Skip to main content
Templates/Technology/Cybersecurity Awareness Training
CCompliance

Cybersecurity Awareness Training

All-staff cybersecurity awareness covering phishing recognition, social engineering beyond email, password practice, two-factor authentication and incident reporting, built around realistic phishing emails to analyse.

8 sections
12 minutes
💻 Technology

Who this is for

All staff in any UK organisation, from new starters to senior leaders, with no technical background assumed

Learners will be able to

  • Identify the tell-tale signs of a phishing email, including sender spoofing, urgency cues and mismatched links
  • Recognise social engineering attempts beyond email, such as vishing calls, smishing texts and tailgating
  • Apply password best practice: unique passphrases, a password manager and no credential reuse across accounts
  • Explain how two-factor authentication blocks account takeover and how to respond to MFA-fatigue push bombing
  • Report a suspected incident through the correct internal channel within minutes, not hours

Template prompt

Create a cybersecurity awareness module for all employees covering phishing email identification, social engineering attacks, password best practices, two-factor authentication, and incident reporting procedures. Include realistic phishing examples to analyse.

This prompt is fully editable. Customise it to match your audience, regulations, and learning objectives before generating.

What the 8 sections cover

  1. 1

    Why attackers target people, not systems

    Context panel on why most reported UK breaches begin with phishing or another human-targeted technique, and what a single compromised account can cost an organisation.

  2. 2

    Anatomy of a phishing email

    Cue-by-cue breakdown of a realistic phishing message in a comparison table: spoofed sender address, urgency language, mismatched link destination and attachment lure.

  3. 3

    Spot the phish: scored inbox challenge

    Learners analyse three realistic emails and classify each as safe or phishing, with scored feedback explaining every red flag they caught or missed.

  4. 4

    Social engineering beyond the inbox

    Short workplace scenarios covering vishing calls, smishing texts, pretexting and tailgating, each with a decision point and consequence feedback.

  5. 5

    Passwords and passphrases that actually hold up

    Flashcards contrasting weak and strong credential habits: password managers, unique passphrases per account and why reuse is the attacker's favourite shortcut.

  6. 6

    Two-factor authentication and MFA fatigue

    How 2FA stops most account takeover attempts, how push-bombing tries to defeat it, and a quick scored check on responding to unexpected authentication prompts.

  7. 7

    Incident reporting: the first ten minutes

    A step-by-step reporting flowchart showing who to contact, what not to touch, and why fast reporting supports the UK GDPR 72-hour breach notification clock.

  8. 8

    Final assessment and key takeaways

    Mixed scored questions across phishing, social engineering, credentials and reporting, closing with the three behaviours every employee should carry into daily work.

Structure is representative — the generator adapts sections to your edited prompt and passes every package through interactivity and visual-density quality gates.

See a real generated example

School Staff Cybersecurity and Data Protection Refresher was generated with a prompt like this one — preview every section live and download the SCORM package.

Preview the live example

Topics covered

CybersecurityPhishingSocial EngineeringPasswords

Make it yours

  • Upload your acceptable use policy or incident response plan so the reporting section names your actual helpdesk, security contact and escalation route
  • Ask for sector-specific phishing examples in the prompt, for example invoice fraud lures for finance teams or parent-email spoofing for schools
  • Add your organisation's password manager and MFA tooling by name so the guidance matches what staff actually see on screen

Frequently asked questions

Is cybersecurity awareness training a legal requirement in the UK?

There is no single statute that names 'cybersecurity training' for every employer, but the obligation is real in practice. Article 32 of the UK GDPR requires appropriate technical and organisational measures to protect personal data, and the ICO consistently treats staff awareness training as part of that. Organisations in scope of the NIS Regulations 2018 — a regime the Cyber Security and Resilience Bill is set to expand — and firms regulated by the FCA face additional expectations around staff competence and security culture.

How often should staff repeat cybersecurity awareness training?

Annual training is the widely accepted baseline across UK organisations, and it is what most cyber insurers, auditors and frameworks such as ISO 27001 expect to see evidenced. Because phishing tactics change quickly, many security teams supplement the annual module with shorter quarterly refreshers or simulated phishing exercises. The right cadence is the one you can evidence consistently.

Does this training help with Cyber Essentials or ISO 27001?

Yes, as supporting evidence. Cyber Essentials certifies technical controls rather than training, but assessors and insurers increasingly ask how staff awareness is maintained alongside those controls. ISO 27001 explicitly requires demonstrable security awareness for people doing work under the organisation's control, and completion records from a SCORM package slot neatly into that evidence trail.

Can I replace the generic reporting steps with our own incident procedure?

Yes. Upload your information security policy or incident response plan alongside the prompt and the generated module will reference your actual reporting route, contact points and escalation steps. That matters, because the single biggest failure in real incidents is staff not knowing who to tell first.

Ready to make it yours?

Customise the prompt, generate a draft, then review the content and SCORM package before delivery.