What Training & Awareness Includes

We build your program around four key elements:

1. Phishing Simulations & Coaching

Realistic tests, respectful feedback.

Email is still the #1 way attackers get in. We help you harden that channel with:

• Safe, simulated phishing campaigns tailored to your industry and roles.
• A mix of scenarios (fake invoices, HR messages, cloud login prompts, MFA stealers, etc.).
• Immediate, just-in-time coaching for people who click or enter credentials.
• Trend reporting that shows improvement over time—not just “gotcha” stats.

We design simulations to teach, not embarrass. The goal is to build confidence and critical thinking, not fear.

2. Security Fundamentals for All Staff

Plain-language training that sticks.

We deliver core awareness training that covers what every employee needs to know:

• Spotting phishing, social engineering, and business email compromise.
• Strong passwords, passphrases, and multi-factor authentication (MFA).
• Safe use of email, file sharing, and cloud tools (especially Microsoft 365).
• Handling sensitive information—customer data, financials, HR records.
• Working securely from home, on the road, and on personal devices (BYOD).
• What to do—and who to tell—if something seems suspicious.

We can deliver this as:

• Live sessions (virtual or on-site in Manitoba).
• Short, focused modules that fit into busy schedules.
• Refreshers scheduled throughout the year so the message doesn’t fade.

3. Role-Based & Executive Training

Different roles, different responsibilities.

Not everyone needs the same depth. We create targeted content for:

• Executives & owners
• Business impacts of cyber incidents
• Legal, regulatory, and reputational considerations
• How to ask the right questions of IT and vendors
• What leadership should do during an incident
• Managers & supervisors
• Handling access for joiners/movers/leavers
• Approving exceptions, elevated access, and new tools
• Escalating issues quickly and clearly
• IT and power users
• Secure configuration basics
• Handling admin credentials
• Responding to alerts and user reports
• Working with Prairie Cyber Security during incidents

This keeps training relevant and makes it clear who is accountable for what.

4. Policy, Process & “Everyday Security” Support

Make it easy to do the right thing.

Training works best when it’s backed by clear, simple guidance. We can help you:

• Turn formal security policies into one-page guides, checklists, and FAQs.
• Create “how to” micro-guides: reporting suspicious emails, safe file sharing, travelling with devices, etc.
• Build simple onboarding and offboarding checklists so new staff start secure and leavers don’t retain access.
• Prepare playbooks for common scenarios: lost laptop, suspected phishing, unusual login alerts.

The result: your people know what’s expected and how to do it.

How We Deliver the Program

We design Training & Awareness to be ongoing, measurable, and low-friction:

1. Baseline & Planning

• Review recent incidents, risk areas, and staff roles.
• Look at your existing policies and tools.
• Agree on goals (e.g., reduce phishing clicks, improve reporting, satisfy customer or compliance requirements).

1. Program Design

• Choose training formats (live, online, hybrid).
• Set cadence for simulations and refreshers (monthly, quarterly, etc.).
• Define metrics and reporting that leadership will see.

1. Rollout & Engagement

• Launch an initial campaign and core training.
• Provide communication templates for leadership to endorse the program.
• Offer Q&A time so staff can raise real concerns and scenarios.

1. Measure, Report & Improve

• Regular reports: phishing results, completion rates, knowledge gaps.
• Adjust scenarios and content based on what we’re seeing.
• Feed insights back into your Security Assessments, Managed Protection, and vCISO roadmap.

What Your Organization Gains

With a well-run Training & Awareness program, you can expect:

• Fewer successful phishing attacks and credential theft incidents.
• Earlier reporting of suspicious activity—before it becomes a crisis.
• More confident staff who know what to do instead of freezing or hiding mistakes.
• Better alignment with customers, auditors, and insurers who expect regular security awareness efforts.
• A visible, demonstrable step toward a security-minded culture, not just security tools.

Built for Prairie SMBs

This service is designed for:

• Small and mid-sized businesses that need training but can’t build a full program from scratch.
• Organizations with remote or hybrid teams that rely heavily on cloud and email.
• Leaders under pressure from customers, boards, or regulators to show that staff are trained on cyber risk.

We keep the tone practical, respectful, and grounded in how people actually work—no scare tactics, no unrealistic expectations.

Make Your People Part of the Solution

Technology alone can’t stop every attack. Your people are the difference between a near-miss and a serious incident.

Book a Training & Awareness conversation to:

• Review your current training efforts (if any)
• Identify quick wins and high-risk groups
• Design a right-sized program with clear goals and reporting

So you can move from “we sent a slide deck once” to a living, breathing security culture that protects your business every day.