FROM HUMAN FACTOR TO LINE OF DEFENSE

Cyber Security Awareness

Phishing simulations and interactive modules sharpen employees' cyber reflexes; human-driven security risk drops measurably.

ISO 27001ISO 9001Scope recordRisk note
01 Current state Topology, traffic, and dependency visibility.
02 Target architecture Segmentation, capacity, and availability design.
03 Controlled cutover Change window, validation, and rollback plan.
04 Hypercare Monitoring, tuning, and operational handover.
POSITION

Where this service sits in the portfolio

Capability card infographic for Cyber Security Awareness
SERVICE SCOPE

What this service addresses

The critical topics this service addresses and the outcome we deliver in each.

A baseline awareness level is measured

evidence readiness

Before the programme starts we run a baseline awareness assessment and make click rate, report rate and training completion visible in an evidence file. The output is documented in structured measurement records.

Simulation scope is defined by contract

contract-scoped

The scenario types to be run (email phishing, smishing, vishing, USB drop), campaign frequency and target groups are set within contract scope, with an educational rather than punitive intent.

Behaviour change is tracked against targets

measured target

We baseline the drop in click rate and rise in report rate and track improvement against target values; targets are set in the measurement plan and no rate is promised as a fixed outcome.

A lasting awareness culture is handed over

published after approval

With an annual calendar, content library and progress dashboard we prepare the programme to be run sustainably in-house; the handover sign-off is validated on your side.

Delivery model

Delivery approach

How we phase the service across delivery, governance, and connected service pillars.

  1. Discovery and measurement: we capture the current awareness level through a baseline assessment and define role-based risk profiles and sector-specific threat scenarios.

  2. Programme design: we build separate curricula for general staff, IT, finance, management and privileged users, balancing video, gamification and micro-learning formats.

  3. Continuous loop: we improve the programme through monthly simulation campaigns, quarterly summaries and annual analysis, routing those who fail to additional training without name-based reporting.

Operating contexts

Example operating contexts

Illustrative surfaces where this service is commonly activated.

Need for regulatory training evidence

Organisations that want to prepare awareness training records as an evidence file for KVKK and ISO 27001 audits.

High phishing exposure

Teams that see their employees exposed to phishing and social engineering and want to build measurable reflexes.

New employee onboarding

HR and security teams wanting to auto-assign basic cyber awareness training to new joiners in their first week.

DEPTH

Technical and compliance depth

This service's depth on sector-specific technical and compliance topics.

Multi-channel simulation campaigns

We run email phishing, smishing, vishing and USB drop scenarios on KnowBe4, Proofpoint or a custom LMS on a monthly cycle, designing realistic threat experiences with 10+ templates.

SCORM/xAPI-compatible content

We load SCORM- and xAPI-compatible content into your existing LMS or provide a cloud-based awareness platform, raising engagement with SSO integration and gamification.

Measurement and reporting dashboard

We track real-time completion, click rate and trend indicators by department and deliver monthly simulation, quarterly summary and annual analysis reports in an evidence file.

What It Solves

Human error remains the root cause of many successful cyber breaches, with phishing, social engineering, and credential theft exploiting undertrained employees regardless of technical controls in place. Organizations that rely solely on perimeter and endpoint security while neglecting the human layer face an asymmetric risk that is increasingly targeted by threat actors. This service transforms employees from the weakest link into an active layer of defense through structured, measurable awareness training and behavioral change programs.

Role-based phishing simulation campaigns with escalating sophistication levels and real-time click tracking
Interactive e-learning modules covering phishing recognition, password hygiene, social engineering, and secure remote work
Department-specific training tracks tailored to risk profiles for finance, HR, IT, executive, and operations roles
Behavioral analytics dashboard tracking click rates, training completion, and improvement trends over time

Key Benefits

Benefit

Make risk and response indicators visible through measured controls, rehearsed playbooks, and evidence review

Benefit

Turn the outcome into a measurable target with baseline, owner, and review cadence

Benefit

Make risk and response indicators visible through measured controls, rehearsed playbooks, and evidence review

Simulation Platform
KnowBe4 or Proofpoint Security Awareness Training, configurable per client environment
Phishing Templates
500 or more localized templates in Turkish, English, and German including sector-specific lures
LMS Integration
SCORM 1.2 and xAPI compatible; integrates with SAP SuccessFactors, Cornerstone, and custom LMS
Reporting
Real-time dashboard with per-user, per-department, and organization-level metrics

Scope

The engagement covers the complete awareness program lifecycle from baseline risk assessment through ongoing campaign management and annual program review. The scope is designed to deliver measurable behavioral change across the entire employee population, not just compliance checkboxes, with differentiated content and simulation intensity calibrated to the risk profile of each department and role.

