Cybersecurity User Awareness Training - Subject Guide
Document Creation: 20 Aug, 2024. Last Edited: 20 Aug, 2024. Authors: Tristan Apperley.
Effective Date: 20 Aug 2024. Expiry Date: 20 Aug 2025.
Redback Operations Awareness Training package has been created to allow all employees of the company to understand potential cyber threats and how to identify and prevent them. The Australian Cyber Security Centre (ACSC) (ACSC ,2024) states that:
An organisation should ensure that cyber security awareness training is provided to all personnel in order to assist them in understanding their security responsibilities. Furthermore, the content of cyber security awareness training should be tailored to the needs of specific groups of personnel. For example, personnel with responsibilities beyond that of a normal user will require tailored privileged user training.
To complete this training requirements, this awareness package is broken down into 8 modules which covers the practical ways to protect yourself and the company while conducting your duties. At the completion of each module, you will be required to complete a small quiz to ensure you have retained the modules content. You will be required to complete a final quiz at the end of the training where you will need to score 80% or higher to complete the package and meet your company requirements for the year.
Duration:
Expected time to complete – 1 Hour
Contacts:
Team Responsible for training – Blue Team
Member responsible for training – Tristan Apperley
Blue Team Leader - Devika Sivakumar
Modules
Module 1 – Introduction
Learning Outcome 1:
Understand the importance of cyber security training, identify Redback Operations IT security contacts, recognise different user privileges, and know the steps for incident reporting.
- Why this training is required
- Redback Operations IT security Point of Contacts
- Why we have different levels of user privileges
- What to do when you identify an incident
Module 2 - Update your device and software
Learning Outcome 2:
Explain the need for updates, recognise zero-day vulnerabilities, manage automatic updates, and adhere to update frequency guidelines.
- Why you should update your device and software
- Zero-day vulnerabilities
- Automatic updates
- Update Frequency
Module 3 - Set up and perform regular backups
Learning Outcome 3:
Understand backup importance, differentiate backup types, implement secure storage, and follow Redback Operations’ backup procedures.
- Importance of backups
- Types of backups including Automatic
- Secure storage of backups
- Redback Operations backup procedures
Module 4 - Turn on multi-factor authentication (MFA)
Learning Outcome 4:
Define MFA, distinguish between MFA types, and evaluate MFA benefits.
- What is MFA
- Types of MFA
- Token
- Biometrics
- Authenticator App
- SMS/Email
- Benefits of MFA
Module 5 - Set secure passphrases
Learning Outcome 5:
Differentiate passphrases from passwords, identify characteristics of secure passphrases, and use password managers effectively.
- Passphrases Vs Passwords
- Characteristics of a secure passphrase
- Password managers
Module 6 - Recognise and report scams
Learning Outcome 6:
Identify common scams, recognise scam indicators, and understand Redback Operations reporting procedures.
- Common types of Scams
- How to identify a scam
- Reporting scam
Module 7 - Watch out for threats
Learning Outcome 7:
Identify various cyber threats, recognise indicators of compromise, and apply preventive measures.
- Types of threats
- Account Compromise
- Crypto mining
- Data Breaches
- Hacking
- Identity theft
- Malicious insiders
- Malware
- Phishing
- Quishing
- Ransomware
- Scams
- Indicators of compromise
- Preventive measures
Module 8 - Final Quiz
Students are required to score 80% to have satisfactory passed the awareness training.
Classroom link
Training Link – Training is hosted on Google classroom and can completed by clicking here
NOTE: A google account will be required to complete this training, if required you can sign up to google by clicking on the following link
Create your Google Account
References
Australian Cyber Security Centre. (2024). Guidelines for personnel security (June 2024). Australian Government.
https://www.cyber.gov.au/sites/default/files/2024-06/08.%20ISM%20-%20Guidelines%20for%20Personnel%20Security%20%28June%202024%29.pdf
Australian Cyber Security Centre. (n.d.). Learn the basics. Australian Government.
https://www.cyber.gov.au/learn-basics