Cyber Security Compliance Training
Cybersecurity compliance training is the art (and science) of preventing data from being lost or used in ways that we do not permit or intend and limiting the damage if a breach does occur.
Cybersecurity awareness training is important because it affects everyone, whether we are working in the office or we are on the road. That is why it is critical that employees receive comprehensive information security compliance training.
Despite having dedicated teams that monitor information security, companies rely heavily on employees in the fight against security breaches.
Our Cybersecurity Compliance Training course will help your employees protect your company’s information against loss and teach them how to defend your company against attack.
What Is Cyber Security?
Video: Information Security is the art and science of preventing data from being lost or misused. Types of information that need protecting: risks; natural events; technical failures; human error; hacking; malicious attacks.
Interactive Screen: Types of information: public; internal; confidential; restricted use.
Scenario: Identify the items in a stolen handbag that present an information security risk to the company.
Key Learning: Losing a company tablet and ID card present an information security risk for our company.
Scenario: First action to take to prevent an information security breach.
Key Learning: Actions that will minimize the damage the thieves can do should be taken immediately.
Consequences of a Data Breach
Interactive Screen: Real-life examples of the consequences of a data breach.
Scenario: Clicking on a link in a suspicious email.
Key Learning: Phishing attacks attempt to gain sensitive information by pretending to be from a friendly source. Official sources will never email or text you looking for login or account details.
Scenario: Consequences of installing malware by mistake.
Key Learning: Introducing malware to your network would have huge repercussions. Malware may steal workplace login details and place your company and your clients’ data at risk.
Email and Messaging
Interactive Screen: Staying secure. Taking care when sending emails. Always consider a more secure method. Encryption. Spam. Malware. Risks of text messaging.
Scenario: What action to take when you mistakenly use “Reply All.”
Key Learning: Recognize the risks of restricted data falling into the wrong hands. Take responsibility for the safe dissemination of company information. Understand that you must escalate incidents through the correct channels immediately.
Welcome1 Is Not a Password
Interactive Screen: Protecting your accounts. Strong passwords. Choosing a password. Password management.
Scenario: Identifying IT security red flags.
Key Learning: There are many strategies used for cracking passwords. The most common is “brute force,” a method that checks every combination of letters and common words. Ensure that you use a combination of uppercase and lowercase letters, numbers, and symbols.
Secure Social Media
Video: How do you harness the power of social media? Your social media interactions could impact your reputation. Think before you post!
Interactive Screen: Safe practices when using social media. Conducting business communications. Privacy is not guaranteed. Accuracy of online profiles. Adopting safe practices.
Scenario: Including job details in a LinkedIn profile.
Key Learning: Most people post job titles and employer names in their social media profile. But job descriptions, colleague names, and locations should not be shared without first checking company policy.
Scenario: Social media contact with a journalist.
Key Learning: Engaging with the media regarding company business is dangerous. Always receive advice and authorization before speaking to journalists.
Protect the Workplace
Interactive Screen: Security is everyone’s responsibility. Guidelines on how to keep your equipment and the office secure.
Scenario: Leaving a laptop unlocked.
Key Learning: If you think your device has been breached, the first thing you need to do is contact IT Security. It takes just a minute for your computer to be breached. You must never leave your computer unlocked and unattended.
Scenario: Keeping the workplace secure.
Key Learning: Vary your routine, ensure the screen is locked when you leave your computer, use secure passwords, and be aware of your surroundings when entering through the security doors.
Secure Out of the Office
Interactive Screen: Working remotely. Loss and theft. Data breaches. Malware threats. Storing devices and data.
Scenario: Getting online when traveling.
Key Learning: Connecting by Ethernet from a hotel room allows you to use your company laptop more securely, and using the VPN software should ensure the security of the connection. Don’t take chances though.
Scenario: Sending an important document when on the road.
Key Learning: The ideal solution is to transfer files over a secure VPN connection. If you must use email, ensure that any confidential information is properly encrypted.
Social Engineering & Cybercrimes
Interactive Screen: Email threats. Scams and manipulation. Cybercriminals. Social engineering.
Interactive Screen: Types of deception; physical, virtual, baiting, quid pro quo, watering hole attacks. Best practices for staying secure.
Scenario: Fake charity site.
Key Learning: It’s important to verify sites to avoid malware. Often, real charity events are referenced; therefore, research on the donation site should be conducted thoroughly.
Scenario: Consequences of entering credit card details on a professionally cloned site.
Key Learning: Professional cloning of websites is known as pharming and is often used in conjunction with phishing.
Cyber Security Compliance Training – Information Security Compliance Training
Information is at risk from natural events and technical failures, but also through human error and carelessness. Crucially, information is also at risk from hacking and other malicious attacks.
For example, phishing attacks attempt to gain sensitive information by pretending to be from a friendly source. Our Information Security compliance training course will guide learners in what to do if they suspect phishing, spear-phishing, or a malicious attack.
Email is a tool we rely on every single day, but it’s also one of the biggest risks to information security. Our compliance training guides employees on considering whether or not email is their best option before sharing digital information.
We interact with hundreds of people every day on our personal social media platforms – sometimes thousands! With all this social media traffic, it’s easy to forget that what we say on our personal profile could have an unforeseen impact on our personal reputation and the reputation of our organization.
Secure social media is an essential component of our Information Security compliance training.
More employees work away from the office now than ever before. Today’s technology allows employees to work virtually anywhere. But with greater mobility comes greater risk.
Companies rely on their employees to keep information safe, so it is essential that employees are appropriately trained.