Engaging Your Top-Level in Your Security Awareness Training Program
For any program to be most effective, it is vital your board and top-level associates are involved and engaged with the process.
Though not essential, we highly recommend sending this email (or a similar one) to your top-level associates (C-Level employees, Managing Directors, Directors of IT, etc...) before you send out your initial baseline phishing test. In doing this, your top-level associates are prepared and will be able to answer any questions they may receive from others and in turn they may have questions they wish to ask of you before the baseline test is conducted.
Depending on the level of security awareness you have opted your organisation in for, you may wish to edit the bold text within brackets. (The examples used are based on our High Awareness security plan)
As you are all aware, increasing our organisation's online security awareness is paramount in this modern age.
To this degree, I am excited to announce that we have partnered with Phishing Tackle. Phishing Tackle is a leading Security Awareness Training Organisation. They will help us create the "Human Firewall" which can help us protect against malicious emails. Using this state-of-the-art software, we are able to simulate phishing attacks and create security awareness training for all our staff.
To begin, we will be sending out a simulated phishing email to all our staff, determining our current levels of risk to phishing attacks.
Following this, I will be scheduling [employee-wide] training and [bi-weekly] phishing tests for all employees. [We will also be training employees on how to report these simulated phishing emails to management.]
There are various courses, surveys and videos on security topics which our organisation can assign. At the start of the training, everyone will [learn about online security and the dangers of phishing attacks]. [Then, certain departments will be assigned specific training content based on their role.] The training is informative and engaging, though it does not need to be completed in one sitting.
Our organisation's end goal is to increase security awareness and decrease the number of clicks on malicious emails. This process will also allow our staff to more easily recognise genuine emails and not just phishing attempts.
We are all very excited to have this new program in place and I welcome any questions or concerns you may have.
Thank you and best regards,
Should you have any questions on this or any other aspect of the platform, please contact our support team.