CYBERSECURITY TRAINING

Training That Fits
Your People and Your Sector

Generic security awareness slides don't work. ThreeShield builds and delivers training tailored to your industry, your workforce, and your actual threat landscape - from field staff in oil and gas to boards of directors in regulated financial services.

Book a Training Consultation Browse Programs →
94% of breaches involve a human element - phishing, social engineering, or credential misuse
Required HIPAA, HIA, SOC 2, CIS Controls, PCI DSS and most insurers mandate documented staff training
Industry-Built Every ThreeShield program uses sector-specific scenarios, not generic corporate templates
CISSP/CISA All training facilitated by credentialed professionals with Fortune 50 and government experience

All Training Programs

All Staff · Annual

Security Awareness Training

Phishing recognition, social engineering, password hygiene, mobile security, and incident reporting. Satisfies HIPAA, HIA, SOC 2, and CIS Controls training requirements.

Required by most compliance frameworks
Quarterly Recommended

Phishing Simulation Testing

Measure real staff susceptibility before an attacker does. Detailed reporting by department, customizable difficulty levels, and integrated follow-up training for staff who click.

Cyber insurance requirement
Healthcare Sector

Healthcare Staff Training

PHI handling, EMR security, ransomware targeting clinical systems, and breach reporting. Satisfies HIPAA workforce training and Alberta HIA administrative safeguard requirements.

HIPAA §164.530(b) compliant
Energy Sector · Calgary

Oil & Gas Security Training

OT/IT convergence awareness, ICS/SCADA risks, Bill C-8 CCSPA obligations, CER expectations, and supply chain security. Field staff to executive levels.

Bill C-8 CCSPA alignment
Board & C-Suite

Executive Cyber Risk Briefings

Cyber risk in business language - regulatory accountability, incident decision authority, insurance obligations, and governance framework. 60-90 minute facilitated session.

Board governance requirement
All Sectors

Incident Response Tabletop

Ransomware, BEC, cloud takeover, OT/ICS attack, and healthcare-specific scenarios. Reveals plan gaps and clarifies decision authority before an attacker does it for you.

Required: HIPAA, PCI, NERC CIP, SOC 2
Critical Infrastructure · NEW

Bill C-8 / CCSPA Readiness Training

Role-specific training for designated operators: board overview, compliance and legal deep-dive, IT/security implementation, and supply chain procurement training.

Telecom · Banking · Energy · Transport

Training Satisfies Compliance Requirements

Every ThreeShield training program provides completion documentation mapped to relevant framework requirements.

HIPAA §164.530(b) Workforce Training Alberta HIA Administrative Safeguards CIS Controls v8.1 - Control 14 SOC 2 CC2.2 (Communication) PCI DSS 12.6 (Security Awareness) NIST CSF PR.AT (Awareness & Training) ISO 27001 Annex A 6.3 CMMC Practice AT.L2 NERC CIP-004 (Personnel & Training) Bill C-8 CCSPA Program Requirements CPA Canada Cybersecurity Framework Cyber Insurance Policy Requirements

Three Training Engagement Models

Self-Serve

Lavawall® Assisted

For organizations running their own training programs who need compliance evidence and tracking

  • Training completion tracking in Lavawall® GRC
  • Compliance evidence linking training records to control requirements
  • Phishing simulation results tracked in platform
  • AI-generated training status reports
Start with Lavawall®
Recommended

ThreeShield-Facilitated

ThreeShield delivers training sessions; you coordinate your team

  • CISSP/CISA-facilitated training sessions
  • Industry-specific content customization
  • In-person (Calgary/Alberta) or virtual delivery
  • Completion certificates and compliance documentation
  • Phishing simulation campaigns
  • Annual refresh sessions
Book Training
Fully Managed

Managed Training Program

ThreeShield manages your entire annual training program end to end

  • Everything in facilitated tier
  • Annual training plan development
  • Quarterly phishing simulation schedule
  • Role-specific training tracks (all staff, IT, executives)
  • New hire onboarding modules
  • Annual compliance training report
Book Managed Program

NERC CIP-004 Training

Mandatory annual cybersecurity training for all BES Cyber System personnel. Delivered with NERC examination-ready documentation. Covers awareness, access management, and personnel risk assessment.

NERC CIP · BES · Documented
💳

PCI DSS Training

Role-specific security training for staff who handle cardholder data. Front desk, IT, management, and remote workers each get content relevant to what they actually do - not a generic slide deck.

PCI DSS v4.0.1 · Role-Based · All SAQ Types

Build Your Human Firewall

ThreeShield training programs are built for your sector, your workforce, and your compliance obligations. Not generic slides - real threat scenarios from CISSP/CISA professionals with government and Fortune 50 experience.

Book a Training Consultation

(403) 538-5053 · Calgary, AB · Virtual delivery available globally