Who handles support and service delivery depends on your sales model. From reseller (sales only) to white-label (sales, marketing, advice and support), and how…

You cannot sell white-label awareness without mastering the platform and the subject yourself. The biggest pitfalls and how to avoid them, from ownership to…

The time-to-exploit is shrinking from a year to just over a day, and possibly to hours. What that means for your IT, your organisation and your security…

Gatekeeper objections are not solved with your full pitch but by getting to the right person, briefly and confidently. What to say to the six most common…

Objections when booking a meeting are handled by asking questions: an objection about the product is your opening, an objection about the meeting itself you…

Security awareness white-label feels like a lot of work, but it gives you your own brand, the highest margin and the strongest customer loyalty. What it really…

Selling security awareness is a consultative conversation, not a feature pitch. Follow six steps: understand the need first, present to it, and close apart…

Want to become a security awareness reseller? Compare the three sales models (reseller, managed service and white-label) and choose what fits your margin,…

Someone asks what data you hold on them, or wants it deleted. What are data subjects' rights under the GDPR, and what do you, as an employee, do when such a…

Privacy starts with recognition. Once you know which data is personal data, you handle it more carefully by default. A practical guide for your daily work.

The GDPR is not a distant law for lawyers; it shapes how you handle data every day. What the GDPR asks of you in your daily work, in plain language.

Practical guidance on acceptable use policy aup for organizations that want to improve secure behavior structurally.

Practical guidance on accidental data sharing for organizations that want to improve secure behavior structurally.

Practical guidance on AI governance awareness for organizations that want to improve secure behavior structurally.

Practical guidance on api security awareness for end users for organizations that want to improve secure behavior structurally.

Practical guidance on audit evidence awareness for organizations that want to improve secure behavior structurally.

Practical guidance on awareness for HR and onboarding for organizations that want to improve secure behavior structurally.

Practical guidance on behavior change in security awareness for organizations that want to improve secure behavior structurally.

Practical guidance on board reporting public sector awareness for organizations that want to improve secure behavior structurally.

Practical guidance on board reporting awareness for organizations that want to improve secure behavior structurally.

Practical guidance on breach reporting awareness for organizations that want to improve secure behavior structurally.

Practical guidance on security culture for organizations that want to improve secure behavior structurally.

Practical guidance on business email compromise for organizations that want to improve secure behavior structurally.

Practical guidance on choose security awareness content for organizations that want to improve secure behavior structurally.

Practical guidance on clean desk policy for organizations that want to improve secure behavior structurally.

Practical guidance on cloud security basics for end users for organizations that want to improve secure behavior structurally.

Practical guidance on common data breach scenarios for organizations that want to improve secure behavior structurally.

Practical guidance on common security mistakes employees make for organizations that want to improve secure behavior structurally.

Practical guidance on compliance requirements security awareness training for organizations that want to improve secure behavior structurally.

Practical guidance on consequences employees skipping security training for organizations that want to improve secure behavior structurally.

Practical guidance on data protection and privacy gdpr for organizations that want to improve secure behavior structurally.

Practical guidance on device security basics for organizations that want to improve secure behavior structurally.

Practical guidance on difference security training and compliance training for organizations that want to improve secure behavior structurally.

Practical guidance on dora awareness for organizations that want to improve secure behavior structurally.

Practical guidance on email security and social engineering for organizations that want to improve secure behavior structurally.

Practical guidance on employee incident response for organizations that want to improve secure behavior structurally.

Practical guidance on getting employees to take security training for organizations that want to improve secure behavior structurally.

Practical guidance on healthcare information security awareness europe for organizations that want to improve secure behavior structurally.

Practical guidance on how long security training for organizations that want to improve secure behavior structurally.

Practical guidance on how much does security awareness elearning cost for organizations that want to improve secure behavior structurally.

Practical guidance on how often security training for organizations that want to improve secure behavior structurally.

Practical guidance on how phishing simulations work for organizations that want to improve secure behavior structurally.

Practical guidance on build a security awareness program for organizations that want to improve secure behavior structurally.

Practical guidance on choose a security awareness platform for organizations that want to improve secure behavior structurally.

Practical guidance on how to engage employees in security awareness for organizations that want to improve secure behavior structurally.

Practical guidance on how to measure security awareness for organizations that want to improve secure behavior structurally.

Practical guidance on how to spot CEO fraud for organizations that want to improve secure behavior structurally.

Practical guidance on incident reporting without blame for organizations that want to improve secure behavior structurally.

Practical guidance on insider risk signals for organizations that want to improve secure behavior structurally.

Practical guidance on ISO 27001 awareness requirements for organizations that want to improve secure behavior structurally.

