Szkolenie Securitum Cyber AwarenessSzkolenie z bezpieczeństwa IT dla pracowników biurowych

Agenda

You can freely combine the training modules available below. If you have any doubts, we will advise you on the most frequently chosen modules (write to:  [email protected])

01.
The Landscape of Cyberthreats 2026 Expand
  • Current cases of phishing attacks (email, voice, SMS attacks, attempts to impersonate the CEO, fake advertisements, fake invoices)
  • Examples of attacks using AI (deepfakes, complex attacks)
  • Live demonstration
  • Protection recommendations
Bestseller! 
02.
  • How can I check if my data is included in a data breach? [live demonstrations]
  • Which passwords are weak and which are strong? [live demonstrations]
  • What is two-factor authentication? [live demonstrations]
  • What are password managers? [live demonstration]
  • How do data breaches occur? Examples from Poland
  • How should documents be properly prepared to prevent data leaks? [live demonstrations]
  • How to effectively remove data from a portable drive [live demonstrations]
Bestseller! 
03.
  • Examples of serious data leaks related to the use of AI (real case studies from Poland and abroad)
  • What is the prompt injection attack technique?
  • Protection methods
Bestseller! 
04.
  • Introduction to deepfakes
  • Example of deepfakes: voice / video / photo [live demonstration]
  • Possible threat scenarios for companies
  • Deepfakes vs disinformation
  • The use of deepfakes in cyber fraud
Bestseller! 
05.
  • Should Pegasus be a cause for concern?
  • Fake QR codes
  • Fake applications
  • Impersonating SMS senders
  • Is antivirus software necessary on your mobile phone?
  • Smartphone security methods
Bestseller! 
06.
  • What is ransomware? Introduction
  • Current examples from Poland and around the world
  • What are the main methods of infecting companies and how can you protect yourself?
  • Procedure for responding to a ransomware attack
Bestseller! 
07.
  • What is OSINT?
  • How to search for information about yourself/your company [live demonstration]
  • What are the risks of excessive information sharing on the Internet?
  • What are metadata and how to avoid revealing confidential information in them?
  • Searching for information using images
08.
  • Can an access card to a building be cloned?
  • What are the risks of connecting an untrusted USB stick to a computer?
  • What are infostealers?
  • Unusual domain names using diacritical characters
  • BITB attack
  • Malicious CAPTCHAs
  • Threats in a browser (push notifications, attachment smuggling)
09.
  • Selection and assessment of the workplace, including safety recommendations
  • Privacy filters
  • Locking/automatic locking of the computer
  • Rules for handling private accounts
10.
  • Software installation – what to look out for
  • E-mail
  • Working with company information
  • Securely deleting data from your personal computer
  • The basics of data encryption
  • Browser plugins and online document converters – threats
11.
  • Overview of several real-life personal data breaches with commentary from an expert on technical IT security
  • How GDPR breaches most commonly occur – an overview of cases
  • How to minimise the risk of a GDPR incident at low cost – a condensed overview of advice
12.
  • How to quickly increase the security of your Wi-Fi router?
  • Why is it not worth connecting to open networks?
  • Live demonstration of the basic configuration of a home Wi-Fi router
  • Live demonstration of cracking the password to a poorly secured wireless network
13.
  • Data leaks – how do they occur, how to reduce the risk of a successful attack?
  • Impersonating management e-mails
  • Voice and video deepfakes impersonating management
  • Modern ransomware – a change in the way attackers operate. What to do to reduce the risk of an attack?
  • The basics of social engineering attacks - an overview of several real-life scenarios
  • Threats resulting from conscious/unconscious security breaches by employees. A few simple steps to reduce the risk

Ask about the training

We organise training courses for groups of 10 or more participants. To receive a training offer, please write to: [email protected].

+48 (12) 352 33 82

Benefits of Securitum Training

Professional

Training prepared by active practitioners with experience in protecting company security.

Modular

The training can be put together from ready-made subject modules. This allows the course to be tailored as closely as possible to the specific needs of the customer (also in terms of the duration of the training).

