Cybersecurity and Resilience Masterclass
Masterclass in Cybersecurity and Resilience (1 day course)
Businesses are facing an ever increasing, ever changing cyber threat and falling victim to disruption, industrial espionage and theft. The financial and reputational losses that can arise from such incidents are costly. This one day masterclass for decision-takers offers a broad understanding of the inherent risks and opportunities that any organisation must consider in order to build effective policies and frameworks for trustworthy and reliable networks.
The course addresses the key concepts involved in establishing and implementing a solid culture of cybersecurity. Over the course of a day delegates will gain a greater awareness of cyber threats, vulnerabilities and the strategies required to swiftly respond to and mitigate against the threats and risks.
Masterclass in Cybersecurity and Resilience (1 day course)
Aimed at: This course will benefit Executive or Non-Executives, Chief Risk Officers, Chief Information Security Officers, Chief Security Officers and Human Resources Directors across all industry sectors. This course does not require any prerequisite knowledge of cybersecurity and is therefore suitable for newcomers to the field of cybersecurity, and those want to update their existing cybersecurity and resilience knowledge.
Course programme details:
1. Security Culture
This session will explain the importance of an appropriate security culture as part of an effective personnel security regime. It will introduce one tool which can be used by organisations to both design their desired culture and also assess the existing culture so that a change programme can be developed to move from the existing state to the desired state.
It will describe the process required within an enterprise from the point of deciding to implement a Security Culture review and change programme, through delivery of that programme, to confirmation of the programme’s successful outcome. Investigating, clarifying and resolving key issues in cyber, information security and risk management and developing best practice methodologies and solutions that meet the business needs of its members.
2. Hacker Tools and Techniques
This session will examine the economy of hacking by discussing and summarising software errors hackers exploit, how such errors could be disposed (e.g. reporting to vendors, public disclosure, sale to criminal networks), and how to recover from these errors. Participants will gain an understanding of what makes an easy target, how hackers find and exploit vulnerabilities.
It will give an overview of how cybercriminal organisations are structured including the business models of organised crime for Credit Card Fraud, Phishing and Spear Phishing and Botnets. It will provide a comparison with other classes of risks such as fraud and burglary. The session will also discuss how to overcome attacker’s advantage, and explore target hardening, insurable, uninsurable risk and long term equilibrium.
3. Mobile Malware Threats
This session will introduce the current state of mobile malware threats (e.g. what are the various types of malware, spyware and grayware), and motives behind these attacks (e.g. credential theft, perpetrate Premium-rate SMS attacks, spam, search engine optimization, ransom), and how these threats can affect assets (e.g. personal data, corporate intellectual property, classified information, availability of the device, personal and organisational reputation). It will give a detailed overview of features of mobile devices that makes them attractive targets for attackers, provide a comparison of mobile security and personal computer security. Detection, protection and mitigation mechanism will be covered including how to raise awareness in users to utilise their mobile devices in a secure way, and how to make mobility and security work together. The material will be illustrated using case studies, and the session will contain a live session on hacking an Android device.
4. Advanced Persistent Threats
This session will discuss the Advanced Persistent Threat and examine the real-world implications of state sponsored attacks, including recent intrusions against institutions like the New York Times, RSA Security, as well as headline-grabbing events like STUXNET and FLAME. It will frame the general ecological risks presented by the APTs, including the end of "business as usual" internet function for short periods, and the need to separate some critical functions from public networks (as has been common in some sectors for some time.).
There will be ample opportunity for discussion and interaction, where possible drawing from people's experience and opinions on real-world and speculative scenarios. There are particularly critical issues around systemic vulnerability which will be examined through a crisis management and mitigation framework. This session will also attempt to give some underlying principles for assessing the likely impact of news in this arena, with a particular eye to "threat news cycles" and the increasing role of private companies in providing public understanding of what is going on.
5. Resilience Exercise
This final session will focus on cyber resilience. Participants will be taken through an interactive exercise to consider how an organisation would react, it’s immediate actions, the decision-making processes and the investment of policy and capability options required to respond to the uncertainties of a cyber-incident.
Course Dates: 17 July 2013
Course Cost: £490
Group Discount: 10% discount for bookings of two or more. To qualify, all group delegates must be booked at the same time.
Early booking discounts: Book at least four weeks before the course date and you will receive 10% discount. This discount can be used in conjunction with the group discount.
Please ask for your discount when you book as these cannot be given retrospectively.
Accommodation: UCL has a number of residences that are available to book when courses are held in the summer months. These are available from £45 per night. We recommend Frances Gardner House or James Lighthill House due to their proximity to the JDI and their facilities.
Please visit this site (http://www.ucl.ac.uk/residences/) for more details and to make any accommodation bookings. We advise booking early. The accommodation is basic, but clean and fantastic value for London.
For something a bit grander we recommend the Cartwright Gardens Apartments:
Page last modified on 31 may 13 11:29 by Katherine S Carter