The growing number of cyberattacks, new regulatory requirements (e.g. NIS2, DORA), and the increasing complexity of digital environments mean that not only IT teams, but also everyday users must be prepared to face cyber threats. Users are often the weakest link in the security chain, becoming targets of social engineering, phishing, or manipulation.

What Does the Training Include?

01Social engineering and attacker tactics	02Real-life examples and case studies	03Interactive discussion and participant engagement	04Option to follow up with a phishing campaign
Explanation of techniques: phishing, smishing, baiting, vishing, tailgating, pretexting, and similar methods. Practical tips on how to recognize and respond to suspicious behavior.	Examples of real attack scenarios from the Czech Republic and abroad. Analysis of security incidents caused by human error. Analysis of specific events (including anonymized cases from banks, healthcare, or government).	Space for questions and sharing experiences. Discussion of everyday situations where attacks may occur. Short quizzes to test attention and engagement.	Examples of simulated email campaigns with phishing elements. A phishing campaign as an optional follow-up test simulating fraudulent websites and emails. Results help measure the effectiveness of the training and identify weaknesses. Includes reports, recommendations, and proposals for further training measures.

Benefits of User Security Training for the Organization

Raising awareness and reducing risk

Users will better recognize manipulation techniques and cyber attacks.
Prevention of incidents caused by human error.

Regulatory compliance

Meeting employee awareness requirements under NIS2, DORA, and ISO/IEC 27001.
A foundation for audits and supervisory reviews.

Efficiency and measurable results

Option for recurring training (e.g. once per year) and verification through phishing simulations.
Cost savings by transferring know-how without the need to build an internal team.

Typical Scenario: Response to a Ransomware Attack

Securing affected servers and isolating the network.
Forensic investigation and analysis of encrypted systems.
Assessment of recovery options without paying the ransom.
Assistance with recovery from backups and strengthening security.
Communication with legal counsel, insurers, or law enforcement authorities.

How does the training work in practice?

Initial consultation

Understanding the environment, target audience, and organizational needs.

The training session

Delivered online or in person depending on preferences, typically lasting around 1.5–2 hours.

Interactive elements

Discussions, practical examples, and simulations of real-world scenarios.

Optional phishing campaign

Planning, implementation, and reporting of results.

Recommendations and next steps

Proposals for further activities and review of training programs.

Why Work with BDO?

Regulatory expertise
We understand DORA, NIS2, ISO/IEC 27001, and GDPR, as well as the requirements of national and European supervisory authorities.
Objectivity and credibility
We do not provide our own products or maintain vendor partnerships – we deliver independent, objective, and trustworthy security governance.
Flexible scope
The service is scalable – from consultations and mentoring of internal teams to fully assuming the CISO role on a monthly or multi-year basis.

Certified team with professional experience
Our specialists hold certifications such as C|CISO, CISSP, OSCP, CRTP, eCPPT, BSCP, CEH, CRT, CPSA and others. They have experience working in environments of large banks, insurance companies, and ICT service providers.

Main contacts

Martin Hořický

Manager • CISO

i View bio

Marek Kovalčík

Partner

i View bio