Practical

Most modules include a live demonstration, which engages training participants much more than the “talking heads” often found in such courses.

Up-to-date

The training is regularly updated with new types of attacks and new defence methods – participants have access to the most up-to-date knowledge.

Transparent

The training, conducted in understandable language, is aimed at all employees who use computers.

Engaging

We pay particular attention to engaging course participants through mini tasks, live surveys, and answering questions.

Effective

The training is conducted live. Direct contact with the trainer and the possibility of adapting the agenda to the needs of a given organisation guarantee a real increase in employees’ knowledge of cyber threats.

Flexible

The training formula is tailored to the client’s needs and budget – onsite, online, and division into groups, with the possibility of using the training recording as internal material.

Training Reviews

A great training course. Fast-paced narration, lots of practical examples presented in the form of anecdotes, encouraging immediate testing. Relaxed and eloquent delivery. Excellent.
Maciej
The training was very interesting and accessible. The examples were presented very well, with references provided. Two hours flew by like five minutes. The most interesting training I have ever attended (…)
Martyna
Lots of real-life examples and demos, links to websites where you can check various information. The training itself was a big plus – interesting and engaging.
Katarzyna
It was very interesting and enjoyable to listen to. It was great to hear specific examples of what to do and how to do it. No unnecessary padding or incomprehensible chatter.
Wojciech
There were many places where data leaks could be checked – I didn’t know about many of them (…) Real cases of leaks kept me interested throughout the entire training.
Anonymous
Showing specific examples from real life where and what to watch out for. At what points should alarm bells start ringing that something is wrong?
Anonymous
The trainer was very well prepared in terms of technical knowledge and content, spoke clearly, used vocabulary appropriate to the audience’s level, without going into technical details. Great job!
Anonymous
A practical demonstration of the risks and websites where you can check whether your data may have been leaked (…), real case studies, specific examples that could just as easily happen in our lives.
Agata
I think everything was valuable. I knew some of the things, but I didn’t care about them. It’s good that an expert showed me the real consequences of not paying attention to this, and that’s what stays in my mind.
Anonymous
The training, materials and teaching methods were fantastic – thank you. Thank you for the efficient organisation on your part!
Anonymous
Lots of real-life examples and demos; links to websites where you can check various information. The training itself was a big plus – interesting and engaging.
Anonymous

About the training

Nearly 70% of Polish companies have already experienced an attack targeting their infrastructure, and with rapid digitalisation, these numbers are growing rapidly.

In response to growing demand, we have developed a course for office staff that provides appropriate training, translating into improved ICT security awareness and threat response skills.

The material has been prepared in such a way that a person with basic computer skills can look at a given situation or event from the attacker’s perspective and thus protect themselves and their company from an attack.

During the training, the latest examples of attacks targeting Polish and international companies will be presented, ranging from small and medium-sized enterprises to corporations and public institutions. Topics covered will include best practices for ensuring online security, appropriate procedures to be implemented in everyday work, secure data storage, correct use of browsers, email clients and office suites, and the ability to recognise social engineering attacks.

We also offer the option of tailoring the agenda to precisely match the educational needs of your organisation.

Additional services

The training can be enhanced with additional social engineering testing services. These tests may be of the following type:

phishing

A phishing test checks employees’ resistance to email attacks in which they are persuaded to click on a URL or open a ‘malicious’ attachment. After preliminary Open-Source Intelligence (OSINT) research to tailor the attack, our auditors simulate a typical email interaction using seemingly harmless URLs or attachments. Depending on the pre-agreed scenario, emails may lead to a specially prepared website or contain an attachment disguised as an executable file that is used to transfer data from the computer. Our team customises each test scenario using dedicated web domains, the necessary infrastructure and software. Upon completion, a report is prepared that includes the assumptions, implemented scenarios and comprehensive statistics reflecting the scope of the campaign.

