Academy Basic · 142 articles

Academy Basic

Intermediate Academy modules — Basic tier required (₹499/month)

Academy

Module 6 · Awareness Programmes That Change Behaviour

Why this module exists. Awareness training is the single most-funded, least-effective security investment in most Indian enterprises. The right structure — frequent,…

May 14, 2026 · 4 min read
Academy

Module 5 · Physical Social Engineering — Tailgating, Badge Cloning, USB Drops

Why this module exists. Physical access still beats remote-only attacks for certain target classes — server-room access to a regulated bank, badge-room…

May 14, 2026 · 5 min read
Academy

Module 3 · Vishing, Smishing & WhatsApp Pretext — The Indian Voice Channel

Why this module exists. The corporate phishing-defence stack — DMARC, anti-phishing platforms, FIDO2 — does not protect against an attacker calling the…

May 14, 2026 · 4 min read
Academy

Module 4 · Business Email Compromise (BEC) — Four Variants and the Defender Stack

Why this module exists. BEC does not need malware, credential theft, or AiTM phishing. It only needs to convince one finance person…

May 14, 2026 · 4 min read
Academy

Module 2 · Phishing — AiTM, MFA Bypass, and the 2026 Defender Stack

Why this module exists. Email-borne phishing is no longer “click this link, enter password.” Modern kits proxy the entire login flow, capture…

May 14, 2026 · 4 min read
Academy

Module 5 · Security Policy Architecture — Policy, Standard, Procedure, Baseline

Why this module exists. Auditors ask for “the policy.” Engineers want “the rule.” Both are right; they are asking different questions of…

May 13, 2026 · 4 min read
Academy

Module 6 · Security Maturity Models — NIST CSF, ISO 27001, SAMM, CIS in Practice

Why this module exists. Every Indian enterprise we audit has a “maturity assessment” somewhere on file. Few have one that has been…

May 13, 2026 · 5 min read
Academy

Module 4 · Risk Appetite Statement — Writing One That Drives Decisions

Why this module exists. Risk appetite is where governance meets engineering reality. Without a stated appetite, every risk decision becomes ad hoc…

May 13, 2026 · 5 min read
Academy

Module 2 · First 90 Days as a Security Leader — The Practitioner Playbook

Why this module exists. CISO and security-leader transitions in Indian enterprises follow a predictable failure mode. The new leader arrives, the board…

May 13, 2026 · 4 min read
Academy

Module 3 · Board Reporting for Security — Metrics, Narrative, Cadence

Why this module exists. The board is not your peer audience. They are not security practitioners. The report that wins your peers’…

May 13, 2026 · 5 min read
1 2 3 4 5 6 15