Security Awareness Training Catalog

Security Awareness Library

GENERAL KNOWLEDGE CYBER GAMES RISK-BASED ROLE-BASED COMPLIANCE & PRIVACY

GENERAL KNOWLEDGE

End User

Designed to strengthen the human element of your organization’s information security, end user courses help participants understand best practices on a wide variety of cyber security topics. Each module includes interactive learning activities that reinforce those key messages.

Access Control
Bring Your Own Device (BYOD)
Business Email Compromise
Cloud Services
Confidentiality on the Web
Data Leakage
Email
Identity Theft
Incident Reporting
Information Classification
Information Lifecycle

Intellectual Property
Introduction to Information Security
Malware
Mobile Devices
Open Wi-Fi Risks
Password
Phishing
Phishing Websites
Physical Security
Privacy
Protecting Payment Card Data

Protecting Your Home Computer
Ransomware
Responsible Use of the Internet
Smartphones
Social Engineering
Social Networks
The Clean Desk Principle
Traveling Securely
Unintentional Insider Threat
Working Remotely

3D Cartoon Characters

Real Action Characters

Traveling Securely Training Video

Code	Topic	Description
101	Introduction to Information Security	Learn about information security and its overall importance Understand users’ responsibilities in protecting the organization’s information
102	Information Classification	Understand how and why organizations classify their information Practice classifying information according to levels of sensitivity
103	Information Lifecycle	Understand the value of an organization’s information Learn how to manage information correctly throughout its lifecycle
104	Intellectual Property	Learn what is considered intellectual property Understand behaviors and situations that may violate intellectual property rights
105	Passwords	Understand the importance of creating effective passwords Learn how to create a strong yet easy to remember password
106	Physical Security	Understand why organizations must secure all their facilities and equipment Learn how common work areas can be protected from threats
108	Access Control	Learn why organizations must control access to their networks and systems Understand the processes involved in granting and monitoring access
201	Email	Recognize common email threats and email misuse Learn what precautions to take with incoming and outgoing emails
203	Confidentiality on the Web	Understand the risks of inadvertently disclosing sensitive information on the web Understand and recognize potential online threats
205	Social Engineering	Learn about social engineering and how it can fuel a variety of cyber threats Recognize common social engineering tactics used by cyber criminals
206	The Clean Desk Principle	Recognize the importance of keeping unattended work areas clear of sensitive information Discover how to ensure the security of various documents and portable devices
207	Privacy	Learn about privacy and related rights and obligations Identify what is considered personal information
208	Protecting Payment Card Data	Understand an organization’s obligation to protect payment card data Learn about the threats to payment card data
210	Phishing	Learn about common phishing tactics and how they threaten information security Recognize and identify the features of a phishing message and website
211	The Bring Your Own Device (BYOD) Trend	Understand the security issues related to the use of personal devices for business purposes Learn the strategies adopted by organizations to reduce BYOD-related risks
301	Malware	Learn about the different types of malware Understand the human behaviors and technical factors involved in preventing malware infection
304	Responsible Use of the Internet at Work	Learn how organizations can be impacted by inappropriate internet usage Understand what constitutes potentially harmful internet practices on corporate devices or accounts
306	Identity Theft	Understand how identity theft affects victims and organizations Learn about common methods used to carry out identity theft
307	Social Networks	Understand information confidentiality and information ownership issues related to social network usage Learn about the potential threats posed by fraudsters and cybercriminals
308	Working Remotely (Mobile Users)	Learn about mobile users and working remotely Understand the risks related to user mobility
321	Mobile Devices	Understand the vulnerabilities related to mobile devices Learn about preserving the security and integrity of mobile devices
322	Traveling Securely	Preserve the security of information while traveling and working remotely Learn about the potential threats to information and technology used by traveling employees
323	Protecting Your Home Compute	Learn the common methods used by cyber criminals to gain access to your information Recognize home environment vulnerabilities and risky internet activities
324	Ransomware	Learn about ransomware and how it can negatively impact an organization Recognize how ransomware attacks are launched
325	Data Leakage	Understand what constitutes a data leak and how it affects an organization Learn common internal and external data leaks causes
326	Business Email Compromise	Understand what constitutes a business email compromise attack and how it is mounted Learn the common phishing-based scams used in such attacks
327	Unintentional Insider Threat	Understand how users can unintentionally put the information security at risk Learn common user actions and behaviors that can lead to a security incident
328	Incident Reporting	Understand the importance of detecting and handling security incidents promptly Learn how to identify and detect various types of security incidents
329	Phishing Websites	Understand common tactics used by hackers to construct phishing websites Learn how to effectively safeguard your data from malicious sites
330	Open Wi-Fi Risks	Understand the potential risks of connecting to an unsecured Wi-Fi network Learn best practices when it comes to sharing information of a network outside your home or office
331	Cloud Services	Recognize the potential vulnerabilities related to storing, sharing, and accessing cloud-based documents or systems Learn how to use cloud services securely with cyber-safe collaboration techniques
506	Smartphones	Learn about the information security risks related to smartphone usage Discover best practices for protecting information stored on smartphones

