Cyber Security for Non-Technical Personnel
25th January 2021 - 28th January 2021
Every week we read about yet another cyber (or more accurately: information) security breach where thousands of
sensitive or confidential records have been stolen. According to a recent study into the cost of data breaches, the average cost of such a breach is US$158 per client/customer record. For health care organizations the cost is a staggering $355, and many health care organisations have been breached two or more times! Considering the huge number of records stolen, the total average cost of a data breach presently works out to around US$4 million, and many organizations, especially small to medium ones, don’t survive. It’s estimated up to 60% go out of business.
Board and senior management of many organizations don’t have a realistic view of these dangers, or how vulnerable their organizations are. For example, 83% of respondents to an information security survey said: “their organization’s valuable assets are covered by video surveillance”. At the same time, a recent US boardroom study found that “over 91% of high vulnerable board members said they couldn’t read a cybersecurity report and are not prepared to handle a major attack”.
This course looks at the business side of information security. It takes delegates through a non-technical journey of
the world of hacking, vulnerabilities, data breaches, etc. It highlights the origins of information security and looks at the many and varied ways in which hackers conduct cyber-attacks on vulnerable organizations & individuals. Most importantly it identifies just who are the main perpetrators, some of whom will surprise.
Delegates will learn how to set up defences against these attacks using SIEM (Security Information and Event
Management) principles, particularly:
• How to use risk management in an information security environment;
• How to set up information security policies for their organization;
• How to set up an Information Security Strategic Plan;
• How to set up Security Incident Response Plan & Team.
The seminar draws on the instructor’s vast experience in the Information Technology field over the last 40 plus years, and particularly in area of Information Security over the last fifteen years. The strategies, tools & techniques outlined during the seminar are based on real-world examples. By the end of the seminar, delegates will be able to take them back to their organization and begin using them to immediately build their defences against cyber attacks.
Who Should Attend
This course is designed for non-technical people who need to understand (or at the very least want to be aware of) the risks and responsibilities of their organisation with respect to information security. In particular, anyone who is responsible for information security compliance or assurance will benefit from attending.
Any manager who has responsibility for managing any part of their organisation that handles information, especially
sensitive or confidential client information, should attend this course. In addition, all IT professionals, regardless of their job function, should attend this course to gain a full appreciation of the dangers of weak or inadequate cyber -security, both from an organizational point of view as well as at an individual level.
The following people will particularly benefit from this course:
• All “C” level executives
• Chief Information Security Officer
• Information / Data Security Officers
• Customer Service Managers
• Product Managers
• Project Managers
• Technical Support / Customer Support Managers
• Business Development Managers, especially those in the following industries:
o Health-related services including Hospitals, Health care providers, Health Care insurance
o Oil & Gas
o Logistics & Transportation
o Government Agencies / Ministries
Key Learning Objectives
• Learn the many and varied types of cyber attacks that can occur in your environment, both at an organizational level as individually
• Understand the costs & effects (sometimes disastrous) that cyber attacks can have on your organisation or you
• Identify where you and your organisation are most vulnerable to cyber attack (you may be surprised) – and how to guard against them
• Learn how to educate senior management and your board in the importance of good information security – the IT
• Guard against cyber-attacks through good risk management – use the standard!
• See how to build a strong information security perimeter to guard your most valuable assets – your personal/customer/client information
• Learn how to think like a hacker and build an effective Information Security Plan
• Recognise the importance of a good Security Incident Response Plan and learn how to prepare one.
• Plan an effective defence against a cyber attack – Monitor, Detect, Analyse, Respond, Resolve & Review