• Home
  • Offers and packages
  • Training & Awareness

Cybersecurity Training & Awareness

68% of data breaches involve human error (Verizon DBIR 2024). Bexxo trains your employees with two complementary tools: PhishTrainer simulates real phishing attacks and measures behaviours, while Bexxo Academy delivers interactive modules on cyber threats. The result: fewer clicks on malicious links, aware teams and documented nDSG compliance.

Internal Training

Strengthen your first line of defense

68% of data breaches involve a human factor (Verizon DBIR 2024). An untrained employee who clicks on a phishing email can cost their company hundreds of thousands of francs — and its reputation. Training your teams is not optional: it is the most cost-effective prevention measure available.

To address this challenge, Bexxo has developed a structured approach based on two complementary measures:

  • PhishTrainer — our Swiss phishing simulation software: test the real vigilance of your employees with realistic campaigns, identify vulnerable profiles, measure progress over time
  • Bexxo Academy — our dedicated training platform: interactive modules, quizzes, videos and educational games available 24/7, complemented by in-person sessions in Ins (BE)

Cybersecurity Training

3-Theme Training

At bexxo, we believe that well-trained employees are an undeniable additional asset against cyber threats. Our cybersecurity training program for SMEs focuses on three essential aspects:

Previous
Next
I

Awareness of current threats

  • Realistic phishing campaigns targeting your employees, without risk
  • Template library: MS365, banks, deliveries, social networks…
  • Identification of vulnerable profiles by department or team
  • Detailed reports ready for internal audits

AI-generated phishing emails have a click rate 4 times higher than manual emails (APWG / Keepnet 2025).

II

Daily security best practices

  • Interactive modules, quizzes, videos and educational games on academy.bexxo.ch
  • Accessible 24/7 from any device
  • Adapted to all levels: non-technical employees and IT managers
  • In-person sessions at our premises in Ins (BE), up to 20 people

III

Developing a cybersecurity culture

  • Individual and collective dashboards to track each employee
  • Programmes adjusted according to vulnerable profiles identified by PhishTrainer
  • Recurring campaigns updated in line with new threats
  • Reports usable as proof of due diligence in the event of a FDPIC inspection

Tailor-made solutions

Tailor-made network solutions for complex projects

Contact us to discuss your specific needs and get a personalized quote.

Our team of experts will be happy to guide you towards the solution best suited to your company.

Contact Me

We will process your personal information in accordance with our privacy policy.

Thank you, your message has been sent successfully.
Error! The message could not be sent.

Frequently asked questions about cybersecurity training

What is cybersecurity training in the workplace?

Cybersecurity training in the workplace is a structured programme that teaches employees to recognise and avoid everyday cyber threats: phishing, social engineering, weak passwords, risky behaviours. Unlike purely technical solutions, it addresses the main vulnerability of organisations: the human factor. At Bexxo, training combines real simulation via PhishTrainer (fake phishing email campaigns) and interactive learning via Bexxo Academy (modules, quizzes, videos). 68% of data breaches involve human error (Verizon DBIR 2024).

What is the difference between PhishTrainer and Bexxo Academy?

They are two complementary tools:

  • PhishTrainer works through practice: it sends fake phishing emails to your employees and measures who clicks and who reports the attack. This is the behavioural approach — learning by experience. The dashboard shows the click rate, the reporting rate and the trend over time.
  • Bexxo Academy works through knowledge: video modules, interactive quizzes, educational games on cyber threats. Available 24/7 online, complemented by in-person sessions in Ins (BE). Ideal for onboarding new employees and updating knowledge.

Both tools together cover the complete loop: raise awareness → test → measure → improve.

Is cybersecurity training mandatory under Swiss nDSG?

The nDSG (Swiss Federal Act on Data Protection, in force since September 2023) requires companies to implement organisational measures to protect personal data. Staff training is explicitly recommended by the Federal Data Protection and Information Commissioner (FDPIC) as an essential organisational measure. In the event of a data breach, the absence of documented training may increase the company's liability. Bexxo provides a monitoring report that serves as proof of due diligence in the event of an FDPIC audit. Fines of up to CHF 250,000 for data controllers in the event of a breach.

How can you measure the effectiveness of cybersecurity training?

The effectiveness of cybersecurity training can be measured concretely using behavioural indicators:

  • Click rate on simulated phishing — before/after training. A good programme reduces this rate by more than 70% within 6 months.
  • Reporting rate — the number of employees who actively report a suspicious phishing attempt.
  • Academy completion score — percentage of completed modules and quiz results.
  • Trend over time — PhishTrainer dashboard with 12-month history.

These metrics are available in the Bexxo dashboard and can be exported for nDSG compliance reports.

How long does it take to train an SME with 20 to 50 employees?

For an SME with 20 to 50 employees, the typical programme runs over 3 to 6 months:

  • Week 1: set up PhishTrainer, send the first baseline phishing campaign.
  • Months 1-2: Bexxo Academy access for all employees, introductory modules (30 to 45 min per module).
  • Months 3-6: monthly phishing campaigns, targeted reminders for at-risk employees, progress report.

The setup is handled by Bexxo — no internal technical skills required. Monthly administration time is less than 2 hours for the HR or IT manager.

Cybersecurity training in the workplace is a structured programme that teaches employees to recognise and avoid everyday cyber threats: phishing, social engineering, weak passwords, risky behaviours. Unlike purely technical solutions, it addresses the main vulnerability of organisations: the human factor. At Bexxo, training combines real simulation via PhishTrainer (fake phishing email campaigns) and interactive learning via Bexxo Academy (modules, quizzes, videos). 68% of data breaches involve human error (Verizon DBIR 2024).

They are two complementary tools:

  • PhishTrainer works through practice: it sends fake phishing emails to your employees and measures who clicks and who reports the attack. This is the behavioural approach — learning by experience. The dashboard shows the click rate, the reporting rate and the trend over time.
  • Bexxo Academy works through knowledge: video modules, interactive quizzes, educational games on cyber threats. Available 24/7 online, complemented by in-person sessions in Ins (BE). Ideal for onboarding new employees and updating knowledge.

Both tools together cover the complete loop: raise awareness → test → measure → improve.

The nDSG (Swiss Federal Act on Data Protection, in force since September 2023) requires companies to implement organisational measures to protect personal data. Staff training is explicitly recommended by the Federal Data Protection and Information Commissioner (FDPIC) as an essential organisational measure. In the event of a data breach, the absence of documented training may increase the company's liability. Bexxo provides a monitoring report that serves as proof of due diligence in the event of an FDPIC audit. Fines of up to CHF 250,000 for data controllers in the event of a breach.

The effectiveness of cybersecurity training can be measured concretely using behavioural indicators:

  • Click rate on simulated phishing — before/after training. A good programme reduces this rate by more than 70% within 6 months.
  • Reporting rate — the number of employees who actively report a suspicious phishing attempt.
  • Academy completion score — percentage of completed modules and quiz results.
  • Trend over time — PhishTrainer dashboard with 12-month history.

These metrics are available in the Bexxo dashboard and can be exported for nDSG compliance reports.

For an SME with 20 to 50 employees, the typical programme runs over 3 to 6 months:

  • Week 1: set up PhishTrainer, send the first baseline phishing campaign.
  • Months 1-2: Bexxo Academy access for all employees, introductory modules (30 to 45 min per module).
  • Months 3-6: monthly phishing campaigns, targeted reminders for at-risk employees, progress report.

The setup is handled by Bexxo — no internal technical skills required. Monthly administration time is less than 2 hours for the HR or IT manager.