CYBER GAMES

Cyber Game modules are interactive, gamified eLearning modules that reinforce fundamental cyber security best practices. Whether it’s a Serious Game that takes place in a 3D environment or a bite-sized Cyber Challenge, answer skill-testing questions, earn points for correct responses, and practice crucial cyber security decision-making in real-world scenarios.

Serious Game

Serious Game modules put end users in the middle of immersive, exciting scenarios that test their cyber security knowledge in a gaming-style environment. Each module focuses on a specific topic as players collect points and race against the clock to complete interactive learning activities.

BEC
Cloud Based Services
Data Transfer
Ransomware
Securing the Home Office
Social Engineering
Social Networks
Strong Password
Traveling Securely
Working Remotely

Cyber Challenge

Cyber challenges are engaging, gamified learning activities that test and reinforce fundamental security awareness knowledge on topics like phishing, email security, and more.

Cloud Services
Email
Incident Identification for Reporting
Information Classification
Information Lifecycle
Malware
Mobile Devices
Phishing
Privacy
Protecting Your Home Office
Ransomware
Social Engineering
Traveling Securely

Serious Game

Code	Topic	Description
1	Strong Password	Play as a special agent and race against the clock to secure sensitive information by relying on strong password expertise
2	Securing the Home Office	Play as a special agent and race against the clock to secure a home office and keep confidential data out of the hands of hackers
3	Ransomware	Play as a cybersecurity investigator trainee and race against the clock to identify
4	BEC	Play as a cybersecurity investigator and examine different emails to identify all valid vendor payments and stop any potentially fraudulent payments due to Business Email Compromise
5	Cloud Based Services	Play as a legendary cybersecurity analyst with the responsibility of identifying the source of the data leaks and putting a stop to it, before any more damage can be done
6	Data Transfer	Play as an employee in the Business Operations department and finish your weekly to-do list by carefully managing your files and emails for a stress-free weekend, without risking being interrupted due to a major data breach
7	Social Engineering	Take on two different roles, as you join the Red Team to design a mock cyberattack scenario and switch over to the Blue Team to select the appropriate defenses against cyber threats
8	Social Networks	Play as a new junior Social Media Associate and complete your training by staying abreast of current affairs in your field and meeting with key managers
9	Traveling Securely	Play as a world-renowned academic and apply best information security practices as you travel to attend a top-secret conference at the Secret Service’s campus
10	Working Remotely	Play as a student research assistant who needs to keep their data safe while commuting and working from the coffee shop to meet a tight deadline

Cyber Challenge

Code	Topic	Description
102	Information Classification	Classify information based on its sensitivity levels so as to apply appropriate security measures
103	information Lifecycle	Plan for proper information disposal based on format and level of sensitivity
201	Email	Describe and differentiate the email-based strategies fraudsters use to infiltrate organizational networks or access confidential information
205	Social Engineering	Understand and protect yourself against cyberattacks that originate from deceptive social interactions
207	Privacy	Identify personal information managed by your organization and handle it in compliance with security and privacy requirements
210	Phishing	Recognize and identify the features of a phishing message and website
301	Malware	Examine and identify ways in which malicious programs can infiltrate your electronic devices
321	Mobile Devices	Adopt best practices when using mobile devices in order to protect your company and personal information
322	Traveling Securely	Recognize and evaluate information security risks when traveling
323	Protecting Your Home Office	Identify and eliminate information security vulnerabilities in your home office for safer remote work
324	Ransomware	Understand the risks associated with ransomware attacks, and apply best practices to keep your organization’s information safe
328	Incident Identification for Reporting	Identify security incidents and report them to the appropriate instances in a timely manner to help protect your organization
331	Cloud Services	Assess the risk level associated with various cloud computing practices to keep your and your organization’s information safe

RISK-BASED

Microlearning

Built to increase employee knowledge retention and promote lasting behavioral change, microlearning modules feature concise training content. Each module targets specific risks and helps organizations meet productivity objectives.

