Cyber & Information Security Course

Over this course, we'll be going over how to protect your organization's computer network from any internal and external cyber security threats, whether this be from a technological or a human point of view. In some cases, these threats are a combination of both, meaning that it is especially important to be vigilant when planning how to implement cyber security policies within your organization's computer network.

Cyber Security Topics

• Preventing phishing and vishing (telephone) scams, including what to watch out for when identifying them.
• Checking common mistakes with cyber security settings on devices that are in use on your organization's network.
• Cyber security testing and the associated legal considerations that these tests have on both your organization and on security staff personally.
• Non-standard devices and preventing offline (face-to-face) social engineering, which can often be hard to detect, especially if it comes from someone you know.
• Password policies and preventing credential sharing between end users at your organization.
• Alternative authentication, such as biometrics, system cyber security patching and centralized reporting.

Also included are some real-world examples of situations where you might encounter the topics on the course, in order to help you identify these within your own organization, and be able to resolve them appropriately.

Information Security Topics

On the information security part of this course, we'll be covering some of the basics surrounding information security, and what you need to know in order to be compliant with most of the world's data protection policies, as well as some of the different ways in which data can be secured.

• Physical and logical information security and the relevant methods with which this can be achieved.
• Auditing and accountability so that any actions are monitored and tracked.
• Data retention policies so that data is only held for as long as it is needed.
• File and folder permissions to help keep sensitive data from falling into the wrong hands.
• Activity logs and alerts to help identify any information security threats and prevent future ones.
• Dealing with external staff and contractors, who can often start working for an organization on short notice.
• Data protection and compliance and what you need to know in order to best protect your company.
• How to deal with any information security breaches that may arise.
• Reporting obligations and what information you would need to provide on such a report.
• An overview of root cause analysis, so that you know what caused an information security incident in the first place.

Note: The contents of this course are intended as general guidance and not legal advice. If in doubt, speak to your company's IT / information security department for specific information regarding your organization's policies and procedures.

Who is this course for?

Existing IT support technicians who are wishing to learn new skills.