Blog

Expert articles on security awareness, NIS2 compliance, phishing simulations, and cybersecurity for SMEs.

NIS2

NIS2 Training Obligations for SMEs

What the NIS2 Directive means for small and medium-sized enterprises.

Comparison

Security Awareness Training Comparison 2026

Free vs. paid — an honest assessment.

Practice

How to Spot Phishing — a Guide for Employees

How your employees reliably recognize phishing emails.

Tech

SCORM Security Awareness for SuccessFactors

Integrating the SCORM 1.2 package into SAP SuccessFactors.

Practice

Security Awareness for SMEs Without an IT Department

Training without IT infrastructure — simple and effective.

NIS2

NISG 2026 Training Obligation — What Companies in Austria Must Implement by October

Austria's NISG 2026 has been law since December 2025. From October 2026, training obligations apply for employees and management.

NIS2

Creating NIS2 Training Records — Requirements, Checklist & Practical Tips

What must a NIS2-compliant training record contain? Requirements, common mistakes, and a practical checklist.

NIS2

NIS2 and the Supply Chain — Why Suppliers Need Security Awareness

NIS2 obliges companies to ensure cybersecurity across the supply chain. Pragmatic solutions for SME suppliers.

NIS2

NIS2 — Personal Liability of Management

NIS2 makes managing directors personally liable for cybersecurity. Fines up to EUR 10 million. What CEOs need to do now.

Compliance

ISO 27001 and Security Awareness — How Training Supports Your Certification

ISO 27001 requires documented security awareness training. What auditors check and how phishing simulations help.

Practice

Security Awareness Training for SMEs — Costs, Effort, and ROI

What does security awareness training cost for SMEs? Prices, ROI calculation, and what to look for.

Practice

Security Awareness Onboarding — Sensitize New Employees in 30 Days

New employees are especially vulnerable to phishing. How to integrate security awareness into onboarding.

Practice

Phishing Simulations for SMEs — Process, Costs, and Results

How a phishing simulation works: process, template selection, benchmark report, and GDPR-compliant execution.

Practice

Social Engineering in the Workplace — 5 Attack Methods

Social engineering exploits human psychology instead of technical vulnerabilities. The 5 most common methods and countermeasures.

Practice

How Often Should Security Awareness Training Take Place?

What NIS2, ISO 27001, and research say about optimal training frequency — plus a workable plan for SMEs.

Strategy

Security Awareness for Blue Collar Workers — Why Classic Training Fails

Production, logistics, retail: employees without a company laptop fall through the cracks of classic training.

Strategy

Gamification in Security Awareness — Hype or Effective?

When gamification in security awareness actually works and when it does harm. With insights from learning research.

Strategy

AI Deepfakes and Voice Phishing — the New Threat

Cloning voices, faking faces: how AI is revolutionizing social engineering and what companies need to do.

Strategy

Security Awareness as Employer Branding — Cybersecurity as an Employee Benefit

Cybersecurity knowledge as a benefit for employees and their families. Why it beats a fruit basket.

Strategy

Phishing Click Rate — What Is Normal and How Do You Improve?

Is a 20% phishing click rate normal or alarming? Industry benchmarks, report rate, and improvement strategies.