Cyber security as a field is still developing at a rapid pace, with more information being discovered as time goes on. However, it is rested upon the more mature field of Information Security and there are frameworks and standards available to assist in protection provision.
Our 2 day training course aims to provide managers and directors a strong comprehensive knowledge of the current state of the industry; types of threats facing every corporate, understanding of how efficient information governance can safeguard your data, and terminology needed to engage with CISOs, CSOs, security directors, security architects, legal team, auditors, insurers and procurement teams.
By the end of this programme, you will have a holistic understanding of the subject matter and be comfortable to discuss confidently with your team and to authorise well informed-decisions.
Objectives of the Programme: The programme aims to help participants sharpen the decision-making skills required for effective leadership. The main objectives of this short course would be to help the participants to:
:: understand the nature of leadership in a dynamic environment
:: look into new perspectives on institutional leadership
:: Gain the knowledge, understanding and skills to improve their own institutional performance.
:: Develop appropriate methodologies to manage “change” in both national and international context.
Learning Outcome
By attending this course, delegates can:
:: Gain a factual, procedural and theoretical understanding of Information Governance, Information
Security and Data Protection Strategies
:: Understand the impact of the forthcoming EU General Data Protection Regulations (GDPR) and
principles and their implications for an information governance policies and practices
:: Identify, select and use appropriate cognitive and practical skills, methods and procedures to
address information governance ‘wicked problems’, e.g. the “right to be forgotten”
:: Design, apply and review strategies to embrace the requirements to address privacy within the
constructs of data protection and data transfer legislation and practices
Programme Contents
1. Identifying information assets – understanding what needs to be protected and why (the information
inventory)
– Application layer (layer 7) inventory visibility and knowledge required
– Addressing Intellectual Property (IP) protection
2. Addressing the top two causes of information loss:
– Hardware errors
– Human failures
– Creating the governance plan – to ensure the right principles and policies are in place to manage
information throughout its lifecycle and ensure staff engagement and involvement
3. Designing the information architecture
– Intrusion vs Breach – today’s “breach detection” is actually intrusion detection – sandboxes etc –
we’re not preventing the breach...
– Prevention vs Detection - Detection is not enough – reviewing Incident Response procedures
– Interpreting the signals – understanding what data is available and what it’s telling you
– Buying the right protection vs improving processes to better protect yourself
– Conducting activity reviews - Account modification, deletion, authentication
– Output metrics vs input metrics – has your network been infiltrated?
4. Establishing howinformation can best be protected (the information strategy)
5. Data Protection Principles
6. Maintaining public trust and respecting personal privacy
7. Information Sharing/Data Transfers – benefits and constraints, protecting intellectual property
8. Data Privacy Impact Assessments (DPIA)
9. Gaining consent, Direct Marketing
10. Data Quality management
11. Data breach management – and links to Security Incident Management
12. Data Protection in the workplace
13. Use of personal data in system testing
14. Criminal Offences and the regulatory body powers to fine
15. Managing cookies
Why should you attend?
There is no end to the learning process. Once a leader says – what is there new for me to learn – his/ her ability to arouse motivation in followers might be that much more limited because a very important parameter would get sidelined – the changing nature of the environment.
Accordingly, at regular intervals, leaders/managers must engage themselves in “contemplation” – through programmes like these.
Who should attend?
Directors and managers who wish to gain a holistic understanding of Cyber Security and Information Governance for practical use and serve as a basis for future tailored training/courses.
Costs:
£600 for each person The Course as A Package covers training, materials, Oxford River cruise tour, and attendance certificate, lunch for two days and concluding dinner and networking event.