İletişim
Contact Us
EN | TR
Contacts

Information Security Awareness Trainings

Within the scope of Information Security Awareness Trainings; the knowledge levels of corporate employees on information security and personal data protection are increased in line with real attack scenarios and current threats; it is aimed to reduce human-induced security risks.

The trainings go beyond theoretical explanations and are structured on real-life attack techniques, user errors, and breach examples.

The program is designed and executed in compliance with KVKK, ISO 27001, ISO 27701, and NIST Cybersecurity Framework.

Training Scope

  • Fundamental principles of information security
  • KVKK and personal data awareness
  • Phishing, spear-phishing, and social engineering attacks
  • Malware, ransomware, and fileless attacks
  • Strong password, multi-factor authentication, and access security
  • Secure use of e-mail, internet, and cloud services
  • Mobile device and remote work security
  • Incident awareness and proper reporting processes
  • Role-Based and Scenario-Focused Approach

Trainings are offered on a role basis instead of a uniform content:

General users: Risks encountered in daily use
Managers and decision-makers: Risk, responsibility, and breach impacts
IT / technical teams: Technical awareness and correct reaction

Supported by real attack scenarios, this approach ensures users recognize attacks in practice, not just in theory.
Integration with SOC, Red Team, and Phishing Simulations

Information Security Awareness Trainings;

  • Feed on real incidents observed by the SOC.
  • Are measured with Red Team / social engineering simulations.
  • Analyze user behavior with phishing simulations.
  • Thanks to pre- and post-training measurements, development is demonstrated with concrete data.
KVKK and Audit Perspective
With these trainings;
  • The awareness and training obligation under KVKK is supported.
  • Training and awareness evidence is provided in ISO 27001 audits.
  • Employee-induced data breach risks are measurably reduced.

Advantages of the Trainings to the Institution

  • Decrease in human-induced security incidents
  • Drop in the success rates of phishing and social engineering
  • Employees acquiring the correct reporting reflex
  • Strong documentation in KVKK and ISO audits
  • Development of a corporate security culture