When data is encrypted to deter hackers, it is not easy to understand the information without decrypting the data, which can only be done with the private key. The General Data Protection Regulation also requires the company to protect sensitive information such as customer data, personal data, etc. The use of human psychology to obtain sensitive information from people is called social engineering. Under this term, there are many methods used by hackers to get important information such as system passwords, bank account details, ATM PINs, etc. This is done for ransom, either directly or indirectly by selling the stolen data. Cybercriminals are becoming more sophisticated and often find new and better ways to find vulnerabilities and loopholes to exploit to gain access to credentials, data and money. As new threats emerge, it's important to let employees know about them as they occur; don't wait for annual refresher training to promote cybersecurity awareness. The integration of threat simulation and e-learning training received the highest score. Based on this result, the prototype will be created to evaluate and improve cybersecurity awareness. Fifty users were randomly selected to express their attitudes and opinions about the prototype after using it. The result of the acceptance test is used to improve the prototype, and the final version of the prototype is shown in Figure 2. The closed network in the office environment can easily be more secure than the open network in individual homes. However, in remote work, data is exchanged over an open network, which is a great opportunity for hackers to steal business information. This is important in global organizations where employees speak multiple languages and have different ethnic and cultural backgrounds. To meet these diverse needs, cybersecurity training content must be clear, engaging, and embedded in a cultural context that every employee can relate to. Otherwise, poorly translated text or the wrong cultural signal can reflect poorly on your organization and result in weak cybersecurity awareness. In recent years, many organizations have adopted multi-factor authentication to protect their online and offline networks. In addition to traditional passwords, other authentication methods such as one-time passwords, verification codes, etc. are also used to protect websites and networks. For example, it is widely used in bank accounts where users are asked to enter the password and OTP sent to the registered mobile number or email address. This ensures that even if a hacker learns…