EXPERIENCE . LEARN . EVOLVE

3 Reasons to Ditch Boring Training and Become a Cyber Bishop

Ready to unleash your inner cyber ninja? The choice is yours. Level up your cyber awareness, and become the hero your organization needs!
01
Hacker Instincts

Train yourself to think like a hacker, spotting red flags, and defending against cyber threats. Every click is a thrilling battle where you're the ultimate defender against the rising cyberthreats.

02
Controlled Chaos

Dive into a choose-your-own-adventure with real-world consequences, learning from mistakes in a safe space with expert guidance. It's an immersive experience that sticks with you like digital superglue.

03
From Prey to Protector

Transform from a passive listener to an active cyber defender, ready to tackle the digital dark side head-on. Become the ultimate weapon in your organization's cyber arsenal, shifting from prey to predator.

EXPERIENCE . IMPLEMENT . AUTOMATE

Experiential Learning Activities

Ready? Set, Go!

Objective

To introduce learners to AI-based attacks, guide them in creating voice clones, and demonstrate the technology's capabilities through group activities.

Threats for Organization / Individuals

Social Engineering : Deepfake : Voice Cloning

Probable Attack Path / Transition

Affects both organizations/individuals resulting in monetary loss, data loss and process manipulations resulting in IP loss.
( Individual <-> Organization )

Hands-on Duration

15 Mins

Objective

To educate learners about the risks of QR Code attacks and mobile device compromises, while providing guidance on defense mechanisms to protect against such threats.

Threats for Organization / Individuals

QR Code Attacks : Take over of mobile device. (Camera, Mic, location, data, etc.)

Probable Attack Path / Transition

Individual compromise leading to possible organizational compromise. ( Individual -> Organization )
Ex: QR Code drops a malware on a mobile device which is connecting to office WIFI / the device is in the board room listening to conversations, etc.

Hands-on Duration

15 Mins

Objective

To illustrate the dangers of downloading and installing applications from untrusted sources, educating learners on security measures for app downloads and permissions.

Threats for Organization / Individuals

Mobile Clone apps of organizations/well known brands with Malware

Probable Attack Path / Transition

Individual compromise leading to possible organizational compromise.
( Individual -> Organization )

Hands-on Duration

15 Mins

Objective

To encounter a simulated form jacking attack to illustrate online security risks and raise awareness on such attacks.

Threats for Organization / Individuals

Form Jacking : browser form overlay collecting sensitive data

Probable Attack Path / Transition

Individual compromise leading to possible organizational compromise.
( Individual -> Organization )

Hands-on Duration

15 Mins

Objective

To demonstrate the vulnerability of social media accounts to AiTM attacks, highlighting the risks and providing guidance on defense strategies.

Threats for Organization / Individuals

Adversary in the Middle (AiTM) : SSO Compromises or 2FA based attack

Probable Attack Path / Transition

Affects both Organizations and Individuals resulting in authentication bypass and data loss.
( Individual <-> Organization )

Hands-on Duration

30 Mins

Objective

To highlight on the dangers of manipulation and fraudulent calls, while learning to identify frauds and to increase the learners awareness.

Threats for Organization / Individuals

Authorized Push Payment Fraud : Call to employees and manipulate their work screen as an IT department employee or a call to manipulate individuals and identify as a bank employee and take over screen using anydesk and transfer money.

Probable Attack Path / Transition

Affects both organizations/individuals resulting in money and data loss.
( Individual <-> Organization )

Hands-on Duration

15 Mins

Objective

To create and send a fake email from a known address, while learning to detect and verify suspicious emails.

Threats for Organization / Individuals

Business Email Compromise : Email Spoofing : Employee/individual receives email as if its sent by manager/friends (Email header manipulation) with instructions OR

Probable Attack Path / Transition

Affects both organizations/individuals resulting in money and data loss.
( Individual <-> Organization )

Hands-on Duration

30 Mins

Objective

To highlight the dangers of Zero Day Attacks, to educate learners on preventive and safety measures against such attack.