Organizational security culture baseline assessment using validated survey instruments and behavioral metrics
12-month training calendar design with phased simulation escalation and module sequencing
Manager and champion network program to embed security awareness advocacy within business units
Annual program review with updated threat intelligence integration and curriculum refresh

Key Benefits

Benefit

Establish a documented security culture baseline within the first 30 days to measure improvement against

Benefit

Shorten operational cycle time against agreed measurement targets and acceptance criteria

Benefit

Build a network of 1 security champion per 50 employees to sustain awareness culture between formal training cycles

Employee Coverage
All full-time, part-time, and contractor populations with active email accounts
Campaign Frequency
Monthly phishing simulations; quarterly module assignments; annual advanced scenario campaigns
Champion Program
Half-day enablement workshop plus monthly champion briefings with threat intelligence updates
Languages
Turkish and English as standard; additional languages available for international locations

Deliverables

Program deliverables provide both the operational management tools needed to run an effective ongoing awareness program and the governance evidence required for regulatory compliance, cyber insurance, and audit purposes. All metrics are presented in formats suitable for board, audit committee, and CISO reporting.

Monthly phishing simulation reports with click rate trends, department comparisons, and top-risk user cohort analysis
Quarterly training completion and compliance status report with regulatory mapping
Annual security culture assessment report with year-over-year trend analysis and benchmark comparison
Incident reporting metrics tracking employee-reported suspicious communications and false positive rates

Key Benefits

Benefit

Provide audit-ready evidence of security awareness program operation for ISO 27001, SOC 2, and BDDK compliance purposes

Benefit

Make stakeholder confidence, quality, and adoption outcomes traceable through agreed evidence indicators

Benefit

Generate insurance-ready documentation supporting cyber policy renewal with demonstrated risk reduction evidence

Monthly Report
Automated delivery in PDF and Excel formats; available via dashboard portal on-demand
Compliance Mapping
Training records mapped to ISO 27001 A.7.2.2, NIST CSF PR.AT, and KVKK Article 12 requirements
Benchmark Data
Industry sector benchmarks for click rates and training completion included in quarterly reports
Data Retention
Training completion and simulation records retained for 3 years for audit purposes

Frequently Asked Questions

How are employees who repeatedly fail phishing simulations handled?

Employees who click simulated phishing links are automatically enrolled in targeted remediation micro-modules immediately after the click event, while the organization is not yet aware. Repeat offenders are flagged in the behavioral analytics dashboard and can be automatically escalated to manager notification or mandatory in-person training based on configurable policy rules. This approach is designed to be corrective rather than punitive.

How does the training address advanced threats such as spear phishing and executive impersonation?

Advanced threat simulations are included in the program from campaign level 3 onward. These include highly personalized spear phishing emails referencing real organizational context, WhatsApp and SMS-based smishing simulations, voice phishing script awareness modules, and deepfake video awareness content covering executive impersonation scenarios. Advanced modules are deployed after baseline awareness is established, typically from month 4 onward.

Is the training program compliant with KVKK and labor law requirements for employee monitoring?

Yes. The program is designed in compliance with KVKK employee data processing requirements. Simulation results and training records are processed under legitimate interest or consent grounds as appropriate, with data minimization principles applied. Employee-level data is not shared with third parties and is retained only for the duration necessary to manage the program. Legal review of the processing activities is included in program setup.

Can the scope be limited to specific high-risk departments in the first year?

Yes. A targeted deployment model is available where the first phase focuses on highest-risk groups such as finance, executive assistants, and IT administrators, before rolling out organization-wide in phase 2. This approach allows faster ROI demonstration and allows the security team to refine delivery processes before full-scale deployment.

How are training completion records made available for external audits?

Training completion records are maintained in a tamper-evident log within the learning management system and can be exported in structured formats for auditor review. The export includes employee identifier, module name, completion date, assessment score where applicable, and any remediation training triggered by simulation events. Records can be scoped to specific date ranges and organizational units as required by the audit.

What metrics are included in the cyber insurance documentation package?

The insurance documentation package includes organization-wide phishing click rate progression over the policy period, training completion rates by month, number of simulation campaigns run, remediation training trigger rates, and employee-reported suspicious email volumes. These metrics are presented in a structured summary format aligned to common underwriter requirements for human risk evidence.

STARTING POINT

Where should the conversation begin?

This short form routes your request to the right support team. We clarify context first, then define the safe sharing method.

  1. We capture context
  2. We choose a safe channel
  3. We clarify the first direction

Privacy-aware first contact; safe sharing flow when needed; no sales pressure.

Main request topic