Management  Awareness Training

Who should attend?

This 3 days training is an enterprise business management & Security  awareness program for those who want to secure their organization from unwanted attacks.  

Information Security Fundamentals
  • Role of Information Security in Today’s Era
  • Importance of Information Security in Business
  • Basic Terminologies
  • CIA Triad Corporate trade
  • Case Studies of Recent Hacks
Hacking Phases & Countermeasures
  • Reconnaissance
  • Scanning
  • Gaining Access
  • Privilege Escalation
  • Maintaining Access
  • Clearing Tracks
  • Setting Backdoors
  • Social Engineering & Techniques
  • Phishing
  • SMShing
  • Dumpster Diving
  • Shoulder Surfing
  • Disgruntled Employees
  • Identity Theft
  • Credential harvesting / Password guessing
  • Preventive measures
Malware Essentials
  • Malware, Ransomware & Key-loggers
  • What is malware
  • Types of malware
  • What is ransomware
  • What are key-loggers
  • Fly-by-downloaders
  • Droppers
  • Advance Persistent Threats
  • Preventive Measures
  • Patch management
  • AV updates
  • Back-up
Risk Management & Incident Response
  • Consequences of Failing to Manage Risk
  • Data / Asset Classification
  • Risk Assessment Methodology
  • Risk Mitigation / Treatment
  • Residual Risks
  • Risk Controls
  • Incident Handling Process
  • Objectives of Incident Response
  • Incident Handling Process
  • Knowledge of events & incidents
  • Types of incidents
  • Roles & responsibilities
  • Defined Contact List
  • Breach Response Strategy
Governance, Risk & Compliance
  • Incident response & Business Continuity Management (BCM)
  • Objectives of BCM
  • Need for Contingency Planning
  • BCM V/s DR
  • Overview of ISO 22301
  • BCM Cycle
  • Compliance to Corp ISMS
  • Overview of ISO 27001 Clauses & Controls
  • Compliance to GDPR
  • What is Data Protection
  • Difference between PII & Personal Data
  • GDPR Awareness
Information Security Best practices
  • Password guidelines
  • Internet usage
  • Email usage
  • Email etiquettes
  • Identifying phishing emails
  • Dealing with offensive emails
  • 2-Factor / Multi-factor authentication
  • Mobile device security threats & prevention
  • Portable device / media security threats & prevention
  • Clear desk
  • Handling / Disposal of sensitive data (print/digital)
  • Data classification & labelling
  • Storage – encryption / hashing
  • Disposal
  • Physical Security
  • Access controls
  • Visitor management Security Best Practices
  • Password guidelines
  • Internet usage
  • Email usage
  • Email etiquette
  • Identifying phishing emails
  • Dealing with offensive emails
  • 2-Factor / Multi-factor authentication
  • Mobile device security threats & prevention
  • Portable device / media security threats & prevention
  • Clear desk
  • Handling / Disposal of sensitive data (print/digital)
  • Data classification & labeling
  • Storage – encryption / hashing
  • Disposal
  • Physical Security
  • Access controls
  • Visitor management