Program Overview
In 2017, for the first time, cybercrime hit mainstream news in a significant way. The impact of WannaCry, to name one major attack, resulting in 20,000+ cancelled medical appointments and 600+ GP surgeries going back to pen and paper, brought home the critical need for sound cybersecurity risk management.
Developing an effective cybersecurity risk management revolves around understanding the overall environment, what steps are required, and most importantly, a clearly defined plan of action, both at a corporate and individual levels.
This masterclass is designed to provide an understanding of the nature and impact of cybersecurity risks, provide an overview of the regulatory environment and upcoming changes and identify the essential elements of a cybersecurity roadmap for an organizational unit. Additionally, the masterclass includes a number of scenarios and exercises where participants will work on developing elements of a cybersecurity strategy for their teams and perform practical exercises designed to make them better at identifying threats and managing them on an individual level.
Learning Outcomes
Upon completion of this program, participants will:
- Understand modern-day cybersecurity risks, their nature and impact
- Have a strong insight into the legal and regulatory environment, as related specifically to cybersecurity, such as General Data Protection Regulation (GDPR), Notifiable Data Breaches (NDB) and other country-specific legislation
- Recognise about attack surfaces and attack vectors and the approaches, such as phishing and social engineering, cybercriminals use
- Know how to apply in practice individual protection measures, such as 2-factor authentication, phishing detection and prevention, strong and easy password selection
- Understand the key success factors in managing cybercrime risk and develop an effective risk management approach for organizational units and individuals
Intended Audience
- Board Directors
- Chief Financial Officers
- Chief Operating Officers
- Finance Professionals
- Government Regulators
- Audit and Risk Professionals
- Insurance Professionals
- HR Directors
- Customer Service Managers
- Chief Data Officers
- Governance Professionals
- Marketing Professionals
- HR Professionals
- Logistics Professionals
Program Level and Pre-requisites for Attending
Foundation level, no pre-requisites
Program Duration
2 days
Number of Attendees
Maximum 17 attendees
Training Methodology
A distinguishing feature of this course is its practical aspect. At the end of each module there is a practical exercise designed to reinforce the concepts of the module and to give participants a chance to “get their hands dirty”. The exercises are either scenarios where participants work in groups or individual tasks executed within a software package.
Program Outline
- Imperatives for Cybersecurity Risk Management
- Overview
- Impact on Society, Government and Enterprises
- Emerging Threats
- The Main Target
- Scenario work
- Cybersecurity-related Regulatory Environment
- World-wide Overview
- ASEAN and country-specific Overview
- Applicable legislation – GDPR, NDB, PDPA, etc.
- Cybersecurity frameworks for Specific Industries
- Scenario work
- Essential Elements of Effective Cybersecurity Strategy
- Governance, risk and compliance management
- Threat, vulnerability and response management
- Scenario work
- Automation in Cybersecurity Risk Management
- Artificial Intelligence and Big Data
- Intrusion Detection
- Security Incident and Event Monitoring
- Cybersecurity Risk Management in the Enterprise
- Recommended stages and activities
- Required resources
- Success factors and pitfalls
- Cyber-risk mitigation – practical advice
- Scenario work
- Cybersecurity Risk Management for Individuals
- Awareness Training
- Improving Personal cyber-resilience
- Exercise – Personal cyber-resilience
- Program Review, Q&A, Comments