Threats for Organization / Individuals

0-Day attack : Fileless Malware : Attacks that can bypass standard defenses.

Probable Attack Path / Transition

Affects both organizations/individuals resulting in data loss.
( Individual <-> Organization )

Hands-on Duration

30 Mins

Objective

To demonstrate a Man-in-the-Middle attack on the class's Wi-Fi, illustrating intercepted browsing and fake credential display, while educating on public Wi-Fi risks and safety tips.

Threats for Organization / Individuals

Man in the Middle : Public WIFI, Evil Twin

Probable Attack Path / Transition

Individual compromise leading to possible organizational compromise.
( Individual -> Organization )
Ex: Individual connected to a MiTM may lose enterprise credentials/data.

Hands-on Duration

30 Mins

Objective

To demonstrate the effects of image-based malware on both mobile and laptop devices, while providing guidance on preventive measures and defense strategies.

Threats for Organization / Individuals

Corporate/personal group WhatsApp Images embedded with Malware

Probable Attack Path / Transition

Affects both Organizations and Individuals resulting in data loss.
( Individual <-> Organization )

Hands-on Duration

15 Mins

Objective

To demonstrate the vulnerabilities of reusing usernames and passwords, highlighting the importance of implementing proper creation and use of strong credentials.

Threats for Organization / Individuals

Credential stuffing employee/individual using same credentials in multiple corporate and personal websites.

Probable Attack Path / Transition

Affects both organizations/individuals resulting in credential, data, and IP loss.
( Individual <-> Organization )

Hands-on Duration

30 Mins

Objective

To demonstrate the dangers of vishing and to ensure learners are able to identify and defend themselves from such attacks.

Threats for Organization / Individuals

Social Engineering : Vishing Voice based Phishing

Probable Attack Path / Transition

Individual compromise leading to possible organizational compromise.
( Individual -> Organization )

Hands-on Duration

15 Mins

Objective

To demonstrate the potential organizational impact and stress the importance of not leaving laptops and electronic mobile devices unattended in public places.

Threats for Organization / Individuals

USB Implants mimicking devices like Keyboard

Probable Attack Path / Transition

Affects both Organizations and Individuals resulting in data loss.
( Individual <-> Organization )

Hands-on Duration

15 Mins

Objective

To discuss the potential organizational impact and stress the importance of purchasing authorized original devices.

Threats for Organization / Individuals

Malicious charger cables & adapters

Probable Attack Path / Transition

Individual compromise leading to possible organizational compromise via the compromised laptop / mobile devices
( Individual -> Organization )

Hands-on Duration

30 Mins

Objective

To demonstrate Drive-by download attacks and discuss browser settings for defense.

Threats for Organization / Individuals

Drive by download attack

Probable Attack Path / Transition

Affects both organizations/individuals resulting in credential, data, and IP loss.
( Individual <-> Organization )

Hands-on Duration

30 Mins

Objective

To demonstrate the consequences of an individuals excessive internet print, highlighting on the dangers that the individual would be vulnerable to.

Threats for Organization / Individuals

Open Source Intelligence (OSINT) on individuals

Probable Attack Path / Transition

Individual compromise leading to possible organizational compromise.
( Individual -> Organization )

Hands-on Duration

30 Mins

Objective

To demonstrate access card cloning and NFC card reading, highlighting security vulnerabilities and defense measures.

Threats for Organization / Individuals

NFC Hijacks : Low/High -frequency proximity cards (Office access card hijack), and Bluetooth Hijacks.

Probable Attack Path / Transition

Affects both organizations/individuals resulting in credential, data, and IP loss.
( Individual <-> Organization )

Hands-on Duration

30 Mins

Objective

To demonstrate the dangers of smishing, highlighting on smishing identification and defense measures.

