CBFree Security Training
HIGH QUALITY, COMPLIMENTARY, COMPUTER BASED TRAINING
These look great! The presentation and audio are exactly what we needed!
– Director, Information Security
For many of our customers, security awareness Computer Based Training (CBT) helps check-a-box to satisfy a compliance need. We recognize this need is a requirement so we’ve developed a set of SCORM-compliant materials to help meet that need for all companies – Cofense customers and non-customers alike – free of charge. That’s right. Free.
The same amazing team that produces Cofense’s best-in-class Simulation content keeps the material fresh, compliant, and relevant!
Easy to Understand, Use, and Adapt
We’ve made it easy for you to take advantage of this content. If you have a Learning Management System (LMS) that ingests SCORM-compliant materials, just download the files and run the training through your own LMS. Cofense CBFreeTM was developed using the latest eLearning techniques and trends that promote substantial engagement by the pupil. Each module takes about 5 minutes to complete and comes with an optional 5-15 minutes of interactive Q&A.
Security Awareness Modules
Interactive Modules covering today’s biggest threats. Available in multiple languages.
Cybersecurity Awareness
This Cybersecurity module was developed to raise awareness about how to avoid online threats that might target you or our organization. By identifying common online threats, understanding risk factors for each type of threat, and learning how to minimize the risk of an attack.
Data Protection
Data protection is a core value for any organization that handles confidential information. This lesson covers how to handle information safely and common responsibilities under various laws and policies.
Insider Threats
Some of the most dangerous threats to your organization can come from within. In this lesson, we discuss the three main types of insider threats, what motivates them, and what you can do to help minimize the risk of an inside attack.
Advanced Spear Phishing
This Cybersecurity module was developed to raise awareness about how to avoid online threats that might target you or our organization. By identifying common online threats, understanding risk factors for each type of threat, and learning how to minimize the risk of an attack.
Business Email Compromise
The Business Email Compromise (BEC) Scams module covers topics on: identifying BEC scams, differentiating between the three main types of BEC scams, and reporting a suspected attack.
Cloud Computing
The Cloud Computing module will differentiate desktop from cloud computing; identify the advantages and disadvantages of cloud computing; and describe several best practices for using the cloud safely.
Malicious Links
On the Web and in email, hyperlinks are the easiest tool that cyber criminals can use to deliver malware—all it takes is the click of a link. In this lesson, we break down the parts of a link and the structure of a URL to reveal the warning signs of a malicious link.
Malware
Malware has been a threat for decades, and it has grown more sophisticated over the years. Various forms of malware might spy on your activity, allow attackers remote access to your drives, or take control of your device. This lesson teaches what the different types of malware do, and how to avoid falling victim to them.
Mobile Devices
Modern mobile devices allow you to bring your office anywhere; they also leave your information incredibly vulnerable. In this lesson, learn the best practices for keeping your information safe when browsing on a mobile device.
Passwords
A password is your account’s first line of defense, but it is also vulnerable to cyber attacks. In this lesson, we discuss password strength and password diversity along with the best password security tools and practices for keeping your account secure.
Physical Security
Physical security measures are used to deter and detect unauthorized access to your technical devices. In this lesson, teach your employees about the steps you have taken to secure the workspace; where they are most at risk; and what they can do to prevent falling victim to theft.
Ransomware
The Ransomware module covers topics on: what ransomware is and how it is delivered, ransomware’s effect, minimizing the threat of ransomware, and reporting ransomware attacks.
Security Outside of the Office
When working outside of the office, employees must be on their guard against an array of threats. Use this lesson to educate your users about threats that linger in public places, and what they can do to protect sensitive information.
Social Engineering
When working outside of the office, employees must be on their guard against an array of threats. Use this lesson to educate your users about threats that linger in public places, and what they can do to protect sensitive information.
Social Networking
Social networking profiles are easily exploited by cyber criminals. In this lesson, we cover the basics of responsible social networking; topics include app permissions, privacy settings, and more.
Spear Phishing
A majority of cyber-intrusion attempts begin with spear phishing emails. These targeted attacks are delivered via malicious links, file attachments, and login forms. This lesson helps show the warning signs to look out for and what to do in the event of a spear phishing attack.
Surfing the Web
Encouraging safe Web browsing habits is critical to the safety of your organization. In this lesson, we cover an array of concepts such as secure sockets layer (SSL) encryption, illegal content, and browser plug-ins and extensions.
