Management Best Practices in Cyber Security & Data Privacy

How do you Reduce Cyber Risk without Increasing the Budget?

We have trained over 100 organizations including:

GCHQ Certified Practitioner & Trainer

Non Technical Training Workshop

FTSE 100 CISO with over 15 years experience

Strategic and Operational, Business Focus

 

Programme Objective

How do you Reduce Cyber Risk without Increasing the Budget?

Criminals are leveraging the connectivity of the Internet and actively engaging in corporate espionage and steal intellectual property, engineering designs, customer sensitive data and other business and financial confidential information.

When it comes to increasing IT and cyber budgets accounting and finance professionals are increasingly being asked to referee and opine on cyber security spending. There is a way to reduce the risk exposure but simply opening the purse strings and increasing the budget is not the solution. For example, a leading international bank, despite spending over $500 Million dollars annually on cyber security, suffered a major data breach.

“Overemphasis on technological (as opposed to management, behavioural and cultural) aspects weakens cyber defensive capabilities.”
Bank of England and FCA - 2015

Cyber Managements Alliance’s one day immersive session will equip attendees with practical knowledge about cyber risk, attacks, their real world effect on brand reputation and the financial impact on business.

  • How to reduce business risk exposure and actually reduce costs while increasing overall security posture.
  • Increasing your security posture on budget and with existing resources.
  • The benefits of aligning with international and UK standards including the UK Government’s Cyber Essentials plus scheme.

 

Are you informed enough to be able to make strategic and operational decisions before and after a data breach?

This course will enable you to prepare a defined and managed approach when responding to a data breach or attack of an information asset. The content is intended for senior management and business executives who wish to gain a better understanding of cyber security and the real threats to their organisation.

This is not a technical course therefore there are no prerequisites. This training is available as a one day internal workshop.

Target Competencies

  • Information Risk Management, policies and standards.
  • Strategies to protect business reputation, brand image and bottom line.
  • Data Breach Response - strategy, planning and management.
  • Basic awareness on cyber and breach regulatory and legal issues.

 

This course is based on Cyber Management Alliance’s CSPE Course. The CSPE course, Amar Singh,  its trainer and Cyber Management Alliance have been awarded the UK Government’s GCHQ Certified training  accreditation or GCT. 

Furthermore, Cyber Management Alliance are approved by APMG the only Certification Body licensed and approved by GHCQ to deliver this scheme.

Intended For

An awareness level program intended for those who would like to gain a better understand of information risk, cyber attacks, and how to protect their businesses against cyber criminals are welcome to attend.

Training Methodology

Interactive and immersive with discussion a highly skilled practitioner.  

Duration: 1 Day

Course Objectives

  • Identify, evaluate and treat cyber-risk and improve their organisation’s security posture and undertake responsive measures to reduce business risk exposure to within risk appetite, with constrained resources and within budget.
  • Explain the key differences between the various types of attacks and discuss mitigating strategies
  • Understand the business benefits of complying with international standards including the UK Government’s Cyber Essentials scheme, NIST and ISO 27001:2013

 New Call-to-action

  New Call-to-action

Modules

Information Risk Management
  • Understand the concepts of and establish an Information Risk Management program (Risk identification, risk assessment and risk treatment, Risk monitor)
  • Understand how to produce and implement an effective Cyber Information Governance Strategy
  • Understand the concepts of cyber resilience, business governance and cyber governance
Information Security Strategy
Information Security Policies
  • Understanding the role of policies in an effective strategy and creating an effective policy framework
  • The CIA principles and their relationship to the information security strategy model
Understanding the international standard in Information Security ISO 27001:2013
  • Building an Information Security Management System (ISMS)
  • IT security policies, procedures and IT security framework
  • Type of controls including procedural, technical, physical
  • Key elements of an effective ISMS
  • Interactive session - learn how to create your own ISMS

    • Understanding the UK Cyber Essentials framework and the NIST frameworks and how to use them in your business strategy
Understanding the Adversary
  • The five types of attackers
  • Understand cyber-attack motives, opportunities and threats.
  • How cyber criminals select and target businesses
  • Business case studies of recent cyber attacks and impact on the businesses
  • The Business Cyber Kill Chain and how it can be used to stop most attacks
  • Practical demo of cyber-attacks
Innovation in Information Security Strategy
  • Review and discuss most current and innovative ways in cyber-security
  • Encourage and adopt innovative methods to secure your business and its employees
Legal & Regulatory Issues Cyber Security & Data Privacy
  • Understand the impact of global regulations in data privacy and how it can impact your business
  • Discuss the relevant case studies in data breach and incident response
  • Discuss how to manage and engage media outlets during and after a breach
The Checklist
  • Creating/ adopting the checklist
  • Incident management checklist
  • Using the check list to beat the hackers!
Public Relations
  • Crisis Comms PlansManagemement
  • Social Media & PR Key Steps
  • PR Case Study
  • Breach notification
Building the Team
  • Stakeholders - Who are they?
  • Legal Considerations, Compliance and Notifications
  • Building an effective & agile stakeholder
  • Third Parties

