Phin Security

Phin's Training Campaign Curriculums for Cybersecurity

Phin's Training Campaign Curriculums offer pre-defined cybersecurity training suites including the CFISA Full Training Suite with 15 modules aligned to NIST 800-53 AT-2 standards for comprehensive security awareness, and the Security For Developers course covering OWASP's Top 10 web application security risks with detailed modules on each threat and mitigation strategies.

Pre-defined Training Campaign Curriculums

Here is a list of Training Campaign Curriculums that can be launched from the Training Dashboard page. Each curriculum includes its name and the individual courses/modules it contains.

CFISA: Full Training Suite

This course contains 15 training modules from CFISA (Center for Information Security Awareness), covering all relevant security topics referenced in NIST 800-53 AT-2: Literacy and Training. The State of Texas audits this set annually to ensure compliance with NIST 800-53 AT-2 standards. This campaign is suitable for companies needing to meet this standard and preferring a traditional slide-show format.

Estimated Completion Time: 150 minutes.

Modules:

  • CyberSecurity Overview
  • The Impact of Cybercrime and Identity Fraud
  • Today's Threats
  • How Behavior is Exploited by Cybercriminals
  • Strong Passwords Increase Security
  • Understanding and Recognizing Social Engineering
  • Phishing and Email Best Practices
  • Protecting Against Viruses, Spyware and Spam
  • Protecting Your Personal Workspace
  • Security Best Practices Away from the Office
  • Safe Internet Use
  • Protecting the Workplace from Identity Fraud
  • Social Media Security
  • Device Management – Internet of Things
  • Acceptable Use of Electronic Resources

Security For Developers: OWASP's Top 10

This course covers the Open Web Application Security Project's Top 10 most critical web application security risks, with guidance on mitigation. It includes an introduction and all 10 of OWASP's Top 10 security focus recommendations as of 2021.

Estimated Completion Time: 110 minutes.

Modules:

  • OWASP Top 10 2021: Overview
  • OWASP 2021 A01: Broken Access Control
  • OWASP 2021 A02: Cryptographic Failures
  • OWASP 2021 A03: Injection
  • OWASP 2021 A04: Insecure Design
  • OWASP 2021 A05: Security Misconfiguration
  • OWASP 2021 A06: Vulnerable and Outdated Components
  • OWASP 2021 A07: Identification and Authentication Failures
  • OWASP 2021 A08: Software and Data Integrity Failures
  • OWASP 2021 A09: Security Logging and Monitoring Failures
  • OWASP 2021 A10: Server-Side Request Forgery (SSRF)

Multi-Language Courses

This curriculum contains 20 multi-language training modules (English, Spanish, and French) across eight cybersecurity topics. The language is chosen by the user at course start.

Estimated Completion Time: 200 minutes.

Role-Based Training Curriculums

Role-based training curriculums are pre-built course tracks aimed at specific employee roles or departments. The following pre-built role-based curriculums from NINJIO are available:

  • Sales: NINJIO Role-Based Training (9 courses)
  • Customer Service: NINJIO Role-Based Training (8 courses)
  • Finance: NINJIO Role-Based Training (7 courses)
  • Information Technology: NINJIO Role-Based Training (15 courses)
  • Human Resources: NINJIO Role-Based Training (6 courses)

Security Awareness for Administrative Team Members

Modules:

  • A message from your security team
  • Understanding phishing
  • Using free WiFi
  • Password security
  • Understanding social engineering
  • Mobile device security
  • Working remotely
  • Reporting Incidents
  • Clean desk policies
  • Stored document integrity
  • Two-factor authentication explained
  • Third-party security

Onboarding Awareness

Modules:

  • Remote Printing
  • Using Free Wifi
  • Working from home
  • A message from your security team
  • Third-Party Security
  • Secure Desk Policies
  • Clean Desk Policies
  • Password Security
  • Two Factor Authentication Explained
  • Understanding Phishing
  • Reporting Policies

Introduction to Awareness

Modules:

  • A Message from Your Security Team
  • Phishing
  • Free Wifi
  • Passwords
  • Social Engineering
  • Mobile Devices
  • Working Remote
  • Reporting

Security Awareness Training - Custom Campaign

Modules:

  • Password Security
  • Two Factor Authentication Explained
  • Clean Desk Policies
  • HIPAA Compliance Course
  • Reporting Policies
  • A Message from Your Security Team
  • Remote Printing
  • Understanding Phishing
  • Working From Home
  • Third-Party Security
  • Understanding Social Engineering
  • Using Free WiFi
  • Secure Desk Policies
  • Stored Document Integrity
  • PCI Compliance
  • Identity Protection - Mobile Device Security

Introduction to Security Awareness v2.0

Modules:

  • Working with a security team
  • Working Remotely
  • Password security
  • Understanding Phishing
  • Reporting Policies
  • Personal Data and PII - Security Data

Security Awareness for Technical Team Members

Modules:

  • Working with a security team
  • Understanding phishing
  • Using free WiFi
  • Password security
  • Understanding social engineering
  • Mobile device security
  • Working remotely
  • Reporting Incidents
  • Clean desk policies
  • Insider threats
  • Third-party security
  • Web browser vulnerabilities

Security Awareness for the Finance Team

Modules:

  • Working with a security team
  • Understanding phishing
  • Using free WiFi
  • Password security
  • Understanding social engineering
  • Mobile device security
  • Working remotely
  • Reporting Incidents
  • Clean desk policies
  • Stored document integrity
  • PCI Compliance

Extended Security Awareness

Modules:

  • Mobile Device Security
  • Two Factor Authentication
  • The danger of public wifi
  • Staying secure while working from home
  • Job Post Scams
  • What is phishing
  • Working with your security team

Understanding Phishing and Choosing Good Passwords

Modules:

  • Understanding Phishing
  • Choosing a good password

Security Awareness for Executives

Modules:

  • Working with a security team
  • Understanding phishing
  • Using free WiFi
  • Password security
  • Understanding social engineering
  • Mobile device security
  • Working remotely
  • Reporting Incidents
  • Clean desk policies
  • Two-factor authentication explained
  • Third-party security