We use cookies to give you a more relevant browsing experience and improve our website. Using this site means that you agree with our Use of Cookies Policy.

What we do

Stickley on Security was founded in 2007 with a plan to provide organizations with meaningful education and awareness solutions that employees and customers would actually embrace. As our founder Jim Stickley points out, it is simple to offer a training course but far more difficult to actually educate the participants. Our goal is to ensure that your customers and employees not only learn about cybersecurity risks, but that they can apply what they learn into their everyday lives and jobs.

SoS Solutions

Explore our solutions designed to exceed your cybersecurity education & awareness requirements.

Powered Cybersecurity Training

Powered Cybersecurity Training. (PCT) is designed to help solve the challenges small and medium-sized businesses face in attempting to deploy and manage cybersecurity education and phishing simulation.

SoS Advisor

SoS Advisor was designed to address the customer security education and awareness needs of your organization. We understand that the security threats your customers face change daily. That's why SoS provides new content everyday specifically written for your customers.

Domain Assure

Spoofed domains lead to employee and customer compromise. Domain Assure Detect and Domain Assure Prevent are two solutions designed to maintain your organizations online integrity and reduce spear-phishing, typosquatting and other online attacks.


Some of the biggest cyber security breaches in US history have started with a malicious email received by an unsuspecting employee. Using his past 25 years of experience breaking into organizations, Stickley has created BadPhish, the definitive next generation phishing simulator and education solution.

Employee EDU

Potential new threats against your organization emerge daily. Employee EDU is designed to ensure your staff is prepared. Through our security education and awareness solutions your staff will not only be trained about important security topics but also be made aware and tested on the latest security threats.

Find Out More
SoS WorkRemote

Stickley on Security WorkRemote combines practical education and technology to provide a next-generation remote employee cybersecurity solution. Stickley on Security WorkRemote ensures no corporate data resides at the remote location, no corporate data transported, no individual VPN required, and only encrypted pixels are transmitted.

Board Meeting Cybersecurity Updates

Jim Stickley speaks at hundreds of board meetings nationwide on cybersecurity related topics and can now speak to your board as well. When Stickley speaks to your board, his goal is to keep them aware of the many cybersecurity threats that your organization faces as well as keep them up to date on the latest cybersecurity regulations. Ultimately Stickley gives your board members the critical information they need to make cybersecurity related decisions.

Executive / Board Consulting

Business executives and their board members face a never-ending challenge of keeping up with the latest cybersecurity security threats. With all of the audits and reports, security budget requests and regulatory requirements, our cyber security experts can help you make sense of it all.


Latest Cybersecurity News

Can Hackers Take A Bite Out Of Your Mobile Pay Solution?

With the many digital payment options available today, finding the most secure providers can be a challenge. The popularity of digital wallets has grown over time and writing checks and even using plastic cards for payments are quickly becoming the dinosaurs of our non-digital past. Many users now own mobile wallets and pay for goods and services. And using Apple Pay, Google Pay or another service for those transactions may offer peace of mind knowing your payment data is safe and out of the reach of hackers.

CAPTCHA Used as Bait For Growing Number Of Email Scams

Most of us are familiar with the funky CAPTCHA verification window that occasionally pops-up when signing onto a website. CAPTCHA systems lend a level of credibility to those of us asked to verify online that we’re human and not a bot. Seeing it makes us feel better about the site being more secure than others. After all, only a 100% legitimate website or service would dare use CAPTCHA, right? Wrong. This now Google-owned service has become a favorite bait for scammers who want you to believe they’re legitimate, and it’s working big-time.

Homoglyph Attacks Show What You See May Not Be What You Get

Not the easiest word to pronounce or spell, homoglyph attacks continue to be widely used by fraudsters intent on stealing your PII. Homoglyphs use characters in a domain name that look like what they’re supposed to be, but they’re not. Cybercriminals use characters from English and other languages to create sneaky, but fake domain name spellings, all with the goal of stealing your PII from a bogus website. Hackers count on users not noticing the homoglyph in order to be successful, and now these attacks are easier to pull-off than ever before.


Have questions? Call us anytime!