Access Control
Applying the Clean Desk Principle
Authentication method
Business Email Compromised (BEC)
C-Level Email Impersonation
Cyber Quiz
Friend or Foe?
Handling Unidentified Individuals
Mass Market Phishing
OAuth consent grant
Phishing by Phone
Policy Tips Around Sensitive Information

Ransomware
Report Message
Risky USB
Securing the Home Office Environment
Sharing an Organization Computer
Smishing
Spear Phishing
Teams phishing
Understanding App Consent Requests
Unintentional Insider Threat

Unsecured Sharing of Sensitive Documents
Vishing
Web Phishing
Whaling
Email Account Compromise
Application Account Compromise
Browser Compromise
Computer Compromise
Malicious Digital QR Codes
Malicious Printed QR Codes

Code	Topic	Description
3001	Vishing	Learn the dangers of plugging unknown USB devices on computers, which could lead to a malware infection or the installation of a dangerous program
3002	Web Phishing	Understand how to verify a person’s credentials before giving out personal information, as well as what constitutes a web phishing attack
3003	Mass Marketing Phishing	Understand how to identify a real scam and protect their personal information, such as with a mass-market gift card scam
3004	Spear Phishing	Learn how cybercriminals can operate and the motives behind potential attacks by taking on the pretend role of a hacker
3005	Smishing	Recognize the common elements of a phishing attack received via text message and how to keep information safe
3006	Whaling	Understand how senior executives can be easily compromised through targeted phishing scams called whaling
3007	C-Level Email Impersonation	Discover how to identify a C-level email impersonation, a targeted attack that plays on the authority of the sender
3008	Business Email Compromise (BEC)	Learn how to identify tricks cybercriminals use to extort money, as well as identify a compromised business email account
3009	Handling Unidentified Individuals	Reinforce the best practices described in the Incident Reporting module by asking learners to make the correct decisions when faced with an unidentified person walking around the office
3010	Ransomware	Learn how to react correctly to an unexpected email attachment and a computer infected with malware
3011	Unintentional Insider Threat	Recognize how to act correctly when disposing of confidential documents by applying information security best practices
3012	Friend or Foe?	Understand when and how to apply information security best practices when faced with an individual trying to access a restricted area
3013	Access Control	Discover the consequences of lending computers to colleagues, as well as best practices related to this scenario
3014	Applying the Clean Desk Principle	Understand what actions to take to reduce the risk of leaking sensitive information about a confidential project by combining best practices from different cyber security topics
3015	Risky USB	Learn the dangers of plugging unknown USB devices on computers, which could lead to a malware infection or the installation of a dangerous program
3016	Phishing by Phone	Learn how to keep sensitive information safe from cyber criminals who deploy phishing attempts via phone
3017	Cyber Quiz	Compete against Isa from Terranova Security in a gameshow that tests fundamental cyber security knowledge
3021	Report Message	Understand the importance of reporting a suspicious message and the appropriate steps to take in such a scenario
3022	Understanding App Consent Requests	Learn the fundamentals of app consent grants and the best practices you should follow to ensure information is share securely and only with relevant individuals
3023	Unsecured Sharing of Sensitive Documents	Discover the inherent vulnerabilities related to sharing sensitive documents and how to edit, store, access, and share confidential information securely
3024	Sharing an Organization Computer	Discover the issues related to sharing a company computer with an unauthorized individual and how you can ensure usage policies are upheld at all times
3025	Securing the Home Office Environment	Find out how to properly secure a home office environment by learning about precautions related to your computer and other devices, Wi-Fi network, and more
3026	Policy Tips Around Sensitive Information	Learn how an organization can use policy tips to set boundaries for sensitive information, as well as steps you can take when you’re confronted with a message that restricts information sharing
3027	Teams Phishing	Learn how phishing attacks may be delivered via Microsoft Teams, as well as steps you can take to identify suspicious chat messages
3028	OAuth Consent Grant	Find out how to protect yourself and your organization from OAuth, or third-party permission phishing attempts by installing applications from reputable sources and creating a unique username and password for each service
3029	Authentication Method	Learn about the risks that come with relying on a third party to sign in to an online service, and identify the safest authentication method in a given context
3030	Email Account Compromise	Find out how to detect signs of email account compromise, and leverage best practices to help prevent intrusions, such as enabling two-factor authentication
3031	Application Account Compromise	Identify the signs that one of your application accounts has been compromised, including notifications of failed login attempts and changes made to your personal information without your knowledge
3032	Browser Compromise	Learn to detect the signs that your browser has been compromised and is being used for malicious purposes, such as noticing toolbars or browser extensions that you did not install
3033	Computer Compromise	Discover common signs that your computer has been infected by a virus, such as encountering unexpected pop-up advertisements and your device operating at a slower pace than usual
3034	Malicious Digital QR Codes	Identify the signs that a digital QR code is unsafe to scan and apply best practices to mitigate risks associated with scanning a malicious QR code online
3035	Malicious Printed QR Codes	Identify the signs that a printed QR code is unsafe to scan and apply best practices to mitigate risks associated with scanning a malicious QR code displayed in public spaces

