Course Outline: Security & Privacy Online (SPO)


Human error is the leading contributing factor to a cyber security incident. Managing cyber security risk must involve ‘end-user’ awareness training. Security & Privacy Online (SPO) is an easy to digest four-part course covering email, social media, web and computer and device security. It is focused on giving users at every level the essential knowledge to prepare for, recognise and respond to online scams and threats. Optionally, learning is reinforced using a series of threat simulations to measure staff behavior. Most attacks are not sophisticated and so an effective defence is simply a disciplined implementation of the basic fundamentals.

Learning Outcomes

Reduce overall cybersecurity risk from targeting individuals by:

  • Configure computers, devices and software to mitigate common vulnerabilities.
  • Understand and recognise common online scams and attacks aimed at users.
  • Practice 'online hygiene' to avoid inadvertent compromise.


The SPO course is only available as in-house private delivery. Each of the four modules is a half-day course. Training packages can consist of one, two, three or four half-day modules.

Threat simulations are completed on or off-site in the weeks following the training course. Simulations can be purchased independent of training.


  • Familiar with using computers and browsing the Internet.


Dates are subject to booking availability.


Training: $3,500 +GST per module (half-day). Max 50 participants

Simulation: $3,500 +GST per module. Max 50 participants.


Please register your interest in our SPO course by emailing:

Please inform of which modules you are interested in, preferred dates and participant numbers.

Course Program
Security & Privacy Online

  • Spear Phishing Threats
  • Identifying an attack
  • Responding to an attack
  • Cloud-based email security

Simulated Spear Phishing campaigns to measure:

  • Opening Rate
  • Click-through
  • Information Capture
Social Media
  • Personal Data Exposure
  • Configuring Privacy
  • Work / Personal Segregation
  • Vet Requests & Solicitation

Audit of social media profiles and active solicitation to assess:

  • Privacy Settings
  • Information Exposure
  • Request Acceptance
World Wide Web
  • Website Threats
  • Preventing Web Attacks
  • Respond to Web Attacks

Analysis of web logs & browser / web history to measure:

  • Visits to our honeypot
  • Exploitable web browsers
  • User reporting of incident
Computer & Device
  • Wireless threats
  • Physical threats
  • Maintaining physical control
  • Secure configuration

Covert or overt on-site assessment of:

  • Wi-Fi Security
  • Removable Media Security
  • Device Hardening