Course description
Solutions to Building a Positive Cyber Risk Culture and Management
The cost of Cyber Crime to the UK was estimated at £27 billion by the cabinet office in 2011. In 2012 one London based business lost £800 million alone. One SME lost £1million in one month and nearly closed due to the losses. Proposed fines of £183 and £99 million have been made by the Information Commissioner’s Office. Whilst these figures are headline grabbing and can be open to interpretation, it can be seen that Cyber Crime and fines for Cyber Breaches are a significant risk to any business.
Cyber Security is often portrayed as complicated and difficult. This course demystifies Cyber Security as a business risk to be managed and how to build a culture that understands and addresses the threats to their information from cyber attack. This two day course will provide you with comprehensive and practical tools to apply in your day to day role as a specialist across cyber risk.
Without a strong Cyber Security Culture, management of Cyber Risk will be challenging.
Do you work at this organisation and want to update this page?
Is there out-of-date information about your organisation or courses published here? Fill out this form to get in touch with us.
Suitability - Who should attend?
- Chief Risk Officers
- Chief Information Security Officers
- Any cyber security or cyber risk professionals who protect company information
Training Course Content
Day 1: Cyber Culture
- Introduction to Cyber Risk
- Ownership of Cyber Risk
- Measuring Cyber Risk Culture
- Barriers to an outstanding cyber risk culture
- Engaging at every level
- No blame, no shame
- Reporting Cyber Issues – are you prepared for the unintentional consequences
- Workshop – Cyber engagement programs
Case Studies and Breakout sessions
Day 2: Cyber Risk Management
- Defining your risk appetite with the business
- Cyber risk frameworks – aligning with corporate risk framework
- Workshop – creating a cyber risk framework that works for you
- Identifying cyber risk
- People – Social engineering (phishing etc.), Insider threat
- Process – Supply chain, weak processes
- Technological - vulnerability scanning, choice of equipment
- Managing Risk – Options to address (Mitigate, Accept, Transfer or Insure)
- Cyber Risk Essentials – from basic cyber hygiene to certified security
- Ensuring the effectiveness of your cyber risk framework
- Governance and reporting
Case Studies and Breakout sessions