Practical guidance on leadership video phishing simulation for organizations that want to improve secure behavior structurally.

Practical guidance on localizing security awareness content for organizations that want to improve secure behavior structurally.

Practical guidance on lost devices reporting for organizations that want to improve secure behavior structurally.

Practical guidance on making security training engaging for organizations that want to improve secure behavior structurally.

Practical guidance on microlearning for employees for organizations that want to improve secure behavior structurally.

Practical guidance on NIS2 awareness healthcare for organizations that want to improve secure behavior structurally.

Practical guidance on nis2 board training obligation europe for organizations that want to improve secure behavior structurally.

Practical guidance on NIS2 roles awareness for organizations that want to improve secure behavior structurally.

Practical guidance on nis2 transposition europe for organizations that want to improve secure behavior structurally.

Practical guidance on password management best practices for organizations that want to improve secure behavior structurally.

Practical guidance on payment verification procedures for organizations that want to improve secure behavior structurally.

Practical guidance on phishing education for organizations that want to improve secure behavior structurally.

Practical guidance on phishing follow-up public sector for organizations that want to improve secure behavior structurally.

Practical guidance on phishing KPIs for organizations that want to improve secure behavior structurally.

Practical guidance on phishing red flags for organizations that want to improve secure behavior structurally.

Practical guidance on phishing risks healthcare for organizations that want to improve secure behavior structurally.

Practical guidance on physical security awareness for organizations that want to improve secure behavior structurally.

Practical guidance on qr phishing for organizations that want to improve secure behavior structurally.

Practical guidance on ransomware employee behavior for organizations that want to improve secure behavior structurally.

Practical guidance on remote work incident lessons for organizations that want to improve secure behavior structurally.

Practical guidance on scorm vs standalone awareness platform for organizations that want to improve secure behavior structurally.

Practical guidance on secure the mobile workplace for organizations that want to improve secure behavior structurally.

Practical guidance on security awareness customer trust for organizations that want to improve secure behavior structurally.

Practical guidance on security awareness communication plan for organizations that want to improve secure behavior structurally.

Comparison for organizations choosing between a structural elearning approach and standalone awareness sessions.

Practical guidance on security awareness government for organizations that want to improve secure behavior structurally.

Practical guidance on security awareness IT service providers for organizations that want to improve secure behavior structurally.

Practical guidance on security awareness education for organizations that want to improve secure behavior structurally.

Practical guidance on security awareness healthcare for organizations that want to improve secure behavior structurally.

Practical guidance on security awareness private life for organizations that want to improve secure behavior structurally.

Practical guidance on security awareness KPIs for organizations that want to improve secure behavior structurally.

Practical guidance on security awareness management buy-in for organizations that want to improve secure behavior structurally.

Practical guidance on security awareness onboarding education for organizations that want to improve secure behavior structurally.

Practical guidance on security awareness roadmap for organizations that want to improve secure behavior structurally.

Practical guidance on security awareness vendor selection for organizations that want to improve secure behavior structurally.

Practical guidance on security topics for executives and boards for organizations that want to improve secure behavior structurally.

Practical guidance on shadow IT risks for organizations that want to improve secure behavior structurally.

Practical guidance on should security training be mandatory for organizations that want to improve secure behavior structurally.

Practical guidance on behavior interventions security awareness for organizations that want to improve secure behavior structurally.

Practical guidance on smishing and vishing for organizations that want to improve secure behavior structurally.

Practical guidance on spear phishing examples for organizations that want to improve secure behavior structurally.

Practical guidance on topics security training employees for organizations that want to improve secure behavior structurally.

Practical guidance on tracking security training completion for organizations that want to improve secure behavior structurally.

Practical guidance on vendor fraud for organizations that want to improve secure behavior structurally.

Practical guidance on what is NIS2 awareness for organizations that want to improve secure behavior structurally.

Practical guidance on what is phishing for organizations that want to improve secure behavior structurally.

Practical guidance on what is security awareness for organizations that want to improve secure behavior structurally.

Definition and practical guidance for teams that want to understand when elearning fits within an awareness approach.

Practical guidance on why awareness programs fail for organizations that want to improve secure behavior structurally.

Practical guidance on why employees click on phishing for organizations that want to improve secure behavior structurally.

Practical guidance on why phishing simulations work for organizations that want to improve secure behavior structurally.

Practical guidance on security awareness policy for organizations that want to improve secure behavior structurally.

Awareness does not collapse because of busyness, but because of plans that pretend the busyness does not exist. How to plan smarter, not do more.

