74% of security incidents are due to the human factor

Perhaps it's the temp falling victim to a clever phish and sharing their username and password, or an overworked IT engineer misconfiguring a system, the busy care worker losing a device between home visits, or you yourself accidentally deleting files (we've all done it).

So why is it that so many organisations spend hundreds and thousands on whizz bang technical solutions from suppliers that give false promises? 

If organisations want to reduce the chance of a cybersecurity incident or a costly data breach, they need to invest in their people and processes, as well as in their technology.

An effective cybersecurity education, training, and awareness program is fundamental to an organisation’s capability to reduce their level of human risk on cybersecurity.

Introducing CybilityXP, our playful approach to reducing human risk.

With our CybilityXP services you’ll:

  • Reduce the level of human risk;
  • Increase employee satisfaction and retention;
  • Increase staff adherence to your cybersecurity procedures;
  • Increase the organisation's ability to detect and respond to threats;
  • Be able to flex the level and type of services as your organisation's needs change. 

Join our choir of happy clients

Really great training, well thought out and relevant to the organisation. Trainer was energetic and enthusiastic and kept me drawn in. I learned a lot!
Gemma, Head of People
I have endured a very non-interactive, two day session [...] before that was mostly a person just talking, so having such an interactive and fun session was great.
Software Developer

Sense And Sencybility

We create tailored security awareness programmes for to meet the different needs of those in your organisation. Depending upon your requirements, this might include:

  • Games
  • Videos
  • Posters
  • Seminars
  • Workshops
  • Executive briefings
  • Gamified e-learning
  • Blog/intranet articles

In our cybersecurity awareness training, participants work together in a highly interactive scenario to stop a cyberattack by solving clues. 

As a result you'll have empowered staff who are vigilant, feel confident to speak up, and take appropriate actions to protect your organisation.

    Our Cybersecurity Awareness Training is:

    • Engaging: Use humour and surprises to create a playful state of mind, making information easy to understand and remember.
    • Created and delivered by experts: Benefit from over 30 years of combined experience in cybersecurity and adult learning.
    • For all staff: Whether staff are technically savvy or not, the content is designed to help them learn new things and change their behaviours. 
    • Inclusive & diverse: Respectful of each person's preferences and needs. Our examples include people of different ages, ethnicities and abilities.

    Book a Call

    to discuss your requirements and we'll share how we can strengthen your organisation's security culture.

    Our H.A.C.C.E.R. Principles

    Our training approach is centred around our H.A.C.C.E.R. principles, which ensure that our training is Human-centric, Active, focused on Changing behaviour, Customised, Engaging, and Rationale.

    Our training isn't just about improving security skills; it's also about teaching people skills they can use in their own lives.   We understand that people are the biggest attack vector, so we train them to be more security-conscious at home and at work.

    We use simulation to help our trainees build muscle memory and get hands-on experience that adds to what they already know. We add their feedback to the content to keep them interested and make sure they learn on their own. Our training focuses on developing habits and processes around behaviours, and stories help make sense of the content and improve retention.

    Ticking boxes gives the impression of protection. Information alone cannot change behaviour. Instead, we evoke emotions with stories about security failures. We emphasise behaviour change rather than information.

    We customise training for each client. We recognise that some training can be disconnected from our trainees' daily jobs, which can lead to disengagement. We collect data from and for the organisation to make training relevant and applicable.

    Our training is set up like a game, so you can be playful without worrying about making mistakes.

    It is a well-known fact that students learn more when they are interested and having fun. Our lessons are fun, interactive, and have a point. They are done in groups, are repeated, and encourage healthy competition between students.

    We make certain that our trainees understand the ‘why’ of the training.

    We question them about why they do or do not do certain things, what they already know, and how it relates to their roles.

    We recognise that changing behaviour takes time and requires consistent reinforcement. To reinforce good habits and prevent relapse, we ensure that our training is repeatable. We take a methodical approach to our H.A.C.C.E.R. principles.

    Each client receives a programme that is tailored to their specific needs, is interactive, and focuses on long-term behaviour change.


    Here's a selection of what people have had to say about our approach to making, what many consider to be, a 'boring' topic relevant and fun.

    Education & Training

    1-2 hours

    6 to 15 participants

    All staff

    Board Members | Executive Team
    Senior Managers | Project Managers

    Subject Matter Experts: Communications | Finance  | Governance | HR | IT | Legal | Procurement | Risk


    1/2 day & full day

    Topic-specific, e.g. industry standard frameworks

    Process-specific, e.g. establishing cybersecurity governance, risk management, compliance, incident response, supply chain risk management


    Booking Options

    • Buy one stand-alone
    • Buy a package for a series covering a specific topic or process

    For your organisation

    • Three levels of content tailoring options
      • Basic
      • Standard
      • Enhanced

    Public workshop (external)

    • Standard content only
    • Share and learn from the experience of other attendees

    Flexible Delivery

    We're flexible and work with you to accommodate your preferred learning experience.

    Live online
    (i.e. remote)

    Live in-person
    (surcharge & expenses)

    Invest In Your People

    We're firm believers in people being a vital part of an organisation's defenses against all manner of threats - whether deliberate or accidental.

    When you provide them with the right environment, processes, tools, and support; they can become an effective part of your security defences.

    Don't have time to create and maintain an ongoing programme to achieve behaviour change? 
    No problem, our managed security culture service is designed to make it simple for you to get as much or as little specialist support as you need. 

    See our brochure for further details or book a discovery call.