We use cookies to give you a more relevant browsing experience and improve our website. Using this site means that you agree with our Use of Cookies Policy.

What we do

Stickley on Security was founded in 2007 with a plan to provide organizations with meaningful education and awareness solutions that employees and customers would actually embrace. As our founder Jim Stickley points out, it is simple to offer a training course but far more difficult to actually educate the participants. Our goal is to ensure that your customers and employees not only learn about cybersecurity risks, but that they can apply what they learn into their everyday lives and jobs.

SoS Solutions

Explore our solutions designed to exceed your cybersecurity education & awareness requirements.

Employee EDU

Potential new threats against your organization emerge daily. Employee EDU is designed to ensure your staff is prepared. Through our security education and awareness solutions your staff will not only be trained about important security topics but also be made aware and tested on the latest security threats.

Find Out More
Powered Cybersecurity Training

Powered Cybersecurity Training. (PCT) is designed to help solve the challenges small and medium-sized businesses face in attempting to deploy and manage cybersecurity education and phishing simulation. PCT is completely automated, including all reporting and notices. It's simple to set up your users to provide your entire organization with more comprehensive cybersecurity training than 82 percent of all other American companies.

Badphish Phishing Testing

Some of the biggest cyber security breaches in US history have started with a malicious email received by an unsuspecting employee. Using his past 25 years of experience breaking into organizations, Stickley has created BadPhish, the definitive next generation phishing simulator and education solution.

SoS Advisor

SoS Advisor was designed to address the customer security education and awareness needs of your organization. We understand that the security threats your customers face change daily. That's why SoS provides new content everyday specifically written for your customers.

Domain Assure

Your domain is an essential part of your brand. Protect your brand by preventing cybercriminals from using your domain against you and your customers. By protecting your domain, Domain Assure can greatly curtail spear phishing and typosquatting attacks. Most importantly, Domain Assure takes less than 5 minutes to setup and requires no additional administration once running.

Executive / Board Consulting

Business executives and their board members face a never-ending challenge of keeping up with the latest cybersecurity security threats. With all of the audits and reports, security budget requests and regulatory requirements, our cyber security experts can help you make sense of it all.


Latest Cybersecurity News

Not All WiFi Is Good WiFi

WiFi has become a part of pretty much any device that has network access. From mobile phones and tablets to desktop computers and laptops. The time to plug in an Ethernet cable has long since passed. And while just a few years ago it was considered high risk to allow WiFi access in corporate offices, now it is just a standard part of doing business. Unfortunately, when dealing with technology that everyone is using, cybercriminals are generally also going to get involved. And when it comes to WiFi, there are plenty of opportunities for cybercriminals to attack. Fortunately, most of this risk can be easily eliminated through awareness and proper security controls.

Google Patches Three Critical Flaws - Update Now

On the heels of a major zero-day flaw at the end of 2019 in Google’s Chrome browser, nips three major issues rated high-severity. The most severe of these could allow at attacker to execute arbitrary code in the browser, obtain sensitive information from the machine, and bypass security restrictions. Google has stated it is aware that one of them is being actively exploited. Check for your latest versions and take a minute right now and don't wait to update.

What Is Personally Identifiable Information (PII)

People often use the term "confidential information" or “sensitive information” when they are really referring to personally identifiable information (PII). However, it certainly can be confusing knowing the difference between them all. To clarify a bit, PII should always be considered confidential, but not all confidential or sensitive information is actually PII. For example, confidential documents regarding business strategy may or may not include PII. However, it’s probably not viewed favorably if documents of that sort are lying around exposed to all, even if they don’t include PII or violate any regulations or laws. For the most part confidential and sensitive can be used interchangeably, but PII should be handled differently.


Have questions? Call us anytime!