Emails are an essential communication tool for all organizations. Emails are also a popular target for hackers. The course describes an example of a malicious email and the damages it can cause to an individual and organization. It also provides email security tips.

It is vital you develop strong passwords at home and at work to protect yourself and your organization. The course describes an example of an employee who uses the same password at home and at work. It also provides password security tips.

Advanced capabilities of smartphones come with benefits and security risks. All the bad things that can happen to you online on a computer can happen to you on a smartphone. The course describes an example of a smart phone attack that affects the individual and organization. It also provides smartphone security tips.

Advanced capabilities of smartphones come with benefits and security risks. The course describes an example of an employee who lost their smartphone and exposes personal and organizational data.

IoT stands for Internet of Things and as the name suggests, it’s essentially when everyday things from your life like watches, TVs, glasses, cars, refrigerators, and a really long list of other things can connect to the Internet and become “smart things.” This course provides an overview of IoT. It also provides IoT security tips.

Social media creates a web of trust and false sense of security that’s dangerous to rely on. Privacy issues and identity theft in social media are a growing concern. This course describes an example of social media incident that affects the individual and organization. It also provides social media security tips.

Defrauding people under false pretenses and fooling them into revealing sensitive personal and organizational information is called “Social Engineering.” This course describes an example social engineering attack. It also provides social engineering security tips.

Malware comes in all shapes and sizes – e.g., ransomware, scareware, keyloggers, Trojans, viruses, and worms. But they all have the same objective – to steal your money or your information. This course describes an example drive-by download attack. It also provides malware security tips.

Phishing is a technique used by hackers to fool you into performing actions online that expose your personal and your organization’s sensitive information. This course describes an example of one of the many variations of a phishing attack. It also provides phishing security tips.

When you are on the move, your laptop, mobile phone and other devices expose you and your organization to Information Security risks. The course describes an example of organizational information being stolen on a public Wifi network. It also provides security on the move tips.

It’s vital that organizations provide Information Security training for all new employees. Technology based solutions have never been enough to protect an organization and maintain the trust of its customers. The course provides essential offline and online security tips.

Working from home is convenient and can be a great change from the usual grind. But it’s critical to know that the chances of your information getting compromised at home are higher as well. The course describes an example of organizational information being stolen on a private Wifi network. It also provides security tips when working from home.

Cybercrime affects everyone. No one’s too small to be the target of hacker attacks. The course describes an example of a trojan attack that affects the individual and organization. It also provides general security tips.

Keeping sensitive information secure can sometimes be as simple as employees maintaining a clean workspace. Technology based solutions have never been enough to protect an organization and maintain the trust of its customers. The course provides essential Clean Desk policy security tips.

Web browsers are the gateway to the Internet. Knowing how to use them safely and securely is critical to being safe online. The course describes an example of a flash plugin / malware attack that affects the individual and organization. This course provides web browser security tips.

Vishing is a hacking technique that is completed over the telephone. The word is a combination of voice and phishing. This course provides suggestions on how to protect yourself from vishing.

Organizations may have incurred a security breach, but may not identify it for several months or years. The course describes a situation in which an organization experienced a data breach that went undetected for over 2 years. It also provides general security tips.

Keeping sensitive information secure can sometimes be as simple as employees maintaining a clean workspace. Technology based solutions have never been enough to protect an organization and maintain the trust of its customers. This course provides an overview of Insider Threat. It also provides related security tips.

It’s important to secure data at each stage of the data life cycle as data leaks are one of the most common causes of security breaches. Pretty much every document and file you work with leaks data. The course describes an example of a data breach. It also provides data security tips.

Cloud based solutions may provide cost-savings, but they also present potential security risks to you and your organization. This course describes an example cloud based IT infrastructure provider data breach. It also provides cloud security tips.

DDoS (Distributed Denial of Service) attacks overload your organization’s most important computers and servers rendering them unusable during the duration of the attack. The course describes an example of a DDoS attack. It also provides security tips related to potential DDoS attacks.

Security and compliance are completely different. Compliance does not ensure Information Security. The course describes an example of an organization that relied solely on compliance and experienced a data breach. It also provides tips regarding balancing security and compliance.

Your Business Continuity Plan guides how your organization’s critical functions will continue to operate and minimize the impact during an emergency. This course describes an example earthquake emergency and alternate data center preparation. It also provides best practice tips.

