SECURITY AWARENESS TRAINING

Staff Security Awareness Training
Build a Human Firewall

94% of breaches involve a human element. ThreeShield delivers security awareness training tailored to your industry and workforce - not generic slides. Healthcare staff, accounting teams, energy sector workers, and executives all receive training built for their specific threat context.

What's Included in ThreeShield Security Awareness Training

🎣Phishing Recognition
🤝Social Engineering
🔑Password & MFA Best Practices
📱Mobile & Remote Work Security
📋Incident Reporting Procedures
☁️Cloud & Email Safety

Industry-Tailored Content

Healthcare staff learn about EMR security and PHI handling. Accounting staff learn about wire fraud and client data protection. Energy sector staff learn about OT/IT risks and field device security. Generic training creates generic awareness - we build training for your actual threats.

Compliance Documentation

Training completion records satisfy requirements under HIPAA, Alberta HIA, CIS Controls, SOC 2 (CC2.2), and most cyber insurance policy requirements. ThreeShield provides completion certificates and training records suitable for audit evidence.

Delivery Formats

In-person workshop (Calgary and Alberta); virtual instructor-led for distributed teams; asynchronous e-learning modules for shift workers and remote staff. Annual refresher programs available.

Phishing Simulation

Optional phishing simulation testing included. Simulated phishing campaigns measure real-world susceptibility and identify staff who need additional coaching. Results inform training content for subsequent sessions.

Frequently Asked Questions

Annual training is the minimum required by most compliance frameworks (HIPAA, CIS Controls, SOC 2). ThreeShield recommends annual full training with quarterly awareness updates (e.g., a 10-minute module on a current threat). Phishing simulations work best quarterly. Organizations in high-risk sectors (healthcare, finance) should consider semi-annual full training.

Yes. ThreeShield delivers training in multiple formats specifically to accommodate distributed workforces. Asynchronous e-learning modules work on any device without a scheduled session. In-person training can be delivered at multiple Alberta locations or virtually for field staff.

Yes - ThreeShield can deliver training content in both English and French for organizations with bilingual workforces or federally regulated entities with Official Languages obligations.

Three Ways to Engage - DIY to Done-for-You

ThreeShield meets you at your current security maturity. Every level includes Lavawall®.

Self-Serve

DIY via Lavawall®

For lean IT teams and cost-conscious organizations with internal security capacity

  • Lavawall® GRC with security awareness requirements control mapping
  • Continuous automated evidence collection
  • Live compliance dashboard and score
  • Policy template library
  • AI-generated compliance status reports
Start with Lavawall®
Recommended for MSPs & Lean IT

Supported

Expert guidance alongside your team - ideal for MSPs and organizations with some internal IT capacity

  • Everything in DIY tier
  • CISSP/CISA gap assessment
  • Prioritized remediation roadmap
  • Policy and procedure development
  • Quarterly compliance review calls
  • MSP white-label available
Get Supported Engagement
Fully Managed

Done-for-You

Full compliance delivery - ThreeShield manages the entire program end to end

  • Everything in Supported tier
  • Full compliance program management
  • CISSP/CISA-executed formal assessment
  • findings methodology (typically 200+ findings)
  • Complete documentation package
  • Annual reassessment included
Book Done-for-You

Ready to Get Compliant?

Choose your engagement model: DIY via Lavawall®, supported by ThreeShield's CISSP/CISA team, or fully done-for-you. Every model includes continuous monitoring so you stay compliant year-round.

Book a Scoping Call

DIY · Supported · Done-for-You · Available globally