Step 4: Social Engineering and Awareness Training

Social Engineering and Awareness Training

+ 2 Resiliency Points


Skill Level: Self or IT Admin
Cost: Free, up to $10 per user/per month
Time: 5 Hours to set up


Training that teaches the end user (any employee) how to act and defend against attacks is called end user awareness training. This can be done in a multitude of ways. Most common are videos, quizzes, and exercises. The most effective type of cyber defense for end user training is a combination of videos and exercises, but additionally, testing employee’s knowledge.


Everyone is taught what to do in a fire drill. And we’re taught what to do if our clothes catch on fire: stop, drop, and roll. These steps come second nature to us. This is how it should be for cybersecurity incidents. Users should be trained to know when someone is trying to social engineer them to give up company information, just as one should know how to calmly exit the building when the fire alarm goes off.


Companies such as Living Security and Wizer have different ways that end users can be taught (sample at right). They both include interactive videos and exercises to help employees practice. Explore their options and decide which best fits your organization.

Links to the company’s websites:

© 2021 Online Training Concepts – All Rights Reserved