Cyber Security Awareness: Foundations and Application

Content

This session covers:

• Introduction to Cybersecurity: Basic concepts of cybersecurity, including the importance of protecting information and recognizing cyber threats.
• Social Engineering Awareness: Understanding how social engineering attacks work and how to avoid falling victim to manipulation.
• Identifying Phishing and Scams: Practical tips for identifying phishing emails and other common scams targeting non-technical users.
• Outline and overview of the South Australian Cyber Security Framework (SACSF)
• “How Would I Hack Me?” Self-Assessment: Participants examine their own online habits, digital footprint, and potential attack vectors to understand personal vulnerabilities.
• Phishing Detection Workshop: Hands-on activity analysing real-world and simulated phishing emails to identify warning signs and discuss safe response actions.
• “Craft a Phish” Challenge: Small groups design a realistic (but safe) phishing email or message to learn how attackers exploit trust, urgency, and curiosity.
• Password Strength Exercise: Testing password strength using safe tools, exploring passphrases, and demonstrating how multi-factor authentication adds protection.
• Social Engineering Scenarios (Role-Play): Interactive role-play exercises simulating phone calls, emails, or in-person attempts to manipulate employees, highlighting red flags and effective response strategies.

Outcomes

• Basic Cyber Awareness: Participants will understand fundamental cybersecurity principles and why they are important.
• Improved Detection Skills: Ability to recognize and avoid common cyber threats, such as phishing and social engineering attacks.
• Safer Data Practices: Enhanced ability to handle and classify data correctly, minimizing the risk of data breaches.
• Increased Vigilance: Heightened awareness of social engineering tactics, leading to better protection against such attacks.

Who Should Attend

• All Public Servants: Essential for employees across all departments to ensure a cohesive approach to cybersecurity.
• Administrative Staff: Particularly important for those handling sensitive information regularly but without a tech background.
• New Employees: Crucial for onboarding processes to instill good cybersecurity habits from the start.

Benefits to You and Your Organisation 

• Increased Security Awareness: Reduces the likelihood of human error leading to security breaches.
• Enhanced Organizational Security: Creates a culture of security mindfulness, contributing to overall organizational resilience.
• Regulatory Compliance: Ensures staff are aware of and adhere to relevant cybersecurity regulations and policies, maintaining compliance.