Skip to main content

Empower your employees with cyber safety awareness and prevention.

Phishing and social engineering are common causes of cyber attacks for Canadian organizations. A training program is a great way to teach employees to identify and report these attacks, to protect themselves and your organization, and is now a common requirement for doing business with third-party vendors or to renew cyber insurance policies.

Many IT teams don't have time to build these programs on their own. Here's how CIRA Cybersecurity Awareness Training can help.

Canadian Phishing Email Examples

More effective training with courses and phishing templates designed with Canadian users in mind.

Off-the-shelf Deployment

Our pre-built curriculum, courses and automated phishing campaigns save IT teams countless hours.

Gamified Training Experience

Risk scores, badges and leader boards engage your staff so their training actually sticks.

We’ve had nothing but really positive feedback from staff that have come up to us personally and said, ‘Hey, we’re learning a lot of stuff that we never knew before, and the platform provides this to us in a very easy way.’

Kevin Caisse Director of IT, Saskatchewan Indian Institute of Technology

Platform features

Training courses

Pre-built curriculum

Launch faster with our starter workflow, covering cybersecurity basics such as social engineering and ransomware.

Content in English and French

Our training engages users by keeping it relevant with Canadian stories, regulations and examples in both official languages.

Add your own content

Import existing PDF or SCORM 1.2 courses and gain platform benefits like quizzes and automation.

Phishing tests

Automated phishing program

Our platform sends monthly, randomized phishing tests to your users, saving you time while creating an ongoing program.

Create spearphishing templates

Easily develop tailored phishing templates right inside the platform. No coding required.

Reinforce training with hands-on learning

Clickers receive automated remedial training, while reporters improve a personalized risk score.

Risk scores

Measure individual, department, and organization risk with scores that go up and down based on training success.

Personal dashboards

Every user gets a dashboard that shows their training progress through individual risk and engagement scores.

Report-a-phish button

Empower users to report simulations and real phishes with a built-in reporting button for Outlook and Gmail.

Risk advisor

Learn about your organization's unique risk profile using user surveys and training data aggregated in one place.

Detailed reporting

Slice-and-dice training and phishing data to identify repeat clickers, high performing employees, and more.

User sync

Easily and automatically import and remove users and departments using Active Directory.

Awareness training resources

How to build a healthy cybersecurity awareness culture


Read blog post

Everything you need to know about phishing test metrics


Read blog post

What your users can teach you about cybersecurity awareness


Watch on-demand webinar