CMS offers Security Awareness Training which is an educational program designed to inform and train individuals—typically employees—about the potential security threats that could compromise an organization's data and systems. The goal is to reduce human risk by promoting behaviors that help protect against cyberattacks, breaches, and other security incidents.

Here are the key elements of security awareness training:

1. Understanding Threats: It teaches individuals to recognize various types of cyber threats, such as phishing, malware, social engineering, ransomware, and insider threats.
2. Best Practices: Employees learn best practices for maintaining security, such as creating strong passwords, recognizing suspicious emails, avoiding risky websites, and following security policies.
3. Compliance: It ensures that staff are aware of and compliant with data protection regulations like GDPR, HIPAA, or PCI-DSS.
4. Incident Response: Training often includes guidance on what to do in case of a security breach, including how to report incidents and follow proper protocols.
5. Social Engineering Awareness: It helps people recognize manipulative techniques used by attackers to deceive them into giving away confidential information.