Awareness Training

Don't let an unintentional misstep made by one user put your entire organization at risk.

Security Training

Cocoon’s Cyber Security Awareness Training ensures that everyone in your organization understands the potential threats, consequences, and responsibilities for following established security guidelines and procedures. Our awareness training includes two essential components: security training and active engagement.

Security Training

Cocoon's security training is one of your cyber security program’s most valuable assets. It provides employees with the knowledge required to maintain your organization's security and remain vigilant against potential threats.

Using a combination of practical techniques, our security training teaches staff how best to protect the organization from phishing attacks and other cyber threats.

Active Engagement

When people get busy or experience changes to routines or workflows, trained practices and procedures can be overlooked or forgotten. Active Engagement ensures previously learned lessons remain top of mind.

Unlike the security training component, active engagement doesn't focus on providing new material. Instead, it uses a variety of activities and tools such as posters, videos, and email messages to keep security in focus for those who have already learned the core lessons.

About Awareness Training


Cyber Security Training Methods

Cocoon’s cyber security training programs use various methods to deliver critical information in ways that foster a culture of cyber awareness and accountability. These methods include webinars, employee orientations and online training courses.

  1. Webinars - provide the most up-to-date security course material engagingly and practically.

  2. Employee orientations - materials delivered by human resources during onboarding set responsibilities and expectations before staff members start new responsibilities.

  3. Online training courses - provide opportunities for remote training in a virtual course environment.

Whatever methods you would like to use, the goal is to impart security knowledge that employees can continuously apply while on the job.

Simulated Phishing Attacks

In addition to providing cyber security training, Cocoon's Awareness Training helps measure the retention of training materials by conducting simulated phishing attacks.

During simulations, users receive fake phishing campaigns in their inboxes. If they click on the links or reply to the email, they are directed to training materials that warn them of the dangers of phishing and are provided with guidance on how not to fall victim to an actual social engineering attack.

Back-end reporting allows your security professionals to gauge the effectiveness of the training by measuring the percentage of users who fall victim to the simulated attack.


Designated Security Champions

Security champions can become a powerful tool for spreading and maintaining cyber security awareness throughout the organization.

Organizations may choose to designate security champions in various business units. These champions are trained by Cocoon on how to educate their peers about cyber security while providing leadership to their team. This approach is often very effective because people are often more willing to listen to a message from someone they know and trust.

Roles-based Training

In addition to general cyber security training, Cocoon also provides customize training to meet specific role-based requirements.

For example, we do training for:

  • IT staff who need specialized skills to implement security controls.
  • Employees handling credit card information who require training on PCI DSS requirements.
  • Human resources team members who need to comply with HIPPA and PIPEDA rules when managing personal information.

Managers can further customize each user's training by choosing modules most relevant to their organization's security and regulatory environment.


Training Frequency

As employee availability can differ from one organization to the next, we work with your management to determine the frequency of training efforts that will yield the best results.

The most value from training comes by creating a balance between the time required to conduct training and the benefit of reminding users of their responsibilities.

One approach we recommend is:

  1. Employees should complete an initial training whenever they join the organization or assume new job responsibilities.

  2. Provide a five minute or less micro-training on individual topics during regular meetings throughout the year.

You can then supplement this with individualized security awareness sessions delivered direct to employees that keeps this material fresh and top of mind.

Keeping Content Current and Relevant

Cocoon keeps security training materials up to date to ensure that content remains current and relevant, and we measure the effectiveness of the material in context of the goals of your organization.


Request More Information

“Keeping security top-of-mind throughout the organization is the single best thing you can do to protect against cyber threats.”
~Matt Edwards