Secure Mentem’s services support the lifecycle of a Security Awareness program. While our Security Awareness as a Service program, provides a complete awareness program, we still support established programs as required. Secure Mentem can supplement the Security Awareness staff to support, measure, and enhance the program as desired. All services incorporate our methodologies that have been refined through both decades of experience and extensive, groundbreaking, empirical research to provide a Security Awareness program that truly creates measureable behavioral change. Secure Mentem is a company dedicated the human aspects of security. Our team has decades of experience in developing and implementing impactful security awareness programs and services for many of the largest multinational companies in the world.


Secure Mentem analyzes an existing Security Awareness program to determine the goals and completeness of the program. We examine the organization’s current state of Security Awareness, the program in place, conduct extensive interviews and observations, and determine the true requirements for the program. We also examine, the level of resources and support available to the program. As required, we examine compliance and regulatory standards and compare the current program to our proprietary database of industry and sector Security Awareness programs to ensure that the program meets due diligence and any other requirements for the organization. Based on our findings, we make recommendations to enhance the program to achieve the true goal of enhancing the organization’s security culture.

Go to Top


Organizations have few resources to guide them as to how their Security Awareness program should be designed. The resulting program may or may not be acceptable within industry and sector norms. With that in mind Secure Mentem embarked on a groundbreaking research endeavor to isolate and benchmark security awareness efforts throughout industry and by sector for the Fortune 500. We further validated our research by surveying hundreds of security professionals around the world. The result is an extensive, proprietary Security Awareness reservoir of research that allows Secure Mentem to compare an organization to like organizations and industry as a whole. This provides Security Awareness managers and stakeholders the data that they need to request additional resources or to provide auditors and customers with documented proof of the efficacy of their efforts. This service is usually completed as part of a general program assessment, but is also available for organizations that just want to understand how they specifically rate, or to validate their current program.

Program Design

For organizations that do not want our full Security Awareness as a Service solution, Secure Mentem provides a Security Awareness Program Design Service. This service provides a custom designed Security Awareness program that is tailored to the needs of the organization and their culture. The program includes the identification of the unique cultures that require individualized Awareness programs, integration of metrics, recommendations of topics to be addressed by the program, components that will best suit the different cultures, and a delivery schedule. Secure Mentem also provides guidance on the ongoing evaluation of the Security Awareness program.


Secure Mentem embeds metrics into every Security Awareness program and service that we develop and implement. We also offer metrics as a stand-alone service for organizations to examine and measure efficacy of their current security awareness efforts. Our experts have studied common security awareness topics in-depth and determined ways to measure the root behaviors that demonstrate the effectiveness of security awareness efforts. Additionally, we identified methods to measure the efficacy of the individual awareness components commonly utilized. Our metrics service analyzes the Security Awareness topics addressed and the components implemented by an organization. We then determine the technical resources available to collect metrics. Our report then recommends the metrics to collect, how to collect them, required resources to collect the metrics to ensure that behavioral changes are being accomplished and that Security Awareness components are properly received.


Perhaps the most difficult part of any multinational Security Awareness program is creating the program to impact the entire targeted audience. For a large enterprise, this involves addressing many diverse demographics, cultures, languages, etc. Our Security Awareness Program Internationalization service provides for our experts to examine your organization, and determine the appropriate concerns for creating the same level of success for the Security Awareness Program throughout all geographic regions. We work to determine the appropriate languages, regionally based awareness programs, involvement from local resources and executives, and metrics to ensure a successful international roll-out of a Security Awareness Program.

Human Incident Response

For organizations that experience a breach or other security incident resulting from a user action, such as Social Engineering or Phishing attacks, we offer our Human Incident Response service. Our experts are on call to provide emergency support in assisting in assessing damage, designing a mitigation strategy from the human perspective, and taking advantage of the “teachable moment” and designing an emergency awareness campaign to demonstrate that the organization is taking actions to prevent future incidents.

Social Engineering

Secure Mentem’s staff includes experts trained in human intelligence and collection. While many vendors claim to perform Social Engineering few have people who had formal training in human elicitation as a science, as do our staff. We approach Human Elicitation, aka Social Engineering, in such a way as to create metrics in the process. We do not randomly attempt to compromise an organization, but do it in a way that samples the organization as desired to determine the full scope of the problem. This allows us to repeat our tests in the future to determine the effectiveness of the awareness program in place, and be able to recommend specific improvements in the tactics employed in awareness efforts.

When required, we also create Teachable Moments that combine a Social Engineering simulation with Security Awareness materials. In this way, your employees see the immediate effects of poor security behaviors and receive education at the time they are most likely to be receptive to the training. At Secure Mentem, we consider ourselves security professionals. Our goal is to improve security, not just break security, so even when we perform Social Engineering, it is not to just prove that there are Security Awareness flaws, but to determine how to improve the organization’s security culture.

Event Support

Secure Mentem has extensive experience conceiving and executing a wide variety of Security Awareness related events. We provide instructions and support on how to create and hold a wide variety of events, displays, games, exercises, etc. We provide world class speakers for in-house events, details on creating Computer Security Awareness Month displays and campaigns, among many other outreach efforts. We provide any level of support required to enhance Security Awareness.
Go to Top

Espionage Simulations

Using former Intelligence and Special Forces operatives, Secure Mentem performs Espionage Simulations, where we simulate an attack by a extremely skilled adversary. Using a holistic approach, we exploit an organization in a highly systematic approach. This allows for the collection of metrics, and more importantly, we target information that has clear and distinct value to the organization. This allows us to put a value to poor security awareness behaviors. The outcome is an empirical result that allows organizations to make a valid business decision.
Go to Top

Ad Hoc Support

Many Security Awareness programs do not have the staff and/or expertise to be executed properly. Secure Mentem has experts with a wide variety of security awareness expertise to provide required direct or supplemental support for an internal staff. Please contact us with your needs and we will see how we can help.
Go to Top

Phishing Support

Phishing is possibly the most widely used Security Awareness tools. Many organizations require support on how to implement Phishing exercises properly, and require support from Secure Mentem. We provide a variety of Phishing support services that ranges from managing the entire Phishing program to assessing the resulting metrics. The most commonly requested services include designing Phishing pretexts, creating Phishing message landing pages, creating videos, and assessing Phishing services to best match the business needs of the organization.

Human Incident Response Service

For organizations that experience a breach or other security incident resulting from a user action, such as Social Engineering or Phishing attacks, we offer our Human Incident Rapid Response service. Unfortunately, while the public and stakeholders readily accept the inevitability of technical attacks, they are less accepting of incidents that result from apparent poor judgment. It is therefore critical to demonstrate that your organization is taking immediate and definitive actions to both mitigate the damage and prevent future incidents.

While there are many services that assist organizations with the technical aspects of security incidents, there are few, if any, services that specifically address human incidents. Some of the most noted attacks in recent history were only enabled after exploiting human vulnerabilities through phishing or social engineering attacks. Additionally, there are regular incidents where human failings have inadvertently leaked massive amounts of sensitive information. All incidents create embarrassment and a loss of trust in the compromised organization.

For more information about our Human Incident Response Service, please click here.

Learn More

For more information please download our Services data sheet