Programme Facilitator

Amar Singh is a GCHQ Certifed Cyber Security Trainer. Amar has a long history and experience in data privacy and information security training. Amar Singh has served as CISO for various companies, including News International (now News UK), SABMiller, Gala Coral, Euromoney and Elsevier. Amar, amongst various other activities, is a Global Chief Information Security Officer and Trusted Advisor to a number of organisations including a FTSE100 firm and is chair of the ISACA UK Security Advisory Group. Amar also founded the not for profit cyber security service for charities, Give01Day and is an Executive to the Board of the National MBA in Cyber Security.

Amar_Singh_CISO.jpg

Amar has the highest integrity, has been trusted by FTSE100 companies with some of the most sensitive commercial information and has been involved with highly sensitive forensic investigations.

He has the ability to deal with both technically the astute, board-level executives and lead an organisations information security direction. Apart from experience and abilities, Amar holds holds a number of industry recognised certifications, such as the ISO 27001 Certified ISMS Lead Implementer, MoR, CRISC and CISSP certification.

Amar is an industry acknowledged expert and public speaker and is regularly invited to speak and share his insights by some of the largest and most respected organisations in the world including The BBC, The Economist’s Intelligence Unit, The Financial Times, SC Magazine, InfoSec Magazine, Computer Weekly, The Register and the AlJazeera English Channel.

Amar_Media_Logos.jpg

All trademarks, service marks, trade names, product names, service names and logos appearing on the site, or on printed or digital material are the property of their respective owners, including in Cyber Management Alliance Ltd. Any rights not expressly granted herein are reserved.

  • testimonial_img.png
    I found the course to be very interesting. It not the usual bookish theoretical type of course it was quite interactive.
     
    Sanjay Khanna
    CIO, Rak Bank, Dubai
  • testimonial_img.png
    Amar Singh brings a wealth of personal
    experience and knowledge
     
    Hariprasad Chede
    President ISACA UAE
  • testimonial_img.png
    The course was excellent. Not the typical core text book training but giving valuable insights and experiences                             
    Youssef Karroum
    Head of IT, Bank of Sharjah, UAE
  • testimonial_img.png
    This was the most interesting and attractive courses I have ever attended. A lot of inside knowledge was shared.
     
    Saptorshi Datta
    Head of Audit,
    Emirate Global Aluminium, UAE
  • testimonial_img.png

    I wish all Senior Executives attend this course. It’s the most practical course I have ever attended. It teaches you not just how to understand but also how to respond to a Cyber Attack.                       

    K.S.Ramakrishnan

    Chief Risk Officer, Rak Bank, Dubai UAE

  • testimonial_img.png

    The information we learnt provoked plenty of conversation both around personal experiences with the challenges that I face in the business  and also backing up what was said in the course with real life examples.

    Aaron Townsend

    Head of Service Delivery,

    British Medical Journal

  • testimonial_img.png

    The training was very informative and well knowledgable and i would recommend this course to anyone who wishes to explore cyber security even further.

    Frank Manoharan

    IT Director,

    Christ the King Sixth Form Colleges London

  • testimonial_img.png

    It’s been a great two days of learning. We drilled down, we simplified how an incident should be detected and how an incident should be handled. One of the key learnings I have taken is define normal.

    Sanjoy John

    Paramount Computer Services,

    Dubai, UAE

  • testimonial_img.png

    The overall training was good, it was quite informative. I highly recommend this training session to at least the CXO level people because it is something very meaningful for them and it can be very beneficial for organisations

    Anuj Jain

    Trusted Security Advisor,

    Starlinks, Dubai UAE

  • testimonial_img.png

    Amar is a good mentor because he did more than just teaching. The checklist and mind maps are a really good part of the course.

    Vimal Rama

    IT Manager, HLB HAMT, Dubai UAE

  • testimonial_img.png

    Amar is an excellent tutor and mentor also. The key aspects of the training is interactive sessions. Everyone has shared their experiences. I gained much knowledge which will be useful for my day to day activities.

    BGK Vikram

    Manager Information Security Audit,

    RAK Bank, Dubai UAE

  • testimonial_img.png

    I really learnt a lot from this course as it was the first cyber security course I have been on. What I liked the most was the mind-mapping.

    Krishna Raghupati

    Paramount Computer Services,  Dubai UAE

  • testimonial_img.png

    recommend everyone to attend this course whether your business is at the beginning or whether you have already implemented some of the IT security procedures

    Bir Lama

    Network Engineer,

    Christ the King Sixth Form Colleges London

Please complete the form below and one of our consutlants will be in touch to discuss your requirements.

Management Best Practise Training Enquiry Form

  • callOr call us on:
  • +44 (0) 203 189 1422