(1-2 Months)

Getting Started:

• Platform Preparation: Ready your platform for training delivery by customizing colors, images, and text to your organization’s branding. 
• Setting Goals and Objectives: Define what you want to achieve and the capacity in which to achieve these goals. 
• Establish Baseline: Use phishing simulations, quizzes and surveys to determine your starting point and help determine priorities.
• Curriculum Development: Craft a training curriculum tailored to your goals, objectives, audience, and capacity. 
• Communication Strategy: Develop and prepare communications strategies for stakeholder engagement before, during and after your awareness activities. 
• Executive Approval: Present your program plan for executive approval.

(Up to 18 Months)

Program Rollout:

• Training Delivery: Conduct the core training sessions and any reinforcement activities. 
• New Hire Strategy: Determine training requirements for new hires that start after program launch. 
• Simulations and Drills: Implement frequent phishing simulations and quizzes to enhance learning. 
• Regular Updates: Use announcements and reminders to keep the program top of mind. 
• Adaptive Training Modules: Depending on the quarterly goals, training might include: 
  • Q1: Security Awareness Basics 
  • Q2: Emerging Cyber Threats 
  • Q3: Data Privacy 
  • Q4: Security Principles for Remote Workers 

(2-4 Weeks)

Program Analysis and Adjustment:

• Collect Data: Collect data from previous activities such as activity participation, simulation results and audience feedback.
• Realign Priorities: Adjust program priorities based on new priorities, evolving cyber threats, feedback and campaign outcomes.
• Goal Definition: Refine goals for the next cycle.
• Curriculum Update: Update training materials and methods as needed for ongoing relevance and effectiveness.