If you train on everything, nobody learns what really matters. Why role-based segmentation, built on a risk analysis, makes awareness shorter, sharper and more…

A baseline nobody dares to discuss is not a measurement but a reckoning. Why a baseline survey only works when it feels safe, and how to turn it into a…

Whoever sells awareness with fear sells not safety but dependence. How to recognise fear sellers and why real awareness builds competence, not panic.

Never underestimate your employees' digital skill, at most underestimate how poorly we sometimes explain things. Treat people as professionals and your weakest…

An external-sender banner interrupts autopilot, but its effect fades through habituation and a false sense of safety. How to weigh and design it, and what…

Practical guidance on gamification in awareness for organizations that want to improve secure behavior structurally.

Without visible leadership, every awareness programme stays non-committal. Why top-down example sets the tone, what visible leadership looks like, and how to…

Practical guidance on MFA fatigue attacks for organizations that want to improve secure behavior structurally.

Practical guidance on NIS2 awareness checklist for organizations that want to improve secure behavior structurally.

Safe Links (Safe URLs) in Exchange rewrites links for time-of-click scanning, but it hides the real destination and breeds false security. Read the dilemmas…

The most underrated awareness opportunity is onboarding. Why the first weeks set the tone, why a simple welcome video beats a glossy e-learning, and how it…

Security feels technical until you show it happens in your own pocket every day. Why recognition, not technology, drives behaviour change, and how to make…

Practical guidance on security awareness ROI for organizations that want to improve secure behavior structurally.

Practical guidance on supplier security awareness for organizations that want to improve secure behavior structurally.

Practical guidance on vpn for employees for organizations that want to improve secure behavior structurally.

Gamification only motivates when the game is about safety, not about points. Why the score can crowd out safe behaviour, and how to use game elements well.

A phishing simulation that humiliates does not train alertness but distrust of the employer. Why simulations should teach, not catch, and why the report rate…

An employee who does not report is not a risk but a symptom of a culture that punishes. Why reporting must be easy and safe, and how to build a reporting…

When fewer than 1% of staff take part, it is rarely the training content. Awareness is change management: meaning, leadership and rhythm decide whether it…

In May 2026 an attack on the Canvas learning platform (Instructure) hit hundreds of millions of users worldwide, including seven Dutch universities. The…

In April 2026 a ransomware attack hit ChipSoft, the supplier of the electronic patient record used by around 70% of Dutch hospitals. The lesson: you are only…

In the hack on the Dutch municipality of Epe (March 2026), data on nearly all residents was stolen, including national ID numbers and copies of identity…

In 2025 the group Scattered Spider crippled Marks & Spencer — not through an exploit, but by calling the IT help desk and asking for a password reset. The…

In February 2026, attackers combined a phishing email with a fake IT phone call to break into Dutch telecom provider Odido. The awareness lesson: customer…

Multi-factor authentication is one of the most effective measures against account takeover. This is how to roll it out step by step, without too much friction…

You cannot just process personal data: you need a legal basis. The six legal bases of the GDPR explained, with practical examples.

Names and addresses are not the only personal data. Learn to recognise what falls under the GDPR, including less obvious examples like IP addresses and licence…

Health, religion and biometrics are special category data. Which categories exist, why they get extra protection, and how to handle them in practice.

The GDPR in plain language: what the law is, who it applies to, and which principles shape your daily work with personal data.

Not all data needs the same protection. How classification and the need-to-know principle help share the right data with the right people.

The less data you have, the less can leak. Data minimisation explained, with practical examples for forms, email and storage.

Deleting is not the same as destroying, and not all data may simply be thrown away. How to make paper, drives and cloud data truly unreadable, and how legal…

Information security uses the CIA triad; the GDPR names integrity and confidentiality as a principle. The same words, a different scope. The difference…

People have rights over their own data. Which rights the GDPR grants, what a request means for you, and how to handle it correctly.

Privacy is not arranged afterwards, but from the start. What privacy by design and by default mean, and how to apply them in projects and daily choices.

In identity theft, someone uses your data to impersonate you. How it works, how to recognise it, and what to do if it happens to you.

AI platforms often process large amounts of personal data. What privacy risks this brings, what the GDPR and the AI Act require, and which agreements employees…

ISO/IEC 27002:2022 makes awareness more explicit: demonstrable, role-based and repeated. What changed, and how to set up your programme without turning it into…

Most European governments work to a national baseline for information security, and all of them require demonstrable awareness. This is how public bodies meet…

Free public Wi-Fi is convenient but risky for work email and sensitive accounts. Why mobile data is almost always safer, how to recognise public networks, and…

Medical data is often worth more than credit card data on the black market. Why healthcare is a favourite target, which legislation applies, and how employees…