Oppenheimer vs Hinton? - Digital Threat Digest
This NCSC-Certified Training is available in a 2-day format or alternatively we can work with you to determine the appropriate message and learning outcomes tailored to your audience – and within a suitable duration that fits around participant availability.
This training can be delivered virtually, at our London or Bristol facilities, or at our clients’ premises; training is typically for group bookings only.
Aim
By the end of this training, you will be better informed of the potential business risks associated with cyber security. You will be able to determine what you are trying to protect, who are you protecting it from, and what measures are available to protect and adequately prepare your organisation. If you don’t know where to begin in your strategy, this training will provide you with the knowledge to start it.
Audience
Professionals who may or may not have an information security background, but who have the opportunity to make decisions and determine investment in appropriate security measures. Example roles might include:
- Senior management from public, commercial and corporate sector organisations.
- Small-Medium sized business owners.
- C-level professionals, particularly CISO, CIO, CSO or CRO.
- Head/Director of IT or Security.
- Risk or Compliance Managers.
- Department or Team Leads.
Learning Outcomes
- Gain insight to the cyber threat landscape and real-world consequences of ignoring organisational cyber security risk.
- Learn how to explain to executives the importance of cyber security in an organisation.
- Translate how real-world hacking case studies or data breaches relate to an organisation’s current cyber security measures and the potential consequences.
- Demystify cyber security industry jargon and associated media hype – including understanding what malware is and what it’s capable of.
- Understand why organisational behaviour must adopt proportionate but effective cyber security practices.
- Discover the methodologies an attacker might adopt to breach an organisation’s security to expand its access.
- Identify measures to secure your organisation’s digital footprint including risks associated with user information sharing via social media.
- Demonstrate an ability to promote the message of the necessary safe and responsible use of information technology and handling of corporate intellectual property.
Prerequisites
- Knowledge of business practices within your organisation, your organisation’s risk management processes and any IT user security policies.
- For virtual/remote training a good internet connection/sufficient bandwidth is required, with full audio and video capability.
Syllabus
This training can be tailored to an industry, or for a defined audience with various durations. Example topics include:
- Definitions – Cybersecurity and Information Security
What are you trying to protect?
- Personal Data and Data Protection
Who are we protecting it from?
- Actors and Motivation – Attack Profiling
Why do they attack?
- Proportionality of Attack
- Cyber Threat Methodology
- Open Source Intelligence (OSINT)
- Social Engineering
- Common Attack Techniques
- APTs / Cyber Criminals
- State Threats
- Social Media
- Phone Tracking, Geotags and Location Data
- Data Leakage (Wi-Fi and GPS)
- The Deep Web
- Cryptocurrency
- Supply Chain Threats
How can we protect ourselves?
- Passwords and Passphrases
- Patching and Updating
- Maintaining Awareness
- Privileged Account Management
- Managing your Digital Footprint
How can we be prepared?
- Business Continuity, Disaster Recovery and Incident Response
- Risk Management
- Cyber Leadership