Enterprise Security
Certification :


OSSA




Web Application
Auditing & Pentesting
Certification :


OSWAP




Wireless Security
Auditing & Pentesting
Certification :


OSWA




Wireless Investigation
For Law Enforcement
Certification :


OSWILEP




Secure Wireless
Deployment & Monitoring
Certification :


OSWiSP





Upskilling Training
Courses :


AIDE





Preparatory Training
Courses :


RWSP





Training Class & Certification Exam Schedule

Training Class & Certification Exam-related FAQ

Authorized Training Partners & Training Schedules

Certified Practitioners List

Examination Review Board

Assisting Individual Defence(tm) - Email (AIDE)

Assisting Individual Defence - Email (AIDE)
Employee & Individual Anti-Phishing/Anti-Ransomware Upskilling Training


The bulk of annual total reported security breaches involves attacks against individuals and employees :



Source : Verizon 2022 Data Breach Investigations Report





Of total data breaches, phishing-type attacks form the greatest percentage :



Source : CISCO 2021 Cybersecurity Threat Trends Report





People still continue suffer such attacks DESPITE TECHNICAL DEFENCES (ANTI-SPAM, ANTI-VIRUS, ANTI-PHISHING, ETC) IN PLACE at companies, institutions, schools and other organizations worldwide.


This is proof that reliance on technology alone will NOT protect you !


In fact, most malware continues to be delivered by email directed at people :



Source : Verizon 2021 Data Breach Investigations Report





An attacker only needs ONE PERSON to do a single click, single opening of attachment, etc, and KABOOM - now you've got ransomware...or something much worse!


Plus, office document formats are usually the most widely used weapon of choice for attackers to target your people, with the composition of total malicious email attachments as follows:


        Source : CISCO 2018 Annual Cybersecurity Report





Therefore, attackers view all forms of email-based attacks as the most low-risk and worthwhile type of end-user attack.


And then there is the Great Resignation - cybersecurity practitioners everywhere are getting burnt-out having to deal with daily attacks and organizational demands; a 2022 survey shows 54% OF THEM WANT TO QUIT DOING CYBERSECURITY.
The constant pace of attacks and requirements is only going to place ever-increasing strain on your IT and cybersecurity teams.


All these statistics are guaranteed to get worse with time, regardless of whether you are a large bank or financial services company, a teacher or school, a student, a government entity, a small business owner, family office or high-net-worth individual, etc...




Wouldn't it be helpful for you, your IT team and your company if...



...EVERY ONE
of your people...



...could learn...



...how to spot and avoid...



...an attack email?





With the ASSISTING INDIVIDUAL DEFENCE - EMAIL (AIDE) upskilling training, they can!


UPSKILL EVERY EMAIL-USER TO BECOME PART OF YOUR TECHNICAL DEFENCE!

It doesn't matter if they are in HR, Finance, Procurement, Sales, Marketing, Legal, Teaching, etc, or if they work for a commercial or an educational or a non-profit organization - every non-technical person CAN BE ABLE TO HELP DEFEND YOUR ORGANIZATION by becoming an effective extension of your cybersecurity and IT team defences !


By enlisting your non-technical people in the fight against phishing, ransomware and other cyberthreats via equipping them with the ability to more easily identify an attack email that makes it past your technical defences, this will lighten the burden that your Cybersecurity and IT teams have in dealing with constant attacks against your organization and mitigate their burnout rate.


Even if you have Outlook plugins that allow your employees to report suspected phishing emails, someone in your IT or cybersecurity team has to spend time or effort processing the report or acting on a third-party service-provider report that is sent to them.
Doesn't this reporting add to their existing already-heavy workload?




Many vendor-delivered end-user-level trainings and security awareness sessions are generic and focused on cosmetic approaches, or are directive in nature (e.g. simply tell you "don't open suspicious emails", etc) or tell you to do something but don't teach you exactly HOW to do it at a technical level.
Those therefore do not impart sufficient technical-level depth to make a substantial difference at the front lines of Cybersecurity.

End-user security awareness training also often does not factor in the continued inventiveness and creativity of attackers in bypassing automated defences.

And "gamification" and "fun" doesn't always mean people will properly learn the actual technical skills needed to be of REAL help to your IT and Cybersecurity teams.



You just need to answer a simple question :

After going through all the prior end-user training and security-awareness programmes, do ALL your non-technical end-users now have ACTIONABLE TECHNICAL-LEVEL SKILLS that allows them to confirm that an email is malicious WITHOUT NEEDING TO ESCALATE TO YOUR I.T. TEAM ?

The deliverable should be "did the training make a real difference in increasing your security posture", and not how "fun" or "gaming" it was.



As opposed to security-awareness programmes, our very-targeted, very-focused and cost-effective UPSKILLING TRAINING converts TECHNICAL-LEVEL cybersecurity skills into easy-to-apply everyday practical steps that ANYONE can apply to validate whether any email that makes it past your technical anti-spam/anti-phish defences and arrives inside their mailbox is legitimate or not.

After going through AIDE™, ALL your non-technical end-users can become a technical-level extension of your Cybersecurity / IT-team and the last line of real defence against phishing and ransomware-laden emails that make it past your outer automated defences!


