Български
End-user Integrated Security
Traffic Security
Integrated data security
Implementation, management and development
On-premise
Hybrid
CloudIncrease security by personalized training from top security experts!
LIREX Security Awareness training help you achieve:
Strengthening the most common cybersecurity vulnerability – the employees
Increasing employees’ confidence and productivity in the digital world.
Compliance with standards such as ISO 27001, PCI-DSS, GDPR
Personalization – LIREX has many years of experience in conducting personalized security awareness training for security experts and all other employees
Did you know that:
24% of data breaches are caused by human error
Employee or contractor negligence is responsible for two out of three insider threat incidents
92.4% of malware is delivered via email
48% of malicious email attachments are Microsoft Office files
Security awareness training by LIREX
Many cyber security problems can be prevented by increasing the information security awareness of all employees in the organization along with advanced training for the security teams.
Employees’ security competencies and knowledge are very important aspects of information security management. Still, it is often overlooked.
We understand what the threats of low security awareness levels among employees are. And also, that the human is the weakest point in the security chain. Thus, LIREX develops and offers quality training for staff and the information security teams.
Based upon many years of experience in the field of information security, LIREX customizes the training and exercises to the needs and requirements of the two main groups of employees – security experts and all other employees with access to the organization’s information resources.
Employee training
Trainings are tailored to the specific needs, and may consist of the following main topics, but are not limited to:
Physical security
The training aims to introduce basic principles, mechanisms and controls that users must follow in order to increase physical security. This may include the use of access cards, requirements for locking rooms with a special access mode, accompanying external visitors and their correct identification, etc.
“You are the target” (introductory training on information security threats)
The end-users will understand that, intentionally or not, they are under constant attack by cybercriminals seeking to steal and/or misuse personal data and information. The aim is to acquaint employees with the potential risks and give them guidelines on how to avoid them.
Malware protection
The training introduces common types of malicious code distributed on the World Wide Web and the ways to protect ourselves against attacks using such codes.
Strong passwords and password protection
Which passwords are strong and what mechanisms should be used for their protection.
Social network security
Social networks are designed to reach a huge number of users and as much information as possible related to them, which gives entrance to many cyber attacks. The training introduces basic methods of protection when using social networks.
Messaging security (Email + IM)
Being one of the main means of communication, e-mail and instant messaging (chats) are often used by hackers to reach their victims and attack them. The training increases the users’ awareness and vigilance when exchanging electronic messages in order to increase security.
Security of mobile devices – personal and business
The training presents various techniques, mechanisms and means of mobile device protection.
Browser Security
As one of the main methods for users to interact with the World Wide Web, browsers are also one of the main potential vectors of attack that cybercriminals use. The training introduces basic techniques and mechanisms for the protection and enhancing browser security.
Security incidents identification and reporting
No matter how protected an environment is, security incidents occur. The training aims to increase users’ knowledge of how to recognize security incidents, how to report them and what measures to take to process them.
Social engineering
This training shows what social engineering is and how it works. The aim is to introduce users to various techniques for preventing attacks using social engineering.
Cryptographic mechanisms
Training presents in an understandable way what cryptography is and what it is mainly used for. It shows how any user could use it in their daily lives and describes the advantages of information and data protection.
Specialized training for security teams
In addition to employees’ training, LIREX also offers advanced training for the expert staff responsible for corporate information security. These employees could be security officers, members of security incident response teams, etc.
We prepare the training individually for each customer depending on their needs and focus it on improving the incident response and action, in order to expand security officers’ knowledge, achieve the most adequate response, eliminate the threat and introduce protective measures.
During the training, we simulate different scenarios and include practical exercises for a better understanding of the presented information.
To determine the current level of employees’ awareness about information security threats, LIREX experts have many years of experience in conducting Phishing tests as well.