Our team of security training experts will work with you to provide the security awareness training services you need at a price to fit your budget

Get a Quote


Training Principles

"Changing Employee Behavior From The Unpredictable To The Secure!"

The CFISA course is a unique approach to security awareness training, blending security best practices and customer-specific security policies with behavioral psychology, compelling storytelling, and rich interactive media.

Our training focuses on ways to improve employee security awareness and related behavior so that security policies are understood and embraced. The lessons will address the security challenges that are relevant to your environment including the risk associated to non-compliance of policies and the insider threat threat.

All lessons provide common sense explanations of the reasons behind the policies and procedures, increasing employee buy-in.

The course is based on five fundamental principles:

  1. In order for security awareness to work, ideally most or all of the time, “thinking security” must become instinctive, and as second nature as being polite to customers.
  2. In order for employees to start behaving securely, their current behavior must be modified or security rules will never work.
  3. For behavior to become instinctive employees must change their attitude to and perception of both the challenge and the outcome.
  4. In order to modify security behavior, employees must feel a relevant, personal, and direct connection to the outcome.
  5. Training must be packaged properly to achieve that outcome.

We believe that employee security awareness continues to fail for the following reasons:

  • Most organizations still don’t have a culture of security, or "security saturation," thus leaving awareness training to survive in isolation.
  • Training is rarely frequent enough to have any effect on behavioral change.
  • Trainers usually focus on enforcing rules, not changing behavior.
  • Most security trainers are poor and unconvincing communicators.

How we apply these principles:

The first part of the course focuses on the behavior challenges; helping employees make a personal connection with cybercrime and workplace security; understanding who commits these crimes and what their motives are; understanding why exploiting predictable employee behavior is critical to committing these crimes; and why modifying personal behavior can be so powerful in preventing these crimes.

The second part of the course then focuses on the rules, and how they contribute to behavioral change and better workplace security. It addresses all the key security vulnerabilities, including web and e-mail use, passwords, data classification and protection, social engineering, preventing computer viruses and spam, security outside the office, personal workspace security, acceptable use of electronic resources and more.


Partners and Past Clients

Partial list of some of our partners and past clients

TravelportLogozipcarca dcaFrancis Marion UniversityOCCUMedEval


"I really enjoyed the fact that this training covered both business and personal practices."

- Mary, Boston

"The online training was pleasantly straightforward and easy to comprehend."

- Steve, Miami

"I felt very engaged in the training. The information was relevant and interesting."

- Tony, Los Angeles

“The training was actually quite interesting, informative and worthwhile."

- University Services Employee

"This training will help me to protect my family at home, and I like that!"

- State Government Employee

"The online training was straightforward and easy to understand."

-Financial Services Employee

"Now that I understand why we have these rules, I will be more likely to follow them.”

- Credit Union Employee

“After taking the training, I have a much better understanding of why these rules are so important.”

- Internet Sales Employee

Log in