Executive Cyber Security Training. One Day Training Course

Transcription

1 Executive Cyber Security Training One Day Training Course

2 INTRODUCING EXECUTIVE CYBER SECURITY TRAINING So what is all this we hear in the media about cyber threats? How can an organization understand and manage the associated threats and relevant risks? The first step for an organization is to understand the landscape. They need to understand the motivations and mechanics behind the threats. It is also imperative for every organization to augment their current risk management program to deal with the specific nuances of cyber threats. This one day intensive course specifically developed for those with this responsibility will fast track delegates to an appropriate level of understanding of what is real and what is hype. Understanding the various vectors of threats, being able to identify risks, the consequences and likelihood of particular instances will greatly assist organizations in developing their risk treatments and applying the relevant controls. Ideal for those working in IT, Risk or Senior Management the syllabus has been developed and will be delivered by one of the world s leading cyber threat experts. Although the subject matter is often of a technical nature every effort is made to keep this a non technical training event. Technical terms and definitions are explained throughout the syllabus and delegates will leave with a realistic understanding of the cyber threat landscape. WHAT WILL I LEARN? You will learn to understand the landscape of cyber threats. The different types and motivational factors behind such incidents. Delegates will be armed with the knowledge on how to identify such risks within their organization and understand why they may become a Cyber Target. A review of the comprehensive one day syllabus will show how thoroughly this subject will be covered and how valuable the lessons learned will be to participants. Cost Consequence 2 P a g e w w w. p a u l c d w y e r. c o m

3 WHAT IS THE COURSE STRUCTURE? This intensive, fast paced course covers a comprehensive syllabus in an as non technical fashion as possible. COURSE OUTLINE Day One Executive Cyber Security Training What are Cyber Threats? What is Cybercrime? The Cybercrime Threat o Examples o Characteristics o Categories o Statistics o Traditional o Sector Specific o Grouping Threats Cybercrime and Cyberwar o Cyberwar o Cyberterrorism o Cyber Espionage o The Links What s Driving the Cybercrime Economy o The Vulnerability Business o Hactivisim o Financial Gain o Information Gain o The Recession Computer Misuse Legislation o Ireland o UK o US o Europe o Global o European Convention On Cyber Crime o Directors Liability o Developments and Trends in Legislation Law Enforcement o International Projects Crimeware o Phishing o Trojan o Crimeware Toolkits o Crimeware Features o Other Threats Attack Vectors Overview o Phishing Development o Fast Flux Phishing & Pharming o Evolution of Techniques o Categories of Trojans o Form Grabbing o Keystroke Loggers o Direct Attacks o Screen Scraping o Loaders & Backdoors o Rootkits o Database Timing Attacks o Laptop theft o Advanced Persistent Threats - APT o Pump & Dump o DDoS o Combination Attacks o Non Technical Deep Dive on DDoS o Overview of Botnets 3 P a g e w w w. p a u l c d w y e r. c o m

4 o International Crime Networks Progression of Cybercrime o From a Macro Level o Cybercrime Syndicates o Key Targets Financial Institutions o From Bang to Flash The Economic Model of Cybercrime o Meet the Actors o How Does it All Gel? o Cashing Out Factors o Buying & Selling Information on the Black Stock Market o Moving Money o Carding and Forums o Notable Carders o Price Lists o Factors the Drive Price o Money Mule Operations o Evolution of Techniques o o o Motivation behind DDoS Attacks Main types of DDoS Attacks Mitigation Strategies The Threat to Our Way of Life o Critical National Infrastructure o Cyberwarfare o Espionage & Economic War Counter Intelligence The Human Element Trends & Evolution The Future Management Strategy WHO SHOULD ATTEND? Anyone with responsibility for risk or cyber related risks within an organization. CxO s Risk Professionals IT Professionals Security Professionals Senior managers who are responsible for managing risk and/or embedding effective systems of corporate governance. Chief executives and heads of departments who require a better understanding of cyber risk management and the role it should play within their organizations. Insurance managers, brokers, safety practitioners, auditors, project managers, accountants, solicitors and consultants who are increasingly finding cyber risk management is forming part of their remit or are expected to have an understanding of the subject. WHAT ARE THE BENEFITS? This comprehensive intense course provides transferable knowledge across any sector and lessons can be immediately applied. Understanding the landscape and being able to identify risks will assist in the development of a cyber risk management program. 4 P a g e w w w. p a u l c d w y e r. c o m

5 WHERE CAN I TAKE THE COURSE? The course is taught throughout Ireland, UK, USA, Middle East and in various other international locations through our partner network. HOW MUCH DOES IT COST AND HOW DO I REGISTER? All course fees, dates and online booking can be found on 5 P a g e w w w. p a u l c d w y e r. c o m

6 INSTRUCTOR BIOGRAPHY Paul C Dwyer is an internationally recognized information security expert with over two decades experience. A certified industry professional by the International Information Systems Security Certification Consortium (ISC2) and the Information System Audit & Control Association (ISACA) and recently selected for the IT Governance Expert Panel. Paul is the Chairman of NACSRO (National Association of Chief Security & Risk Officers), founder of The Irish Cyber Crime Task Force and Chief Advisor to the International Cyber Threat Task Force (ICTTF). Paul's credentials include: -Qualified Hacker -SOX (SAS70) Auditor -ISO Lead Auditor -BS25999 / BCM Expert -Forensic Investigator -PCI DSS Specialist -Prince2 -ISO Originally a network guru, Paul s career developed from IT Manager of a large legal firm to senior designer of the network operation centre s for EuroControl (Air Traffic) in Luxembourg and communication hubs for Chevron Oil in Kazakhstan and Moscow. He has worked and trained with such organizations as the US Secret Service, Scotland Yard, FBI, National Counter Terrorism Security Office (MI5), is approved by the National Crime Faculty and is a member of the High Tech Crime Network (HTCN). He has worked in across many sectors including: -Government Public Sector -Telecommunications -Pharmaceuticals -Financial 6 P a g e w w w. p a u l c d w y e r. c o m

7 Specialties -Cyber Crime & Cyber Warfare -IT GRC -Information & ICT Security -PCI Compliance -Financial Crime - Anti Fraud -Application Controls & Log Management -Business Continuity, Disaster Recovery & Incident Handling -Data Protection Legislation (International) -Digital Forensics & Investigations -Holistic Information Security Integration (ISMS) -Security Metrics & Analytics -Risk Assessments -SOX & 3rd Party Audits -Compliance Automation -Prince2 - Project Management A prolific contributor to the industry media and highly experienced public speaker, Paul acts an advisor to government bodies, law enforcement and fortune 500 companies around the globe. Paul was recently appointed as an advisor to NATO for a project dealing with military policy in relation to countering hybrid threats 7 P a g e w w w. p a u l c d w y e r. c o m

8 MORE INFO 8 P a g e w w w. p a u l c d w y e r. c o m