Skip to main content
Templates/Technology/Quarterly Security Threat Briefing
PPresentation

Quarterly Security Threat Briefing

A ready-to-run all-staff security briefing on the quarter's live threats — QR-code phishing, deepfake voice fraud, ransomware and supply chain compromise — with scored checkpoints that turn a broadcast into evidenced training.

7 sections
10 minutes
💻 Technology

Who this is for

All staff across an organisation, delivered quarterly by security or IT teams as a live session or self-paced SCORM package

Learners will be able to

  • Describe the phishing techniques currently in active use, including QR-code phishing and conversation hijacking
  • Recognise the signs of AI-enabled deepfake voice or video fraud and apply a call-back verification step before acting on payment or credential requests
  • Explain how current ransomware and supply chain attacks typically gain initial access and why prompt patching and reporting matter
  • Refuse and report unexpected multi-factor authentication prompts instead of approving them to make them stop
  • State the first three actions to take when an incident is suspected, and who to contact internally

Template prompt

Create a quarterly security threat briefing presentation for all staff covering the current phishing landscape (QR-code phishing, conversation hijacking, brand-spoof lures), AI-enabled deepfake voice and video fraud, ransomware and supply chain compromise trends, MFA fatigue attacks, and what to do in the first minutes of a suspected incident. Reference NCSC guidance and the UK GDPR 72-hour breach notification requirement. Include a knowledge checkpoint after each major segment so completion is measurable.

This prompt is fully editable. Customise it to match your audience, regulations, and learning objectives before generating.

What the 7 sections cover

  1. 1

    This quarter's threat landscape

    Opening context slide summarising the trends covered in the briefing and why each one is relevant to your organisation right now.

  2. 2

    Phishing has evolved

    Worked examples of QR-code phishing, hijacked email threads and brand-spoof lures — laid out in a comparison table — showing how modern phishing defeats the old 'bad spelling' heuristic.

  3. 3

    AI-enabled fraud: deepfake voice and video

    How cloned voices and video are used to impersonate executives in payment fraud, and the call-back verification control that defeats them.

  4. 4

    Checkpoint: would you catch it?

    A scored knowledge check where learners judge three short attack descriptions and choose the safest response to each.

  5. 5

    Ransomware and supply chain compromise

    What recent incidents show about initial access routes, MFA fatigue attacks and third-party compromise, and the everyday behaviours that shut them down.

  6. 6

    What to do in the moment

    An in-the-moment response flow for non-specialists — report first, preserve evidence, do not forward or delete anything — and how quick internal reporting keeps the organisation inside the UK GDPR 72-hour notification window.

  7. 7

    Key takeaways and final checkpoint

    Scored recap questions spanning every segment, closing with the specific behaviours to apply until the next quarterly briefing.

Structure is representative — the generator adapts sections to your edited prompt and passes every package through interactivity and visual-density quality gates.

See a real generated example

Quarterly Cybersecurity Briefing: Phishing, MFA Fatigue, and Safe Hybrid Working was generated with a prompt like this one — preview every section live and download the SCORM package.

Preview the live example

Topics covered

Cyber ThreatsPhishingDeepfakesRansomwareIncident Reporting

Make it yours

  • Upload your latest internal incident summary or phishing simulation results so each quarter's briefing opens with your own real numbers
  • Refresh the prompt each quarter with one or two current NCSC advisories or sector incidents to keep the threat examples live
  • Add your incident reporting contact, security team channel and out-of-hours route so the reporting flowchart names real people and places

Frequently asked questions

How often should we run security threat briefings?

Quarterly works well for many organisations: frequent enough to keep pace with changing attacker tactics, but spaced enough that staff attention stays high. The NCSC publishes regularly updated threat guidance and an annual review, which make natural sources for refreshing each edition. Many teams run this alongside annual cybersecurity awareness training rather than instead of it.

What is the difference between a threat briefing and annual cyber awareness training?

Annual awareness training builds durable habits such as password hygiene and phishing recognition, and it forms your compliance baseline. A threat briefing is a lighter, timelier update on what attackers are doing right now, so the two complement each other. The scored checkpoints in this presentation mean the briefing also produces completion evidence, which pure broadcast emails never do.

When do we have to report a security incident to the ICO?

Under Article 33 of the UK GDPR, a personal data breach must be reported to the ICO without undue delay and, where feasible, within 72 hours of the organisation becoming aware of it, unless it is unlikely to result in a risk to individuals. Where the risk to individuals is high, Article 34 also requires you to inform the people affected. Staff reporting suspected incidents quickly is what makes that 72-hour clock achievable, which is why the briefing rehearses the internal reporting route.

Can I include our own incident data or the latest NCSC threat report?

Yes, and it is worth doing every quarter. Upload an internal incident summary, your latest phishing simulation results or a recent NCSC publication with the prompt, and the generated briefing will weave in your real numbers and current sector threats. Briefings anchored in what actually hit your organisation last quarter land far harder than generic statistics.

Ready to make it yours?

Customise the prompt, generate a draft, then review the content and SCORM package before delivery.