This comprehensive one-day course will help you to understand the complex cyber security environment in your organisation and implement straightforward policies and procedures to reduce the likelihood of a damaging cyber-attack. The content is aimed at non-technical staff and no prior understanding is required. 

​

The course can be tailored to your industry and organisational requirements. Training specifically tailored to senior management teams can also be provided.

​

Introduction

​

• Profit and politics: understanding cyberattacks

• Understanding the scope of the problem: case studies

• Technical, social engineering and hybrid attacks

• Generative AI risks

​

Recognising and Responding to Social Engineering Attacks

​

• Characteristics of a social engineering attack

• Phishing, smishing and baiting

• Quid pro quo

• Pretexting

• Whaling and honeytraps

• Tailgating

• Recognising social engineering attacks using real-life examples

 

Understanding Technical Attacks

​

• Denial of service attacks

• Ransomware and wiper attacks

• Virus and worm infections

• Spyware

 

Managing Prevention and Awareness

​

• Whitelisting and allow-lists

• Password hygiene

• Personal IT equipment rules

• Email access management

• Managing contractors and temporary staff

• Managing insider threats

• Insurance options

 

Implementing a Cybersecurity Framework

​

• Training and awareness programmes

• Cybersecurity champions and the role of IT

• Audits and penetration testing

​

​

​

​

​

​