Threats for Organization / Individuals

Smishing : SMS based attacks

Probable Attack Path / Transition

Individual compromise leading to monetary loss
 

Hands-on Duration

15 Mins

Not everyone in an organization needs to understand concepts like SPF records and DNS cache poisoning, but empowering every employee with cybersecurity awareness helps them stay safe online—both at work and home. Employees in your organisation may have attended cybersecurity awareness via Online awareness programmes, and face to face trainings that are built around slides, and videos.

Certified Experiential Cybersecurity Aware User is built upon actual attack scenarios in a controlled environment with test devices provided to the learners. Learners are provided with an immersive experience with continuous activities replicating scenarios and possible attack entry points by hackers. In this immersive but controlled environment, learners experience the hack, delve deep on its patterns, and learn how to identify and defend/protect themselves and the organisation. Throughout this experiential learning process, the learner is actively engaged in posing questions, investigating, experimenting, being curious, solving problems, assuming responsibility, being creative, and constructing meaning, and is challenged to take initiative, make decisions and be accountable for results. This deep learning enables this immersive experience to become knowledge and ultimately, wisdom that resides in the subconscious mind of the learner for ever and transforming the learner into a human firewall.

  • To ensure strong mindset and behavioural changes of learners, to better prevent them in succumbing to the evolving and potent cyber security threats
  • Understand latest cyber-security threats and attacks
  • Learn to recognize how the different types of internal and external threats affects the organisation and understand the role in protecting the organization.
  • Experience different types of cyber security internal and external threats with hands-on activities.
  • Learn to apply countermeasures/best practices with hands-on activities.

Certified Experiential Cybersecurity Aware User

Exam Platform : CYBERTRON

Exam Format : 1 Hour MCQ based Exam

Exam Pass Mark : 70%

Exam Fees : Inclusive in the Course Fees

Free Add-on : Free Membership access to CYBERTRON Cybersecurity Collaboration & Community Skills Validation Platform

Certified Experiential Cybersecurity Aware user :

Click here to download brochure for Malaysia

Click here to download brochure for Singapore

Practical & Engaging

I have learned more about cybersecurity and how to be more careful in dealing with different technologies.

Realistic & Fantastic

All explanation comes up with an actual execution which helps me to better grasp things that are being shared.

Highly recommended!

I can see in real time how data can be leaked from some of the exercises the trainer conducted. Well done for putting up this course

Ready to get Immersed !

Reach out to schedule an introductory call with one of our team members.

CONTACT US NOW

Launched in Singapore

in partnership with NTUC LearningHub 

  • 17 November 2023, CSA Appointment as Advocate under SG Cyber Safe Partnership Programme. Experiential Cybersecurity Awareness certificates will now have Singapore Cybersecurity Agency Logo.
  • 20 November 2023, Pilot classes started for major government agencies,and banks.
  • 18 January 2024, NTUC LearningHub signed agreement with major industry players and banks and announced the yearly target of 2000 cyberaware users.
cascading images
cascading images
cascading images

Frequently Asked Questions

Who are the target audiences for this course?
Anyone who is using digital devices connected to internet. No IT knowledge required. Anyone with curiosity to understand how hackers do it and determination to learn how to protect yourself, your family and your organization.
Where can I get the Course Schedule?
Reach out to us via our Contact Us page with details on your location and interested course. We will find the nearest training partner to assist you for F2F / online class.
Is it necessary to take the exam at the end of the day?
The exam voucher validity is 6 months, you can take exam within 6 months from your course date. We recommend you to take the exam at the earliest.
With this experiential course, what will be my takeaway?
Learn about the latest security threats and vulnerabilities facing IT systems and employees with hands-on, Learn to recognize how the different types of internal threats affecting your organization with case study and hands-on, Understand your role in helping to protect the organization, Learn best practices in Cyber security and apply in daily life, and at work. All of this with fun-filled experiential activities with NO technical jargons.