Empower people, secure your business

Use our data driven tools to engage, influence and cultivate security among your colleagues. Reduce cyber risk by making everyone part of your extended security team.

Discover what our customers are saying:

Statistics leave no doubt …


of information security breaches involve some kind of human error.

… does employee behavior receive a proportional share of your security budget?

Why Secure Practice? →

Secure Practice creates security champions

Learn how every employee can become a contributor to better cyber security in your organization.

Motivate a secure mindset

Facilitate an empathetic dialogue about security in your company. Build awareness through positive interactions, and get insights for further action. We offer:

  • Gamification and feedback with user experiences that people will love
  • Useful end-user tools with high visibility results for everyone

About Engage →

Provide relevant training

Offer a positive learning experience, relevant for both personal life and work. Align training with user needs to stimulate a sense of mastery. We offer:

  • Personalized progress to resonate with individual risk understanding
  • High quality content with first class support for any platform

About Influence →

Improve employee behaviors

Change comes easier when the tasks are easy, or the motivation is high. Take advantage of metrics and culture to drive human security. We offer:

  • Collaborative platform with security habits for everyone
  • Data-driven improvement with actionable feedback

About Cultivate →

Award-winning software services:

OSPA Winner 2018 Best new security product

«Secure Practice offers a unique way for employees and companies to detect and respond to targeted email threats.»

Outstandig Security Performance Awards

Winner 2018: «Best new security product»

Developed with support from:

How to find email headers in Outlook

Have you ever received an email and wondered if it could be dangerous, or maybe worth warning your colleagues about? It is definitely a good idea to report the suspicious email to IT, but the usefulness of your reporting increases if you are able to include the email headers.

Read blog post →

Detection evasion through abused redirect

Does your website allow the forwarding of end-users to URLs provided as a user-provided URL parameter? If so, it may potentially be abused in phishing campaigns, along with your web domain reputation.

Read blog post →

SPF shortcomings with Return-Path in spoofed emails

Email was never designed to be safe, but protocol additions like SPF have improved our ability to detect spoofed senders. We have discovered a trend in forging the Return-Path header, which SPF does not deal with on its own.

Read blog post →

– 1800 pairs of eyes on security is better than ten

Financial services company Storebrand has chosen Secure Practice to help employees with safe handling of suspicious emails. Bjørn Richard Watne (CISO) says the solution greatly helps both preventive and operative security.

Read customer story →

– A lack of reporting is a lost opportunity for improvement

Gamification engages, but it is the employees' contributions to information security we value the most in Secure Practice, says security manager and data protection officer Ole Martin Refvik from Admincontrol.

Read customer story →

– The collective benefit is significant to us

Chief information security officer (CISO) Vigleik Hustadnes at energy and communications company Tussa, says that employee awareness is an important focus area for their security work, and that Secure Practice is a good fit here.

Read customer story →

Human security sensors ebook cover

Want to get started?

We have written a guide for you to get started with human-centered security. Access our free resource now, and learn:

  • How to nurture drivers for employee engagement
  • How to avoid common obstacles for reporting
  • Practical examples and steps to get started

Download free PDF →