Navigation
      Back to home
      1. Help Center
      2. Getting started
      3. Navigation

      Security Training

      This article will assist you in understanding the type of training that needs to be performed for company employees

      What is Security Training?

      More than just training

      Security Awareness training, also known as cyber security awareness training, is not just about checking a compliance checkbox, but also trying to give the end-users in the organization the tools necessary to be alert against threats like phishing and malware. 
      After all, business email compromises are one of the easiest ways for hackers, and nation-states to steal data, gain access to a network, or worse deploy ransomware.
      You as a lead implementer are to ensure that the organization is compliant with this requirement. If you're an implementer for Scytale, don't worry, our platform encompasses this feature for organizations' end users. 
      This will be audited using automation. However, if not, you must ensure that the organization is performing end-user security awareness training at least on a yearly basis.

      Audit Method

      1. Pull a list of all employees from human resources
      2. Pull a list of all employees that have successfully completed training
      3. Reconcile list
      4. Notate any findings or deviations
      Topics that should be included in the security awareness training include basic cyber security principles, phishing examples, ransomware, and social engineering concepts that end-users could face. 

      Manage employees' training in Scytale

      Training Screen

      To follow the compliance requirements, all company employees have to complete the Security Training on an annual basis.
      With Scytale, you can manage and complete the following pieces of training:
      1. Security Awareness Training - All company employees must complete the training on at least an annual basis, to comply with all kinds of frameworks.
      2. SDLC Training (Software Development Life Cycle) - The R&D department must complete the training on at least an annual basis, to comply with ISO 27001.
      3. HIPAA Training (Health Insurance Portability and Accountability Act) - All company employees should complete the training. A final score of 80 points is required as part of the training program.

      How to get started?

      The first time you access the training screen, you will find a preview of the training content. Please sample the training and complete it by yourself.
      Copy the link!
      Click the "Copy Link" button to send the training link to your company employees.
      In addition, you can sample the training by clicking the Preview button. 
       

      No need to invite all company employees to Scytale platform, just send them quickly the link to the training, and the results will be published here.

       

       
      Once employees start to complete the training, the table of results will be displayed.

       

      Note that you can still preview the training and copy the link for the training.

       

      Table of Results

      On the top right side of the page, you'll see a running total of employees who have completed their training. The table of results is updated a few times a day.

      On this screen, you will find a table of the training responses with all the following details:
      • A numbered list of employees
      • Employee email
      • Training status - will be marked as "Done" once employee finishes their training (may take up to 24 hours to appear) 
      • Last training - The date of the training performed.

      Please note:
      For compliance purposes, completed employee training is valid for exactly 12 months, after which it will be removed from the training screen.