Cybersecurity for Non-IT Staff
This programme is built for employees who are not in technology roles but handle data, communicate digitally, and are the most common entry point for cyberattacks on organisations. HR executives, finance teams, operations staff, customer service, and administrative personnel will learn to recognise threats, respond correctly, and protect the organisation from the inside out.
Programme Modules
Why Non-IT Staff Are the Biggest Target
How attackers exploit human behaviour rather than technical systems. Real Malaysian case studies of breaches caused by staff error, not technical failure.
Email and Phishing Threats
Recognising phishing, spear-phishing, and business email compromise (BEC). What to do when you receive a suspicious email and how to report it.
Password and Account Security
Why weak passwords cost organisations millions. Creating strong passwords, using password managers, enabling two-factor authentication, and spotting credential theft attempts.
Safe Use of Devices and Networks
Secure use of company laptops, personal devices, and public Wi-Fi. Understanding BYOD risks and remote work security basics.
Data Handling and PDPA Compliance
What counts as personal data, how to handle it correctly under Malaysia's PDPA, and the consequences of mishandling customer or employee data.
Responding to a Security Incident
What to do and what not to do if you suspect a breach, receive a suspicious message, or accidentally click something you should not have. Internal reporting procedures.
Final Activity: Threat Simulation Exercise
Participants receive a set of simulated email and messaging scenarios and must identify which are genuine and which are attacks. Group debrief covers decision-making and correct response procedures.
Key Outcomes:
Recognise common cyber threats targeting non-technical employees
Apply safe practices for email, passwords, devices, and data handling
Understand obligations under PDPA Malaysia in daily work tasks
Respond correctly and promptly when a security incident is suspected
Reduce human error as an organisational cybersecurity risk
Fee: RM 1,750 per participant (minimum 5 participants)
Duration: 1 Day
Training Hours: 9:00 AM to 5:00 PM
Level: Beginner (no technical knowledge required)
Training Mode: Physical, Online, or Hybrid
HRD Corp Claimable
Certificate of Completion included