Security Awareness Training - Social Engineering

Security Awareness Training – Social Engineering

March 18, 2025

Join us for an essential Security Awareness Training session focused on Social Engineering. In this session, we delve into the critical importance of cybersecurity awareness and how you, as an individual, serve as the first line of defense against cyber threats.

Key Topics Covered:

The Cost of a Data Breach: Understand the financial and reputational impact of data breaches, with the global average cost reaching $4.88 million USD in 2024.

Real-World Example: Learn from the Change Healthcare Breach of 2024, the largest in U.S. history, affecting 100 million people, and discover how compromised credentials and lack of multi-factor authentication (MFA) led to a $2.87 million loss.

Social Engineering Tactics: Explore how attackers exploit human tendencies like trust, fear, and curiosity through phishing, smishing, and vishing attacks. Did you know that 98% of cyberattacks use social engineering tactics?

Red Flags to Watch For: Learn how to spot phishing emails, smishing texts, and vishing calls by identifying common red flags such as generic greetings, urgent tones, unexpected links, and requests for sensitive information.

What to Do if You’re Targeted: Gain practical steps to take if you encounter a phishing email, smishing text, or vishing call, including how to report suspicious messages and protect your information.

What to Do if You’ve Been Scammed: If you fall victim to a scam, don’t panic! We provide clear guidance on how to respond, including disconnecting your devices, contacting technical support, and reporting the incident to authorities like the FBI and CISA.

Cybersecurity is not just an IT issue—it’s everyone’s responsibility. Whether you’re an employee, business owner, parent, or senior, this training is designed to equip you with the knowledge to reduce cybersecurity risks and protect yourself and your organization.

Why This Matters:

Remember: Technology alone cannot protect you. Training is a must to stay ahead of evolving threats. Watch this session to strengthen your cybersecurity awareness and become a more informed and vigilant defender against social engineering attacks.

Stay safe, stay aware, and remember—YOU are the first line of defense!

Mastering Multi-Framework Compliance: Strategies for Efficiency & Growth

Compliance, Events

Aligning with multiple cybersecurity frameworks is rarely a clean, linear process—especially when your first framework wasn’t chosen with the fifth in mind. As your organization matures, how do you avoid inefficiencies, stay compliant, and ensure a streamlined approach across frameworks? In this session, we’ll explore strategies to create efficiencies, manage overlaps, and prevent compliance gaps […]

Where Compliance Meets Security: Doing Both the Right Way

Compliance, Cybersecurity, Events, GRC

Compliance and cybersecurity are often seen as separate priorities—but the truth is, good compliance reduces risk when done right. So how do you effectively integrate both for a stronger security posture? In this session, we’ll break down the intersection of compliance and cybersecurity, share best practices, and walk through real-world examples of organizations that have […]

A Practical Approach to Choosing the Right GRC Tool

Compliance, Cybersecurity, Events, GRC, GRC SaaS

With countless GRC tools on the market, how do you know which one is the right fit for your organization? The wrong choice can lead to wasted resources and unmet security goals. In this session, we’ll walk through real-world cases, breaking down why specific tools were chosen and how they were successfully implemented. You’ll learn […]

Building Customer Trust in the Digital Age: Evolution, Importance, and Observations from the Field

GRC

In today’s digital age, customer trust is more crucial than ever. Join us as we explore the evolution of customer trust, highlighting its importance in building strong customer relationships. We’ll delve into how trust became so important and some of the pivotal moments that shaped its current state. Looking ahead, we’ll discuss emerging trends and […]

What Operationalized GRC Actually Looks Like: From Silos to Systems

Cybersecurity, GRC, Other, Top Posts

Many organizations believe their GRC program is operational because audits are passing and tools are in place. In reality, operationalized GRC behaves very differently. Risk has clear ownership. Information flows across teams. Gaps surface early instead of being hidden. In this session, Cheri Hotman and Peter Spier walk through what an operationalized GRC program actually […]

Why Maturity Matters: Overcoming GRC Cognitive Overload with the Maturity Model

Events, GRC, Top Posts

Please join Kayne McGladrey, author of the GRC Maturity Model and Cheri Hotman as they explore the GRC (Governance, Risk, and Compliance) Maturity Model, a powerful tool for organizations to assess and enhance their cybersecurity practices. Achieving maturity in GRC is crucial for navigating complex regulatory landscapes and boosting overall effectiveness. Through self-assessments, organizations can […]

The Danger of the Perfect Audit

Cybersecurity, GRC, Other, Top Posts

Most companies accept audit reports at face value. Green checkboxes across the board, zero findings, everything conforming. That sounds like good news. It isn't. In this session, Cheri Hotman is joined by Tanya Wade, Brittany Schroeder, and Ja'Kayla Lovelace to do something different: pull up a real (fully anonymized) HIPAA compliance audit report and walk […]

Real Life GRC Horror Stories: Top Mistakes Haunting Your Program

Other

Just in time for Halloween, we’re pulling back the curtain on the Top 10 GRC Nightmares plaguing organizations today. From programs that only exist to “pass the audit,” to treating compliance as a checkbox exercise, these haunting mistakes can leave your organization more vulnerable than you realize. In this session, we’ll identify the most common […]