Certified Experiential Cybersecurity Aware User (CECAU) - Enhanced Awareness

Duration: 1 Day

In-Person, Live Online, On-Demand, On-Site

Experience. Learn. Evolve. This experiential programme goes beyond traditional awareness training. Participants don't just hear about threats, they encounter them firsthand through hands-on activities that turn knowledge into lasting behavioural change.

Speak to a Training Advisor

Course Objectives

Gain comprehensive, up-to-date knowledge of different cyber attacks targeting employees in organisations

Experience different types of internal and external cyber threats through hands-on activities

Learn to apply countermeasures and best practices through hands-on exercises

Understand how to handle and disclose business-critical data carefully

Learn to work onsite and telecommute in a secure manner

Understand how to report cyber incidents effectively

Expected Outcomes

Recognise and respond to real-world cyber threats based on firsthand experience, not theory

Apply practical countermeasures to social engineering, phishing, and malware attacks

Protect corporate and personal devices from compromise in both office and remote settings

Handle sensitive business data with proper security protocols

Report cyber incidents promptly and effectively through the correct channels

Build lasting security habits through experiential learning that traditional training cannot achieve

Training Modules

1. Introduction to Cybersecurity and Cyber Incident Management

1. Fundamentals of cybersecurity threats
2. Incident management processes and reporting

2. Social Engineering

1. Voice Cloning attacks
2. QR Code attacks
3. Adversary-in-the-Middle (AiTM) attacks
4. Hands-on social engineering exercises

3. Strong Passphrases

1. Why passphrases over passwords
2. Creating and managing strong authentication
3. Hands-on passphrase exercises

4. Protect Your Corporate and/or Personal Devices

1. Mobile Malware threats
2. Malicious Charger Cable attacks
3. NFC Hijacks
4. USB Implant attacks
5. Hands-on device protection exercises

5. Handle and Disclose Business-Critical Data Carefully

1. Data classification and handling
2. Secure data sharing practices
3. WhatsApp Image Malware awareness

6. Work Onsite and Telecommute in a Secure Manner

1. Trojans in Word Documents
2. Drive-by Download attacks
3. Man-in-the-Middle attacks on public networks
4. Secure remote working practices

7. Report Cyber Incidents

1. Phishing identification and reporting
2. Incident escalation procedures
3. Building a security-first reporting culture

Certification & Accreditation

Certification Path 1: GlobalACE Certification

The GlobalACE certification is designed to align with internationally recognised Knowledge, Skills, and Attitudes (KSA) standards for Information Security Professionals. Candidates are assessed through a combination of multiple choice questions, practical assessments, assignments, and case studies. Examinations are conducted at authorised centres across participating member countries, and successful candidates are eligible to apply as Associate or Professional Members under the GlobalACE framework, recognised in 64+ countries.

Certification Path 2: CyberKnights Certification

The CyberKnights certification is conducted through the KALAM platform, a purpose-built cybersecurity examination and skills validation system. Candidates take a 25-question MCQ exam within 60 minutes, with a pass mark of 70%. Exam fees are inclusive in the course fees. All certified candidates receive complimentary membership access to the KALAM Cybersecurity Collaboration and Community Skills Validation Platform, giving them access to an active community of security professionals.

Frequently Asked Questions

How is this different from the standard CSAU programme?

CECAU takes an experiential approach. Instead of watching demos, participants actively engage in hands-on activities simulating real attacks like voice cloning, NFC hijacks, and USB implants. It is designed to create deeper, lasting behavioural change.

Can this be customised for our organisation's specific threat landscape?

Yes. The experiential activities can be tailored to reflect the specific threats most relevant to your industry and your organisation's technology environment.

Is this programme suitable for remote teams?

Yes. Module 6 specifically covers secure telecommuting practices, and the programme can be delivered via live online sessions for distributed teams.

Do participants need any prior cybersecurity knowledge?

No. The programme is designed for all employees regardless of technical background. The hands-on activities are guided and accessible to everyone.

What hands-on activities are included?

Participants experience 12+ real-world attack simulations including adversary-in-the-middle attacks, QR code attacks, voice cloning, USB implants, mobile malware, phishing, and more.

What certification do participants receive?

Participants receive a globally recognised certification through either GlobalACE (recognised in 64+ countries) or the CyberKnights KALAM platform. Both are ISO 17024 audited.

Ready to get started?

Train your team. Strengthen your defence.

Fill in the form and our training advisors will get back to you within 24 hours with a tailored programme recommendation for your team.

20,000+ professionals trained across enterprise and government sectors

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.