Course 4202: Fraud Awareness and Cyber Security Workshop (3 days)

Transcription

1 Course introduction It is vital to ensure that your business is protected against the threats of fraud and cyber crime and that operational risk processes are in place. This three-day course provides an in-depth examination of fraud and cyber security. The workshop will provide an overview of the threat landscape and the importance of combatting these threats. We will outline the different vectors of fraud, cyber security and social engineering (where malicious individuals use deception or impersonation to gain access to sensitive information, financial or physical resources, e.g. through phishing s). The course will unpick these concepts and using real-world case studies, help delegates understand the rise in these threats and what it means for organisations. We will run interactive table top exercises to educate delegates in how fraud and cyber attacks are carried out and identified, and steps that should be taken to minimise damage and prevent attacks in future. As part of this immersive workshop, delegates will take away essential advice on how to help combat the threats discussed which can be implemented within the work place. The workshop will explore: Fraud Awareness Whether it be the management of projects, implementing changes, or going to market with new or enhanced products; you need to ensure your business (be it large or small) has the appropriate knowledge and skills to support, manage and implement these with the least impact and risk to your business. At the same time, you need to ensure your business is protected from the insider threat (employee fraud). This module will explore these areas and provide you with useful tools to implement into your business. Cyber Security Cyber security is a crucial issue for all organisations. Information is the lifeblood of an organisation and as we share and store more information online, and as more of our systems rely on the Internet to run, the need to understand cyber security threats and how to mitigate against them becomes ever more important. Criminals target enterprises in all sectors and of all sizes, taking advantage of weaknesses in people, processes and technology. Motivations for these attacks vary from financial to political and the threat is internal as well as external, accidental as well as malicious. Experts now agree that it is not a case of if your organisation will be attacked, but when. With public awareness and interest in cyber security higher than ever, the reputational and financial implications of failing to detect or respond to a cyber attack are incredibly costly. Printed from on 2 Jul 2016 Page 1 of 5

2 Social Engineering (deception or impersonation to gain access to sensitive information) Social engineering is a significant problem for businesses today. Because computer security is becoming more sophisticated, hackers are increasingly combining their technical expertise with social engineering skills as a means of getting what they want. Your business is only as secure as the people in it. Even where physical and technical information security controls have been implemented, employees can compromise security. Staff are the weakest link in any security programme and may fall for phishing s, bogus telephone calls or even allow physical intrusions. This module will help equip participants with the skills to identify and deal with social engineering attempts. Topics Fraud Awareness Event horizon planning and scanning exploring the benefits; what does the threat landscape look like? Managing a fraud incident and implementing lessons learned; Combatting fraud risk problems; Are your products or businesses robust against the threat of fraud? Defining your product roadmaps and technology enhancements in the fraud prevention arena; Are your employees aware of the threats posed by fraudsters either targeting your business or individuals personally? Fraud awareness and the insider threat ; Interactive session identifying vulnerabilities, weaknesses and enablers that facilitate fraud an interactive session whereby delegates can look at areas of weakness and vulnerability; Training for Employees from senior to junior level: What does a good fraud awareness training matrix look like; Who should have what sort of training; Cyber Security An exploration of the cyber security threats, including which are most current and a look to the future The information most at risk in organisations The implications of a cyber attack or data breach on individuals and organisations, including real world case studies The most important steps to make your organisation more secure How to plan for cyber attacks and put in place measures to have the most effective and efficient response Printed from on 2 Jul 2016 Page 2 of 5

3 Where to get more information and support Social Engineering Overview of social engineering How social engineering works Different types of social engineering (phishing, vishing, physical, etc.) Understanding what information is valuable to a social engineer How social engineers elicit information Indicators that you may be experiencing a social engineering attack What to do when a social engineering attack takes place Defence against social engineering Teaching method Live group instruction in a workshop format Extensive use of cyber security attacks to illustrate who commits fraud and cyber attacks, how they are committed, and how they are discovered High level of attention to individual participants Interactive participation is encouraged All participants receive a comprehensive binder containing copies of the presentation slides, handouts and other course materials. Prerequisites No advance preparation is required for this course. Course benefits Increased awareness of the fraud and cyber security landscape, including social engineering. A better understanding of how to identify when cyber and/or social engineering attacks are taking place and what to do when under attack. Participants will return to their workplace confident in the knowledge that they are better prepared to counter attempted attacks, and know how to respond to such attempts. Printed from on 2 Jul 2016 Page 3 of 5

4 Who should attend? Anyone with an interest in learning how to protect themselves or their organisation against fraud, cyber security and social engineering attacks. CPE / CPD Accreditation NASBA IASeminars is registered with the US National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: Field of study: Accounting ICAEW Partner in Learning IASeminars is proud to have been named as an ICAEW Partner in Learning, working together to offer the ICAEW IFRS Certificate to our clients worldwide. ICAEW (The Institute of Chartered Accountants in England and Wales) is a world leading professional membership organisation that promotes, develops and supports over 145,000 chartered accountants worldwide. CPE certificates obtained from attending IASeminars courses are an ideal way for ICAEW members and others to demonstrate their continuing professional development, provided that the topic is relevant to their learning and development needs. New York State Board of Public Accountancy IASeminars is registered with the New York State Board of Public Accountancy as a CPE sponsor. Our CPE Sponsor ID is: This registration does not constitute an endorsement by the Board as to the quality of our CPE Program. Texas State Board of Public Accountancy IASeminars is registered with the Texas State Board of Public Accountancy as a CPE sponsor. Our CPE Sponsor ID is: This registration does not constitute an endorsement by the Board as to the quality of our CPE Program. In House To bring this course in-house please contact us and we will be pleased to assist Printed from on 2 Jul 2016 Page 4 of 5

5 Printed from on 2 Jul 2016 Page 5 of 5