Vishing

Vishing, or voice phishing, refers to social engineering attacks carried out over the telephone, aimed at persuading employees to disclose confidential information or perform actions that could compromise security. During the test, our auditors assume specific roles to gain the trust of the target person and persuade them to take certain actions, such as following instructions or sharing confidential data. The final report contains detailed information on the assumptions, scenarios implemented and results, providing insight into areas requiring attention and improvement.

Onsite testing

The aim of on-site testing is to overcome physical security measures, such as building reception or security, using social engineering techniques. First, reconnaissance of the location where the test is to take place is carried out, followed by an attempt to enter the designated location and perform specific activities. The entire social engineering attack is documented with photographs taken during the attack. Before work begins, a detailed plan will be developed in case the auditors are detected while attempting to physically breach security (e.g. unauthorised passage through a security gate). Social engineering tests can be conducted before and/or after training.

Faq

Yes, we select specific training modules that are determined already at the proposal stage. Before the training takes place, the trainer always contacts the client in order to further clarify the agenda.

The training is conducted live, with a choice of online or onsite (at the client’s premises or a location specified by them).

It depends on the arrangements and the client’s needs. Most often, training sessions last between 1 and 3 hours (single training sessions).

The training can be conducted in Polish or English.

In principle, the group size can be any size. However, it should be noted that the larger the group, the more difficult it becomes to ensure that each participant has meaningful contact with the trainer and the opportunity to ask questions, etc.

This is determined individually in each offer and depends on the client’s requirements. Usually, it includes a shortened version of the training presentation and a quiz designed to verify the participants’ knowledge.

Yes, provided that the license option for such a recording has been purchased – this is usually a separately priced option in the offer.

This training course is intended for companies. For individuals, we offer open training courses, available in our shop: sklep.securitum.pl

Trainers

Michal Sajdak Securitum

Michał Sajdak

Tomasz Turba Securitum

Tomasz Turba

Michal Wnekowicz Securitum

Michał Wnękowicz

  • Security consultant with experience in IT systems security since 2018. Graduate of AGH University of Krakow with a degree in Information and Communication Technology. As Chief Content Officer, he creates technical cybersecurity content and educational materials for Securitum.
  • Author of articles published on sekurak.pl, including the IT Infrastructure Reconnaissance series. As a trainer, he has delivered several hundred Cyber Awareness training sessions and trained more than 10,000 participants.
  •  As a trainer, he has delivered several hundred Cyber Awareness training sessions and trained more than 10,000 participants.
  • A speaker at conferences including MEGA Sekurak Hacking Party, Sekurak Awareness Party, PLNOG, CyberStarter and the JST Conference 2025.
Krzysztof Zams Securitum

Krzysztof Zams

  • IT security consultant at Securitum.
  • Former CISO at a FinTech company.
  • CompTIA Security+ certificate holder.
  • Has trained thousands of people in Poland and abroad in cyber security, aiming to explain technical issues in a simple and accessible way for everyone.
  • Passionate about IT security, open-source intelligence (OSINT) and online privacy.
  • Author of articles on sekurak.pl, participant in bug bounty programmes, speaker at Sekurak.Academy Open Days.
Katarzyna Szczypin Securitum

Katarzyna Szczypiń

  • An experienced trainer with over 7 years of experience in cybersecurity training.
  • She specialises in raising user awareness and cyber hygiene.
  • She is passionate about speaking at conferences and hosting webinars, focusing on the practical aspects of security, especially in the area of social engineering.
  • In addition to training in Polish, she also conducts sessions in English.
  • She has also been involved in the strategic development of research.
Aleksander Wojdyła Securitum

Aleksander Wojdyła

  • IT security consultant at Securitum.
  • As a speaker and trainer, he has trained thousands of participants in both technical issues and Cyber Awareness.
  • On a daily basis, he conducts infrastructure penetration tests, OSINT analysis and red team exercises.
  • He holds industry certifications, including: CISSP, OSEP i OSCP.
  • He is the author of publications on artificial intelligence, law, compliance, and offensive security.
Top