Nanolearning

Ideally suited for just-in-time training for phishing simulation clickers or as short standalone eLearning opportunities, nanolearning modules ensure end users understand specific cyber security fundamentals. Each module walks users through risks, consequences, and best practices related to a given topic.

Anatomy of a Spear Phishing Attack
Being Security Aware
Cloud-Based Sharing
Credential Theft
Cyber Attack Detection
Identity Theft - Example of an Attack
Double Barrel Phishing Attack
Insider Threat

Phishing - Six Clues That Should Raise Your Suspicions
Phishing Website
Preventing Security Breaches
Protecting Sensitive Information - Information Handling
Ransomware
Smishing
Social Engineering
Social Engineering via Email

Social Networks
Spear Phishing - The CEO Fraud
Spoofing
Stegosploit
Vishing
Web Conferences Risks
Wi-Fi Security
What is two-factor authentication

Code	Topic	Description
2001	Ransomware	Learn how to identify malicious programs and what you should do if you think you received a ransomware email
2002	Vishing	Recognize the best practices related to detecting and safeguarding against phone scam tactics
2003	Phishing - Six Clues	Ensure a strong understanding of the six core clues that you need to be aware of to identify a phishing threat
2006	Protecting Sensitive Information	Learn how to identify, handle, and protect sensitive information securely
2007	Cyber Attack Detection	Compete against Isa from Terranova Security in a gameshow that tests fundamental cyber security knowledge
2008	Preventing Security Breaches	Understand how to reduce the risk of information security breaches
2010	WI-FI Security	Learn about the risks of Wi-Fi security and about the precautions you can take
2011	Identity Theft	Recognize the signs of common identity theft scams and how to avoid them
2013	Social Engineering	Learn how to defend yourself against social engineering attacks
2015	Being Security Aware	Understand what you can do every day to secure your home, belongings, computers, and other sensitive information
2016	Spear Phishing CEO Fraud	Learn how CEO fraud works, and how to detect and avoid these types of threats
2025	Phishing Website	Learn about how to identify a phishing website and its key features
2026	Social Networks	Learn about the risks posed by criminals on social networks and how to protect personal information
2035	Smishing	Understand how to identify and protect yourself against text-based threats
2050	Anatomy of a Spear Phishing Attack	Learn the steps and mechanisms used to create personalized or targeted phishing attacks
2051	Insider Threats	Discover the different types of insider threats and the precautions you can take
2052	Social Engineering via Email	Learn the steps and mechanisms used to leverage social engineering schemes via email
2053	Spoofing	Understand how hackers can spoof popular websites and common warning signs to watch for
2054	Double Barrel Phishing Attack	Learn the common tactics and red flags related to double barrel phishing attacks
2055	Stegosploit	Learn how digital images can be leveraged as key components of stegosploit attacks
2056	Web Conferences Risks	Understand the risks and common hacker tactics associated with web conferences
2057	Cloud-Based Sharing	Recognize the vulnerabilities related to cloud-based document and information sharing
2058	What is two-factor authentication	Learn about usage, format and reporting and the best practice associated with 2FA

Nanovideo

Ideally suited for just-in-time training for phishing simulation clickers or as short standalone video-based eLearning, nanovideo modules showcases the risks, consequences, and best practices related to a given topic.

