Training That Changes Behaviour.

Security Awareness

Realistic phishing simulations using your company branding. Custom scenarios based on attacks targeting your industry in South Africa right now.

POPIA & Data Protection

Every department trained on personal information handling, consent, and breach response. Plain language, real examples from their actual daily tasks.

AI & Automation Adoption

Hands-on training on the specific AI tools you've deployed. Prompt engineering, output verification, and daily workflow integration.

IT Skills Development

Training on your actual tools in your actual environment. People learn by doing the work they'll be doing tomorrow.

Incident Response Drills

Tabletop exercises simulating real incidents. Your team practises the response before they need it for real.

Custom Programs

Designed around your requirements, tech stack, and current skill level. One-off workshops or ongoing monthly sessions.

The CEO fraud email

Your CFO receives an email from the CEO (spoofed) asking for an urgent wire transfer. The email comes at 4:30pm on a Friday. The tone is urgent. The bank details are different from usual. Your CFO has 10 minutes to decide. In our training, we simulate this exact scenario and teach your finance team the verification steps that prevent a R2 million mistake.

The helpful USB drive

Someone leaves a branded USB drive in your parking lot. Or your lobby. Or your bathroom. Your staff find it and plug it in to see what's on it. In our training, we explain what a Rubber Ducky is, what happens in the 3 seconds after it's plugged in, and why curiosity is the most exploited vulnerability in cybersecurity.

The Teams message from IT

Your staff get a Teams message from 'IT Support' asking them to click a link and verify their credentials because of a 'security update'. Looks legitimate. Uses the company logo. Comes from a slightly misspelled domain. 30% of untrained staff fall for it. After our training, they screenshot it and send it to the real IT team.

Before security training

• 42% of staff click simulated phishing links
• 15% enter credentials on fake login pages
• 3% report suspicious emails to IT
• Most can't identify a spoofed sender address

After 3 months of training

• Click rate drops to under 8%
• Credential submission drops to under 2%
• Report rate rises above 45%
• Staff actively flag real phishing attempts weekly

Half-Day Workshop

Full-Day Intensive

Monthly Programme

Assess

Evaluate current skill levels and identify gaps. We run baseline assessments (phishing simulations, knowledge tests, or skills evaluations) so we know exactly where your team stands. No assumptions.

Design

Custom programme built around your tools, your workflows, and your risk profile. No generic slides. Every exercise uses scenarios relevant to your industry and your actual systems.

Deliver

Hands-on sessions. On-site, remote, or hybrid. Your team learns by doing, not by watching. We don't lecture for 4 hours and hope something sticks. Short theory, long practice.

Practice

Real exercises using your systems and your scenarios. Phishing simulations. Incident response tabletops. Tool-specific tasks. We don't move on until people are confident, not just exposed.

Follow Up

30-day adoption check. Are people using what they learned? Are phishing click rates dropping? Are the new tools being used daily? Training isn't done until behaviour changes. If it hasn't, we adjust and run another round.