General Phishing
The General Phishing modules covers topics on: the differences between spam, phishing, and spear phishing; what you can do to minimize the risk of a phishing attack; and how to identify indicators of a phishing email. *Currently only available in English
Internet of Things (IoT)
Many people interact with at least one IoT device daily. While these devices make our lives seamless, they also collect, monitor, and manage our data. Learn more on how certain practices will allow you to minimize your risk while using IoT devices and keep your data secure.
Microlearning Modules
CBFree Microlearning is a series of short modules, each 2-3 minutes, with interactive materials or videos plus “knowledge check” questions at the end. These SCORM 1.2 compliant responsive HTML5 modules can be offered through your organization’s learning management system (LMS) or Cofense LMS.
Be Careful with Information
An overview of Information safety including the use of public networks, secure disposal of information, encrypting data, as well as, keeping personal and business information separate.
Brand Impersonation
An overview of brand impersonation including popular narratives from online shopping, shared documents, social networking, shipping, and banking.
*Currently available in English only.
General Phishing
A general overview of phishing, including a short video and knowledge check questions.
Information Classifications
An overview of Information Classifications including, confidential, restricted, internal, and public information.
Malware
An overview of Malware including spyware, ransomware, bots, rootkits, viruses, and more.
Mobile Devices
Learn the essentials of mobile device security, including backups, keeping applications up to date, and using a VPN.
Passwords
An introduction to passwords, including the use of complex, random, and unique passwords, as well as changing passwords and use of multifactor authentication.
Phishing
An overview of phishing, including the use of security updates, scanned documents, urgent statements, unpaid invoices, and order confirmation emails.
Phishing and Emotions
Learn the role emotions play in phishing, including a short video and knowledge check questions.
Phishing vs. Spear Phishing
Understand phishing versus spear phishing, including a short video and knowledge check questions.
Risk Management
An overview of Risk Management to identify, protect, detect, respond and recover from potential cyber or physical threats.
*Currently available in English only.
Social Engineering
An introduction to social engineering, including pretexting, baiting, mind games, and quick tips.
Vishing
An overview of vishing including pretexting, emotional appeals, priming the recipient, and what you can do to do to avoid the traps.
Working Outside the Office
An overview of working outside the office including using a VPN, being aware of your surroundings, being prepared for a lost or stolen device, and locking your device.
Security Compliance Modules
Compliance modules that focus on training for a better understanding of the policies, procedures, and reporting standards when it comes to handling protected personal information.
General Data Protection Regulation (GDPR) Compliance
An overview of the new compliance regulations, your responsibilities under GDPR, and how to report a non-compliance issue. EU-specific.
Health Care Compliance
An overview of the HIPAA, HITECH and Omnibus legislation and security measures that can be taken to protect the data, and the reporting procedures in case of a data breach
Payment Data Compliance
Answers “what is cardholder data,” the standard and regulations both an IT-Professional and Non-IT Professional must follow to protect the data and privacy of the cardholder, and how to report a data breach.
Personal Data Compliance
Focuses on the laws and regulations that govern the protection of sensitive personal data, security measures that can be taken to protect the data, and the steps to take when reporting a data breach.
Privacy Amendment (Notifiable Data Breaches) Act 2017
Privacy Amendment (NDB) Act module is an overview of the 2017 Act that was instituted in February of 2018 in Australia. The module focuses on the definition of a data breach, and the notification process for eligible data breaches.
Security Awareness Games
Interactive game modules to make security awareness training fun for employees. Available in English only.
Category Challenge
Test your knowledge by answering questions about passwords, malicious links, spear phishing, malware and social engineering. Collect enough points to win the game.
Honey Comb Challenge
Test your knowledge by answering questions about cybersecurity and phishing topics. Start at the first cell on the left. Select adjoining cells to move across the board. If you answer incorrectly, you must start over. Once you make it to the right side of the board, you win the game.
Indicators of a Phish
Investigate the email and answer the prompts. If you score more than 80% you win the game.
Resiliency Quiz
Resilience is an indicator of how well recipients are conditioned to not interact with phishing emails. Take this quiz to assess your awareness of habits that may make you vulnerable to targeted phishing or malware and learn tips to make you more resilient.
To Catch a Threat
Taken from real phishing emails, click each indicator within the email and then report each phishing email using the Report Phishing button. Each email has 2-3 indicators displayed. Each correct response receives 5 points, you must score 50 points to win.