Center for Information Security Awareness (CFISA)

The Center for Information Security Awareness (CFISA) provides cybersecurity awareness training programs that help organizations educate employees, reduce human risk, and build a more security-conscious workforce. CFISA serves businesses, government agencies, academic institutions, healthcare organizations, tribal governments, and other organizations that need practical training on phishing, social engineering, email fraud, data protection, privacy, compliance, and everyday cybersecurity behavior.

CFISA was founded in 2007 by Michael Levin, a former U.S. Secret Service Agent and former Deputy Director of the National Cyber Security Division of the Department of Homeland Security. Michael’s career includes more than 30 years in public service, law enforcement, cybercrime investigation, and cybersecurity leadership.

That real-world experience shapes CFISA’s training approach. Rather than offering generic cybersecurity content, CFISA focuses on practical lessons that employees can understand and apply in the workplace. The goal is to make cybersecurity awareness relevant, memorable, and actionable for people at every level of an organization.

CFISA offers a range of training options, including online security awareness training, HIPAA compliance training, PCI DSS training, live webinar training, and in-person cybersecurity training. Its programs are designed to help organizations address common cyber risks while supporting internal compliance, employee education, and risk reduction goals.

Course topics cover many of the threats employees encounter every day, including phishing attacks, password security, email threats, ransomware, social engineering, data handling, privacy, mobile device security, remote work risks, and emerging cyber threats that continue to affect organizations of all sizes.

One of CFISA’s key differentiators is its expert-led approach. Michael Levin brings decades of firsthand experience investigating cybercrime and helping organizations understand the human side of cybersecurity. His background allows CFISA to connect technical risks with real-world examples, making the training more engaging and more useful for employees who may not have a technical background.

CFISA also offers live training options for organizations that want a more personal and interactive experience than a standard online course can provide. These sessions allow employees to ask questions, discuss real-world scenarios, and gain a deeper understanding of cybersecurity best practices.

Organizations choose CFISA when they need cybersecurity training that is credible, flexible, and easy to deploy. Whether the need is annual employee security awareness training, HIPAA-focused education, PCI awareness training, public sector cybersecurity training, or live sessions led by an experienced cybersecurity professional, CFISA provides practical programs built around real threats and real workplace behavior.

The company’s mission is to help organizations strengthen their first line of defense by giving employees the knowledge and confidence to recognize cyber threats, protect sensitive information, and respond appropriately when something suspicious occurs.