Cyber security education
Many factors have influenced the transition from the well known information security to the uncertain cyber security era. Briefly, cyber security can be linked to the most recent security challenges and broadest endeavors to protect individuals and organizations from intentional attacks, incursions, incidents and possible consequences.
It is very important to follow up-to-date survival guides and provide critical education for your organization, security professionals and privileged users. In our offer, cyber security education is organized in several cycles:
- Cybersecurity basics
Recent updates on Cybersecurity status, actual requirements in European/global regulations and control practice in public institutions and banks in our country.
This workshop is interesting for the widest group of audit, risk and control specialists.
- Cybersecurity basics (and why it is so important, why regulators was given extraordinary preasure),
- Cybersecurity Status Report (ISACA Report and some local examples)
- Examples of regulatory requirements and reporting (ENISA, NIST) and regional use of ISACA and ISO27001 controls
- Cybersecurity risks workshop
Assessing the risks of cyber security and examples of using the assessment tool
This workshop is interesting for a group of IT auditors, security and control specialists.
- Security risk assessment and use/adoption of cyber security frameworks - examples and values from NIST, ENISA and COBIT methodologies
- Choice of relevant controls and risk appetites appropriate for your organization
- Application of SARP, FFIEC CAT, NIST for small organizations, our experiences, comparative overview and use examples.
We offer the option of choosing abovemetioned workshops or options appropriate for your business requirements.
Education focuses on the current regulator requirements (ECB, local laws) in terms of cyber security and the requirements of the SWIFT/PCI DSS and other interested parties.
Brief overview of the references that are included in the workshops is provided below:
- ISACA Cybersecurity status report January 2017
- Consultation Paper on the Guidelines on Major Incidents Reporting under PSD2 (EBA-CP-2016-23)
- ENISA Annex II - Risk Assessment Spreadsheet Examples
- European-Cybersecurity-Implementation-Risk-Guidance August 2014
- NIST - commercial-facilities-framework-implementation-guide-2015-508
- NIST based cyber security checklist
- SARP - 2009-05-10 Beta 1.8
- SWIFT_infopaper_mitigating_fraud_risk_through_strengthened_payment_operations Process
- Best practices for conducting a Cyber Risk Assessment _ 2015-10
- Cybersecurity-Fundamentals - Study Guide - ISACA 2016
Members of our project team are experienced engineers and consultants with practical experience in cyber security risk / frameworks / implementation / education.