Information security for management

Lifelong learning for working professionals

Course Summary

Information is today’s most valuable asset, and many companies handle large amounts of business-critical information. Customer records, codes, supplier services and company-unique expertise are examples of assets that often need to be protected. As digitization increases, so does the threat landscape – attackers can now attack your business from halfway around the world. But the biggest threat is often closer than that. In most successful cyberattacks, the human factor is the crucial weakness.

This training focuses on how the people and organizations behind the technology act and the decisions we make in our workplace. It looks at leadership issues such as management’s failure to address security issues and their challenges in making decisions based on value conflicts between security requirements and business needs. From the employees’ perspective, it’s about the human habit of choosing the easiest path for a work task, like reusing passwords or not daring to question a stranger in the workplace.

Course Objective

The information security training will provide participants with a comprehensive view of the field of information security, its challenges and strengths. Participants will gain insight into how to work with information security, how to identify and manage risks, be able to recognize weaknesses and strengths in the culture, and gain insight into working before, during and after a successful attack.

Target Audience

The course is aimed at IT managers and project managers, product owners and developers.

Prerequisites

No prior knowledge required.

Certification

This course has no certification.

Trainer

The course leader for this course is Devies Cybersecurity.

Course Details

Basics of information security

What is information security

Protecting information and assets
Impact on business development
Information security management system

Why information security should be applied

Information is today’s gold
Increase security and competitiveness (reliable)
Opportunity for efficiency in compliance

Managing information security

Activities of the GRC
Managing sensitive information

Results of the security work

Safety culture

What is safety culture

How a culture works and its concepts
Management commitment and willingness
Business conditions and needs

The importance of safety culture

Building blocks for organizational security
Relationship between MTO
Strengthening communication skills

Building a strong safety culture

The role of leadership
Employee attitudes

Training measures meet the needs of the business

Risk management

What is risk management

What are risk management and processes
Common terms and risk description
Responsibilities and roles

Why is risk management important

The importance of risks for safety work
Compliance and survival
Proactivity and awareness

How does the organization manage risks

Managing risks in the organization
Designing and managing the risk process

Monitor risks continuously

Approaches and incident response

What is an attack

External events, real examples
Common organizational vulnerabilities
Threat actors and approaches

Internal and external threats

Why attacks happen (motivations and goals)

How to deal with attacks

Incident management (before-during-after)
Proactive measures
Teams and roles (IRT, management, IM)

Course Overview

1 day

Basic

Can’t find a (suitable) date, but are interested in the course? Send in an expression of interest and we will do what we can to find a suitable opportunity.

Customized Courses

The course can be adapted from several perspectives:

Content and focus area
Extent and scope
Delivery approach

In interaction with the course leader, we ensure that the course meets your needs.