Cybersecurity Awareness Month Training for Municipal Employees
Spruce was contracted by the administration of a major American West Coast city to put together a dynamic, multifaceted effort to promote cybersecurity awareness and best practices among city employees in conjunction with National Cybersecurity Awareness Month.
This major American city’s government sought to improve the cybersecurity of City agencies and the employees that worked within them. In conjunction with National Cybersecurity Awareness Month, the City contracted Spruce to create content for and provide services relating to bolstering cybersecurity in their ranks. Spruce then designed and implemented an educational program along with supporting content and a risk evaluation exercise to present to the city’s employees over the span of a month. At the end, Spruce presented the city with a report detailing observations and potential paths of action.
To better educate City employees on the best practices for maintaining a secure tech environment, Spruce prepared a four-week seminar; each week focused on a different element of cybersecurity. The first week focused on a general overview of corporate IT protection, the second week focused on phishing attacks, the third focused on safely navigating IT structures, and the fourth week discussed prioritizing cybersecurity and instilling safe browsing habits. These topics were presented to the city employees along with supplementary materials created by Spruce over the course of the engagement period.
After the conclusion of the engagement period, Spruce reviewed the results of the simulated phishing campaign and reviewed progress made by employees over the course of the four-week educational program. Spruce’s report featured specifics on the phishing campaign including the number of employees reached, number of clicks generated, and number of employees corrected and retrained. The report also gave statistics showing the overall rate of success for these simulated attacks and displayed the city employees’ performance compared to national and industry benchmarks. The report provided a comprehensive overview of the state of the city’s security flaws and issued recommendations for improving security in both an on-the-ground and a macro view.