With a large and diverse workforce, the airline faced increasing exposure to phishing and social engineering threats. Security awareness activities existed but lacked consistency, measurable outcomes, and a unified strategy to drive long-term behavioral change across the organization.
1. Program Governance & Planning
Acted as project lead overseeing a multi-consultant delivery team, defining scope, success criteria, governance structure, and execution timelines in alignment with airline operational realities.
2. Security Awareness Program Design
Designed a structured awareness program combining role-based training, periodic knowledge assessments, and continuous reinforcement aligned with real-world threat scenarios.
3. Phishing Simulation & Human Risk Measurement
Implemented simulated phishing campaigns to measure baseline susceptibility, user behavior, and reporting effectiveness across the workforce.
4. Training Content & Delivery
Rolled out targeted awareness content tailored to different employee groups, focusing on practical, scenario-based learning rather than generic compliance training.
5. Monitoring, Metrics & Continuous Improvement
Established ongoing measurement and reporting to track user behavior, phishing trends, and program effectiveness over time.
