Online Security Awareness Training

Boxphish are a UK based provider of engaging and automated online security awareness training programmes, a proven way to develop your “Human Firewall”.

Reduce the risk of data breaches through automated training

Teach your people to be the first line of defence

Protect your organisation from financial risk

Create a culture of awareness

Clients Protecting Their Organisation With Boxphish Include

boxphish cyber security clients

Why do I need Online Security Awareness Training for my employees?

Training your people is the key to keeping your organisation safe. In order to reduce your risk of becoming victim to a cyber-attack, the front line of your organisation – your employees – need to be able to identify and avoid these attacks. Our day to day working lives now expose us to a larger number of cyber threats than ever before and as a result, there are many new techniques and challenges employees need to be prepared to face and deal with.

Ranging from common cyber-attacks seen in phishing emails, to ransomware and malware attacks, email fraud and CEO fraud and even more advanced tactics like identity theft or data breaches, cybercriminals will stop at nothing to try and gain access to your device or data. If your employees are in tune to these sorts of attacks, then there are naturally far less likely to fall for one and put your organisation at risk.

Your people are the first thing a lot of customers encounter when interacting with your business, they are the thing that keeps everything ticking over from one day to the next, the most important cog in the organisations’ machine. This is why they need to be protected and trained to be the protectors themselves too. By investing in your employees, you are investing further into your own organisation and doing your bit to help keep everything you work for, safe.

online security awareness training
online security awareness

Protect your organisation by optimising your “Human Firewall”

You might think that there are easier or faster ways to protect your organisation than investing in a cyber security awareness training programme, and you’re probably right. But there are few that are quite as effective, both from a monetary perspective and in regard to employee engagement and satisfaction.

It’s staggering how many organisations think that a one-hour webinar twice a year is sufficient for cyber security training. The information isn’t absorbed by employees and it certainly isn’t enough to put into practise to use all year round. A proper training programme includes monthly courses, with regular tests to ensure the knowledge that is being transferred is actually being learnt and can be put into practise. This benefits both the people and the organisation as a whole so much more, with knowledge and proof that this can be put into practise when needed, in the event of a cyber-attack.

Overall, once your organisation has invested in regular cyber security training, the costs associated with cyber security tend to decrease. This is because you are spending far less money – and time – solving problems that have arisen through cyber-attacks, due to the regular training making these a far less frequent occurrence. Even if you haven’t yet fallen victim to a cyber-attack, don’t sit around and wait for it to happen. Invest in the training and use this as a preventative method, doing the right thing before it’s too late.  

As featured in

gartner logo

Boxphish is recognised as a featured vendor in Gartner's Cyber Security Awareness Training & Response Platform Market Guide.

boxphish icon

The Boxphish Online Security Awareness Training will educate and empower your employees to make better cyber decisions

Cyber security simulation

Simulate cyber security threats

Test your employees via phishing simulations. Gain access to existing simulations such as Microsoft 365, HMRC, Dropbox and Deliveroo along with custom simulations specific to your staff. All data is stored so you can analyse click rates throughout the training programme and track progress.

Educate staff to spot phishing scams

Educate staff to spot phishing scams

Awareness is key when it comes to cyber threats to end users. Tailored learning journeys are created to address problem areas identified in the simulation testing. Training is delivered via videos, guides and quizzes which increase end users knowledge. A managed cyber security service reduces the burden on IT resources.

Analyse your employee's course statistics

Analyse your employees course statistics

Automated reporting dashboards provide data driven analysis of simulation engagement, course completion rates and risk scoring on a company and individual level. Let Boxphish run your Human Risk Board Report via our managed reporting service, providing you with the data you really need to see.

Latest Cyber Security Statistics


60% of data breaches are a result of human error

ICO, 2019


The main cause of 95% of successful cyber attacks is Human Error



56% of IT decision makers say phishing is the top threat to their organisation



100% of enterprises should report cybersecurity risk to the Board


Don't just take our word for it. Here's what our customers have to say.

Click here to read more 5 star
Boxphish reviews on

g2 boxphish reviews

Data Security Awareness FAQs

How long does it take to implement?

We would typically advise that in order to complete technical pre-requisites around whitelisting, create your phishing and learning journeys and build your report dashboard you need around 7-10 days. The actual time required from the client is minimal, around 60 minutes to complete a 12 month cyber security training programme for your employees.

Do you have an integration to Microsoft365?

Ease of management of the ongoing user base of any SaaS application is key. Boxphish has developed a Microsoft365 integration that will handle the management of your employees meaning that you can deliver one of the best cyber security training programmes available in the market.

How regularly should the employee cyber security training be delivered?

In our view to ensure you provide the best cyber security training to your employees, the training and simulated phishing should be delivered monthly. As part of the onboarding process, you can define the regularity you would like to ensure we meet your exact requirements.

Can the courses be delivered in SCORM format?

Boxphish has created an online employee security training application that has a built in LMS. Should you be interested in delivering cyber security training to your employees via your existing Learning Management System (LMS) then a request would need to be raised with your Account Manager to ensure the SCORM files are sent to you as part of the onboarding process. Please get in touch if you would like further information about this product.

What metrics does the reporting suite show?

The Boxphish report suite is industry leading, providing our customers with insightful metrics on the following;

  1. Risk Score – Company Wide
  2. Risk Score – By Department
  3. Risk Score – by individual
  4. Heat maps showing overview of simulation
  5. Engagement by type
  6. Users enroled in cyber security training
  7. programme
  8. Course complete rates
  9. Timeline of cyber courses
boxphish icon

Book a Demo

Do you want to eliminate cyber security breaches?

Please get in touch using the following details or the book a demo form provided and let us help you eliminate your cyber security risks.

0800 861 1318

Fill in the form below to book a demo

Please fill in your details and a member of our team will be in touch shortly to arrange your security awareness training demo.

Latest Boxphish Blogs

How to increase your cyber security awareness

How to increase your cyber security awareness

Top tips on how to increase your cyber security awareness: In today's digital age, cyber security is of utmost importance. With constant threats lurking on every webpage, in every inbox and across the ever widening digital landscape, everyone needs to develop a level...

Vishing: what is it and how to protect yourself

Vishing: what is it and how to protect yourself

Vishing, also known as “voice phishing” or “phone phishing”, is a type of social engineering scam where an attacker uses a phone call or voice message to trick their victim into divulging sensitive information or performing an action that can harm them or their...