Mergers & Acquisitions are a common corporate tool for growth, but they also pose potential Information Security risks. The course describes an example of an undetected security breach that the acquired company experienced before the acquisition. It also provides M&A security tips.

Organizations must develop adequate budgets and develop dashboards to measure Information Security ROI. The course describes an organization that did not have an adequate Information Security budget to complete required preventative assessments. It also provides dashboard and related security tips.

The work you do for your organization, including your know-how, and the deliverables that result from it belong to the organization and are considered its intellectual property. This course provides an overview of Intellectual Property and tips on how to handle the right way.

You cannot outsource your legal and regulatory liabilities and obligations to your third party vendors. This course provides an overview of Third Party Vendor Security and tips to build a robust third party vendor risk management process.

Physical security is a critical aspect of Information Security. This course provides tips on how to stay safe – general tips and IT department tips.

NIST stands for the National Institute of Standards and Technology, a non-regulatory government agency that promotes innovation and competitiveness in a safe and secure manner through the development and issuance of standards and guidance. This course provides an overview of NIST.

GLBA stands for the Gramm-Leach-Bliley Act. It is also known as the Financial Modernization Act of 1999. Organizations classified as a financial institution that "significantly engaged" in "financial activities" must comply with GLBA. This course provides an overview of GLBA.

This course provides a high-level overview of HIPAA regulations and provides specific best practices for complying with the law and protecting the personal health information you are working with. We’ll also share some general cybersecurity-related tips.

PCI stands for Payment Card Industry Data Security Standard.  This course provides an introduction to PCI and related security tips.

PHI is data that relates to an individual’s past, present or future physical or mental health or condition, the provision of health care to the individual, or the past, present, or future payment for the provision of health care to the individual. This course provides an overview of PHI.

The General Data Protection Regulation (Regulation (EU) 2016/679) was adopted on April 27, 2016 and was created by the European Parliament, the Council of the European Union (EU), and the European Commission. This course provides an overview of GDPR.

PII is Personally Identifiable Information. This course provides an overview of PII, confidentiality classification tips as well as tips for an organization regarding preparing for a security breach.

The Health Information Technology for Economic and Clinical Health Act (HITECH) was enacted as part of the American Recovery and Reinvestment Act of 2009 and became effective on February 17, 2009.  This course provides an introduction to HITECH.

Emails are an essential communication tool for all organizations. Emails are also a popular target for hackers. The course describes an example of a malicious email and the damages it can cause to an individual and organization. It also provides email security tips.

It is vital you develop strong passwords at home and at work to protect yourself and your organization. The course describes an example of an employee who uses the same password at home and at work. It also provides password security tips.

Social media creates a web of trust and false sense of security that’s dangerous to rely on. Privacy issues and identity theft in social media are a growing concern. This course describes an example of social media incident that affects the individual and organization. It also provides social media security tips.

Social media creates a web of trust and false sense of security that’s dangerous to rely on. Privacy issues and identity theft in social media are a growing concern. This course describes an example of social media incident that affects the individual and organization. It also provides social media security tips.

Advanced capabilities of smartphones come with benefits and security risks. All the bad things that can happen to you online on a computer can happen to you on a smartphone.

Malware comes in all shapes and sizes – e.g., ransomware, scareware, keyloggers, Trojans, viruses, and worms. But they all have the same objective – to steal your money or your information. This course describes an example drive-by download attack. It also provides malware security tips.

When you are on the move, your laptop, mobile phone and other devices expose you and your organization to Information Security risks. The course describes an example of organizational information being stolen on a public Wifi network. It also provides security on the move tips.

IoT stands for Internet of Things and as the name suggests, it’s essentially when everyday things from your life like watches, TVs, glasses, cars, refrigerators, and a really long list of other things can connect to the Internet and become “smart things.” This course provides an overview of IoT. It also provides IoT security tips.

Keeping sensitive information secure can sometimes be as simple as employees maintaining a clean workspace. Technology based solutions have never been enough to protect an organization and maintain the trust of its customers. This course provides an overview of Insider Threat. It also provides related security tips.

Security At Home is increasing in importance as cyber threats continue to increase. The course includes six, 1-3 minute lecture videos. The lecture videos include the following: why bother about security at home, common threats, signs you may have been hacked, and security best practices. This course is a part of ERMProtect's Security Awareness Training Library.

PCI stands for Payment Card Industry Data Security Standard.  This course provides an introduction to PCI and related security tips.