Browser-in-the-browser Attack
Credential Theft
Cyber Fraud
Employee Data Breach

Financial Data Exposure
Generative AI: What is it? Risks and Benefits
Identity Theft
Importance of Security Culture in the Organization

Malicious Software
Ransomware
Website URL

Code	Topic	Description
4	Ransomware	Learn the key warning signs of a ransomware threat, the consequences of downloading a ransomware file, and best practices to secure data against these attacks
5	Website URL	Understand how to safely view and identify malicious website URLs, and techniques cyber criminals can use to trick users into clicking
6	Credential Theft	Understand the key warning signs and how to spot a credential theft threat, as well as how to safeguard sensitive data from credential theft attacks
7	Identity Theft	Learn what types of data are targeted during identity theft attacks, how successful identity theft affects victims, and best practices that help users keep data safe
8	Financial Data Exposure	Learn how financial data can be exposed in cyber attacks and how to avoid potential data leakage by sharing, storing, and accessing related information using cyber security best practices
9	Cyber Fraud	Learn about the common tactics used by cyber criminals to commit cyber fraud, warning signs recipients should be aware of, and best practices to be aware of
10	Employee Data Breach	Learn how employees can be targeted in data breaches, the hallmarks of messages hackers may deploy to trick recipients into divulging information, and best practices that help keep data safe
11	Malicious Software	Understand how malicious software can compromise a computer or mobile device, the consequences of a resulting infection, and how to safeguard data from malware
12	Importance of Security Culture in the Organization	Understand how having a strong security culture benefits an organization, and how one can help foster their organization’s security culture
13	Browser-in-the-browser Attack	Recognize common signs of browser-in-the-browser attack and learn about five ways to protect yourself and your organization
14	Generative AI: What is it? Risks and Benefits	Understand what generative AI is, know the risks associated with its use, and follow best practices to keep yourself and your organization safe

ROLE-BASED

Constructed to appeal to various context-specific security awareness best practices, each role-based explores the cyber security roles and responsibilities related to different functions with an organization. Terranova Security offers role-based courses for professionals in finance, human resources, executives, and much more.

Information Security Awareness for:

Executives
- Introduction to Information Security
- Passwords
- Phishing
- Confidentiality on the Web
- Mobile Devices
- Data Leakage
- Business Email Compromise
Finance
- Introduction to Information Security
- Passwords
- Phishing
- Confidentiality on the Web
- Protecting Payment Card Data
- Data Leakage
Help Desk
- Introduction to Information Security
- Passwords
- Access Control
- Social Engineering
- Phishing
- Incident Reporting

Human Resources
- Introduction to Information Security
- Passwords
- Phishing
- Confidentiality on the Web
- Privacy
- Data Leakage
IT Administrators
- Network Security Overview
- Common Network Attacks
- Securing Networks
- Securing Data Repositories
IT Developers
- Application Security Overview
- Common Application Attacks
- Secure Development
- Cryptography Overview
- Access Control

IT Privileged Users
- Introduction to Information Security
- Passwords
- Access Control
- Phishing
- Malware
- Ransomware
- Unintentional Insider Threat
- Incident Reporting
- Working Remotely
Managers
- Security Challenges
- Security Governance
- Leading by Example
OWASP
- Open Web Application Security Project (OWASP)

Code	Topic	Description
FIN	Finance	Learn what types of attacks frequently target professionals in the finance sector, how successful attacks can impact the organization, and how to safeguard against cyber criminals
GEST	Managers	Learn how managers can be targets of complex, multifaceted cyber threats, best practices for keeping data secure, and the role they play in fostering a cyber-aware culture
HR	Human Resources	Understand the rules and regulations behind processing user data for HR purposes, what kinds of tactics hackers can use to try and steal data, and how to keep information safe
TIA	IT Administrators	Learn the cyber threats commonly associated with IT administrators, and best practices related to keeping sensitive information, networks, and systems safe
TID	IT Developers	Understand the building blocks behind secure IT development, how cyber criminals can exploit different vulnerabilities, and how developers and detect and avoid attacks
EXEC	Executives	Provide senior executives and managers the information required to understand, assess, and defend against the most common cyber threats targeting them
PRIT	IT Privileged Users	Provide IT privileged users with best practices and tools to identify, evaluate and protect themselves against cyber threats
HD	Help Desk	Provide IT Help Desk employees with best practices and tools to identify, evaluate and protect themselves against cyber threats

