Security

Awareness
Training Course
 Introduction
Security Awareness

It is the knowledge, attitude, and behavior that

one needs to possess to protect an
organization's assets, information, and
personnel from many threats.

It includes understanding the various risks

and vulnerabilities impacting an
organization and taking appropriate steps
to mitigate them across different security
domains.
 Module 1
The Importance of Comprehensive Security Awareness
Potential threats to organizations are
growing in number and sophistication.

Comprehensive Security Awareness is

our weapon against these threats.

It ensures that all stakeholders,

including employees, are well-informed
about possible risks, enabling them to
contribute to the organization's overall
security actively.

This proactive approach minimizes the

likelihood of security incidents and
reduces their impact.
 Common Threats and Vulnerabilities

Understanding and mitigating

various threats and
vulnerabilities is essential in our
interconnected global
environment.

These threats can range from

cyber-attacks, social
engineering, and physical
security breaches to natural
disasters, health and safety, and
man-made hazards.
 Operating in an Authoritarian Regime
Authoritarian regimes present unique security challenges due to stringent state
control, limited freedom of speech, and high surveillance levels. Here are vital
considerations for operating in such environments:

1. Understanding the Legal Landscape: Understand

the laws regarding permissible speech and
publications.
2. Physical Surveillance: Be aware of potential
physical surveillance and employ counter-
surveillance techniques.
3. Digital Surveillance: Use encrypted communication
tools, VPNs, and secure devices to safeguard
against digital surveillance.
4. Source Protection: Protect your sources diligently
using secure communication channels.
5. Censorship: Prepare for potential censorship and
consider alternative methods to disseminate
information.
 Module 2
Types of Security Threats

Cyber Threats: These include phishing attacks, malware, and

ransomware, aimed at compromising digital systems and data.
Social Engineering: Manipulation techniques used to extract
confidential information or breach security procedures.
Insider Threats: Risks originating from within the organization,
intentionally or unintentionally.
Physical Security Breaches: Unauthorized access, theft,
vandalism, causing physical harm to an organization's assets.
Natural Disasters and Emergencies: Disruptions that can cause
physical damage and affect normal operations.
Health and Safety Hazards: Threats to personnel safety
and operational effectiveness.
Man-Made Hazards: Events caused by human activities,
such as industrial accidents, chemical or biological
hazards, and cyber-attack.
War and Conflict: This can lead to a host of security
threats, including physical danger due to violence, cyber
threats due to increased espionage and information
warfare, and infrastructure threats due to damage to
critical systems and services.
Terrorism: Is a multifaceted security threat. It can
manifest as physical violence, cyberattacks on critical
infrastructure, or even psychological warfare.
 Module 3
Personal Security Best Practices for Enhanced
Protection Against Threats

Physical personal security refers to the measures one takes to ensure

their physical safety. This can range from basic precautions such as
locking doors and windows and avoiding dangerous areas or
situations, to more advanced tactics like self-defense training or
carrying personal safety devices.
 Awareness
Home Security
Be aware of your
surroundings Basic measures like locking doors
and windows, installing alarm
systems, and possibly security
cameras

Personal Safety Devices

Safety devices can help
deter potential attackers Self-defense Training
Learning basic self-defense can
provide confidence and potentially
lifesaving skills
 Personal Security in the Digital Domain
As our lives increasingly shift online, digital personal security becomes more important.
This involves protecting personal information and taking steps to prevent cyber threats.

Strong, Unique Passwords: Use strong, unique passwords for

every online account and change them regularly.

Two-factor Authentication (2FA): Use 2FA whenever possible.

This adds an extra layer of security by requiring two forms of
identification before granting access to an account.

Secure Networks: Only connect to secure, trusted Wi-Fi

networks. Public Wi-Fi can be a haven for hackers.

Software Updates: Keep all software, including antivirus

software, up-to-date to protect against the latest threats.

Beware of Phishing Attempts: Be careful when opening emails

from unknown sources and never give out personal
information unless you're sure the request is legitimate.
 Travel Security
When traveling, personal security involves being aware of the specific threats in the area
you're visiting and taking steps to mitigate them.

Research: Before traveling, research your destination to

understand the local customs, laws, and potential
threats.
Secure Your Belongings: Keep your personal belongings
secure at all times. This can mean using a hotel safe for
valuables or keeping your wallet in a front pocket.
Emergency Contacts: Always have a list of emergency
contacts, including the local embassy if you're traveling
abroad.
Travel Insurance: It's wise to have travel insurance that
covers theft, loss, and medical emergencies.
 Module 4
Security in Different Places
At Home At Work
This might involve locks on Physical security might also
doors and windows, a include access control
home security system, systems, security personnel,
outdoor lighting to deter visitor management
intruders, and secure procedures, and secure areas
storage for valuable for sensitive documents or
items. valuable equipment.

Physical security refers to measures designed to protect buildings and

property from damage or unauthorized access. This includes security
measures such as locks, security systems, surveillance cameras, security
personnel, and policies that restrict access to certain areas.
Follow Safety Procedures: Following access control procedures and wearing
identification badges when required. Every workplace should have safety
procedures in place. It's important to follow these at all times.

Report Unsafe Conditions: Report suspicious activities, no matter how trivial it

may appear, if you spot something that could potentially be dangerous, report
it to your supervisor or HR immediately.

Ergonomics: Ensure your workspace is set up to prevent strain or injury. This

can mean adjusting your chair and desk or using a headset for phone calls.
Respectful Workplace Culture:
Employers should promote a respectful
and inclusive workplace culture. This
can include training employees on
harassment prevention, fostering open
communication, and addressing any
incidents promptly and effectively.

Clean Desk Policy: Securing sensitive

documents and disposing of them
properly when no longer needed. Locking
your computer screen when stepping
away from your workstation.

Training: Participating in a security

training course and staying informed
about current threats.
Family Security Awareness

Involves educating all family members about potential

threats and how to mitigate them. This includes both
physical threats, such as how to secure the home and
personal safety tips, and digital threats, such as how to
recognize phishing attempts, the importance of strong
passwords, and safe internet browsing practices.

It's important to have regular discussions about safety

and security with all family members, including
children.

This same concept extends to the workplace, where

educating all employees about potential threats and
safety procedures is a critical component of a
comprehensive security strategy.
 Module 5
Online Security
Best practices to safeguard your digital assets and Personal Identifiable
Information (PII) against cyber threats.

Password Management and Secure Browsing Practices:

1. Create robust, unique passwords for each of your accounts

and enable Multi-Factor Authentication (MFA) wherever
possible.
2. Keep your web browser and Operating System (OS) up-to-
date to leverage the latest security patches.
3. Avoid clicking on suspicious links or downloading files
from unverified sources.
4. Utilize a Virtual Private Network (VPN) while using public
Wi-Fi networks to ensure a secure connection.
 Email and Social Media Security

Exercise caution while opening emails or

attachments from unknown or dubious
sources;

Report any potential phishing emails to your IT

department.

Limit sharing PII on social media platforms;

routinely review and adjust your privacy
settings.

Be discerning when accepting friend or

connection requests from unfamiliar
individuals.
Device Protection and Data Backup Strategies

Regularly update the software and OS on your

devices.

Install and consistently update antivirus (AV)

and anti-malware software to defend against
malicious programs.

Consider encrypting your devices and

enabling remote wipe capabilities, if available,
for added protection.

Frequently back up your data to mitigate data

loss risks from accidental deletion or
cyberattacks.
Acess The Here: