identity Theft
Identity theft is a crime that involves the use of a victim’s personally identifiable information for fraudulent activities or financial gain. This module reviews common identity theft tactics, as well as best practices for identifying and preventing fraud. -
Insider Threats
Internal attacks by disgruntled, temporary, or ex-employees pose a risk due to their access to and knowledge of an organization’s sensitive information. This module provides best practices for identifying, detecting, and preventing insider threats. -
Cryptocurrency Scams
Cryptocurrency is a type of digital currency that generally exists only electronically or online. This module provides end users with a basic understanding of the cryptocurrency ecosystem, common risks and vulnerabilities, and tools for securing their digital assets. -
Database and System Administrator
Database and System Administrator training ensures administrators are aware of the major cybersecurity risks to critical systems and data, and of best practices to ensure the integrity, security, and availability of those systems. This module builds on the overall security awareness curriculum, provides administrators with basic security requirements, and outlines responsibilities for protecting systems that store, process, and transmit organizational data. -
Web and Application Developer
Application Developer training is intended to ensure developers are aware of the basics of application security, including the vocabulary, the business requirements for application security, common application security pitfalls, and the existence of secure design and development techniques. This training leverages the Open Web Application Security Project (OWASP) Top Ten list to ensure developers are aware of common application security risks.
Explore our other courses
Explore our full course library to find training that fits your needs, from security awareness and compliance essentials to specialized topics designed to support your role and responsibilities. Whether you’re looking to strengthen your cybersecurity posture, stay up to date with industry regulations, or broaden your knowledge, we’ve got you covered.
The Latest InfoSec Awareness Course Updates
- Managing AI Risks
- Identity Theft
- Insider Threats
- Cryptocurrency Risks
- Database/System Administrator
- Web/Application Development
Access Our Resource Library and Threat Intel News
All InfoSec Awareness Course users also have access to our Resource Library, which offers supplemental materials that support the course content.
Our Threat Intel Briefing newsletter is sent directly to your inbox twice a month, and features the latest cyber threats, cyber crimes, and vulnerabilities happening now around the globe.
Related Products and Services
Information Security Awareness Articles
6 Common Myths About Security Awareness Training
Despite evolving cyber threats, many organizations underestimate the value of security awareness training. Learn six myths about security awareness training.
Common Pitfalls of Security Awareness Training
Many organizations struggle to make security awareness training engaging. Here are common pitfalls and ways to improve training effectiveness.
6 Reasons to Offer Security Awareness Training
Security awareness training is crucial to any organization’s data security program. Learn six reasons your company should offer it!
University InfoSec Training: Is It Effective?
A recent EDUCAUSE poll identified the needs and challenges higher education institutions are facing with their security awareness training programs. Learn how CampusGuard’s hands-on approach helps higher ed institutions make their Security Awareness Training program successful and impactful.
Leadership’s Critical Role in Security Awareness
Learn effective methods to engage leadership to actively promote security awareness within an organization to help develop a strong security culture.
Creating a Workforce that Protects Data & Reduces Risk
CampusGuard’s InfoSec Awareness course guides your staff in how to securely access resources, safeguard data, and report suspicious activity to keep your organization safe.
InfoSec Awareness Frequently Asked Questions
Cyberattacks are increasing across all industries, and employees are the first line of defense. Training helps you recognize risks like phishing, social engineering, and data breaches.
Most organizations require training annually, though some may require refresher modules throughout the year.
All employees, contractors, and sometimes third-party vendors with access to company systems or data must complete it.
By reducing human error, one of the leading causes of data breaches, training helps safeguard sensitive data, maintain compliance, and prevent costly cyber incidents.
Yes. Topics like clean desk policy, locking your computer, and preventing tailgating are included to protect both digital and physical assets.