Why focus specifically and exclusively on email?

As per the charts under the WHY DO I NEED ANTI-PHISHING / ANTI-RANSOMWARE TRAINING section, email is the single largest delivery mechanism for targeting an organization through its end-users. So it makes sense to go after the biggest threat first.


Using our proprietary methodology and tool, we will teach your email-users how to easily spot different types of creative approaches that attackers take when sending spear-phishing and other social-engineering-attack emails to targets' mailboxes.

The session includes a practical real-life exercise segment so that attendees can put what is taught into practice.




  • Enables your NON-TECHNICAL end-users to be self-checking on EVERY email inside their mailbox;

  • Lightens your IT / Cybersecurity team workload by reducing the number of Outlook pushbutton "report phishing email" reports they receive;

  • Helps free up your IT / Cybersecurity team to focus on more value-added tasks;

  • Family offices and high-net-worth individuals - AIDE™ assists you in avoiding disruption and damage to your investing, treasury-related transactions and high-value activities due to phishing, ransomware and other incidents arising from end-user email interaction;

  • Hospitals & Healthcare - AIDE™ helps to reduce the probability of phishing, ransomware and other incidents arising from end-user email interaction from disrupting the operation of your critical healthcare systems;

  • Schools & Education - AIDE™ helps to reduce the probability of phishing, ransomware and other incidents arising from end-user email interaction from disrupting your students' learning that is reliant on computers and school support systems;

  • Law Firms - AIDE™ helps to reduce the probability of phishing, ransomware and other incidents arising from end-user email interaction from disrupting your computer systems that you use to perform client work and communicate with clients;

  • Insurance & Banks - AIDE™ helps to reduce the probability of phishing, ransomware and other incidents arising from end-user email interaction from disrupting your access to critical customer records and accounts;

  • Removes the excuse that "I didn't know it was a malicious email" or "I am not trained to spot fake emails"; Now the only remaining reason the end-user can give is "I can't be bothered to check" and this makes any Consequences Policy you have so much easier to enforce;

  • and can even be applied to your own personal / home email if you work, study or conduct business from home !




  • HR department employees

  • Finance department employees

  • Procurement department employees

  • Marketing department employees

  • Sales department employees

  • Senior, mid and supervisory management

  • Family offices

  • High-net-worth individuals

  • School teachers

  • School students

  • Doctors

  • Nurses

  • Lawyers

  • Administrative staff

  • and EVERY NON-TECHNICAL PERSON WHO USES EMAIL IN A WORKPLACE, SCHOOL, HOSPITAL AND HOME !




An organization with a global customer footprint engaged us to conduct an unannounced spear-phishing security-test against a list of its non-IT employee targets in October 2022 in order to assess the organization's security posture after going through past standard end-user security-awareness training.

The bite-rate (or "click" percentage) for this pre-training baseline test was 66.67 %.

Four days after this initial baseline test, an ASSISTING INDIVIDUAL DEFENCE - EMAIL (AIDE) anti-phishing & anti-ransomware upskilling training session was conducted for the employee targets.

A second spear-phishing test was commissioned by the same customer to be run four days after the AIDE™ training.

Result : after the AIDE™ session, the bite-rate dropped to 0 % ...and, in a total role reversal, there were even non-technical employees who alerted the organization's IT team by sending screenshots of the raw email headers to describe the attack attempt to the IT team, one example of which is shown below :



Collectively, this demonstrates internalization and application of the technical-level skills imparted by our upskilling training.

A 100 % drop in the bite-rate following our training proves that it is entirely feasible for non-technical users in HR, Finance, Procurement, Marketing, etc, to acquire and apply technical-level cybersecurity skills to help defend an organization!

( Note : the spear-phishing tests were separately commissioned by the customer and is not part of an AIDE™ session/pricing. )




Up-to-3 hours, subject to the degree of attendee interaction during the practical exercise segment.


Ideally, paid sessions are intended to be run on-site at your organization's premises for maximum effect. However, so long as attendees can access their organization and/or personal email inboxes during the session using their laptop computers, the session can be run at any physical location subject to minimum session size and space constraints.




Contact us today for pricing and availability in your country.

Please kindly email from your organization's email address and provide your company/school/institution/agency name as this training is intended for organizations with non-technical employees, e.g. businesses, government-related entities, educational institutions, medical facilities, etc.

Enquiries received from Gmail and other free email address providers are unlikely to get a reply.














































































Copyright © 2005-2022 THINKSECURE® PTE LTD ("ThinkSECURE"). All Rights Reserved. Any reproduction, storage or transmission of any of the contents of this website, without the express and written consent of ThinkSECURE Pte Ltd is strictly prohibited. Use of this site is subject to our Terms & Conditions. The "THINKSECURE" brand name is a registered trademark of THINKSECURE PTE LTD in Singapore and a trademark of THINKSECURE PTE LTD in certain other countries. The ThinkSECURE device is a trademark of THINKSECURE PTE LTD in Singapore and certain other countries.

This Website Is Designed To Be Viewed At 1024x768 Resolution and 24-bit color using Arial, Stencil Std & Lucida Console fonts.