OWASP

Code	Topic	Description
OWASP	Open Web Application Security Project (OWASP)	Learn about security threats and best practices related to OWASP and its processes

COMPLIANCE & PRIVACY

Ensuring that all organizations can easily understand and comply with various data privacy regulations, this course provides high-quality training content and activities exploring key data protection trends.

CCPA Essentials
GDPR Essentials
HIPAA/HITECH
Personal information protection in the private sector in Quebec
- Key aspects of the reform
- Companies’ obligations
- Default protection of personal information
- Individuals’ rights, and how to protect their information

Personally Identifiable Information (PII)
PCI DSS Awareness
POPI Act
Privacy Essentials
- The Protection of Personal Data
- Collecting Personal Data
- Privacy Principles
- Privacy Breaches

Protected Health Information (PHI)
Protected Health Information for Europe
Security by Design (SBD)

Code	Topic	Description
801	Personally Identifiable Information (PII)	Learn everything you need to know about PII
803	Protected Health Information (PHI)	Learn everything you need to know about PHI and how organizations can ensure compliance
818	GDPR Essentials	Learn GDPR essentials and how organizations can ensure compliance
819	CCPA Essentials	Learn CCPA essentials and steps organizations must take to ensure compliance
820 to 823	Privacy Essentials	Learn about general privacy issues and the positive impacts of enhanced awareness
830 to 833	Personal information protection in the private sector in Quebec	Cover the legislative requirements for processing personal data in the private sector, within Quebec, following the recent adoption of Law 25
840	Protected Health Information for Europe	Know the essential principles of the application of GDPR to health data, as well as related best practices for health professionals
HIPAA/HITECH	HIPAA/HITECH	Learn HIPAA/HITECH essentials and how to ensure compliance
PCI	PCI DSS Awareness	Learn about PCI DSS and the positive impacts of enhanced awareness
POPIA	POPI Act	Learn about the POPI Act to comply with its eight conditions and protect your South African clients’ privacy
SBD	Security by Design (SBD)	This course aims to familiarize users with best security practices at each stage of the development cycle of a project or IT service

Communication & Reinforcement Tools

Increase employee engagement with a diverse suite of communication tools, with new assets added regularly

Newsletters

Send training updates and security best practice highlights directly to your users.

Posters

Promote your training program with visuals you can tailor to match your brand.

Wallpapers and Web Banners

Increase program engagement with vivid, thought-provoking digital messaging.

Comics

Add a fun visual aspect to your training program with short comics depicting characters in relatable scenarios.

Infographics

Share cyber security tips and best practices in a compact, engaging format that’s perfect for social or intranets.

Cyberpedia

Get everything you need to know about key cyber security topics in exhaustive, informative webpages.

What is Videos

Send cyber security tips and best practices to users in bite-sized streaming video format. View sample videos >

All communication tools are currently available in EN, FR-CA, FR-FR, and ES LATAM. For additional language support, please contact the Terranova Security Customer Success team.

Global Partner of Choice in Security Awareness Training

Request A Quote

Security Awareness Training Catalog

Security Awareness Training

Quizzes

Security Awareness Library

GENERAL KNOWLEDGE

End User

3D Cartoon Characters

Real Action Characters

CYBER GAMES

Serious Game

Cyber Challenge

Serious Game

Cyber Challenge

RISK-BASED

Microlearning

Nanolearning

Nanovideo

ROLE-BASED

OWASP

COMPLIANCE & PRIVACY

Communication & Reinforcement Tools

Newsletters

Posters

Wallpapers and Web Banners

Comics

Infographics

Cyberpedia

What is Videos

Global Partner of Choice in Security Awareness Training

Contact Information

Privacy Policy

Cookie Policy

Impressum

Accessibility