| Content |
IT Security
This course is aimed at staff up to manager level. No specific technical knowledge is assumed but attendees should have a basic knowledge of computers and using the World Wide Web.
Aim
To enable non-IT staff to appreciate the roles and requirements of the IT systems they interact with. Appreciate the risks to the organisation’s systems and that of its customers. Understand how and why attacks are carried out and how to mitigate against them.
Day 1
Internal Threats and their mitigation
- Introduction to IT systems, technologies and how they fit together (from the mainframe to the smart card and mobile phone via the desktop)
- Basic business operations risks, differences between disaster recovery and business continuity
- List the legal requirements of recruiting staff
Day 2
Internal Threats (continued)
- Fraud in an IT context – introduction (who, why, how)
- Case study
- Auditing in an IT context
Staff fraud within IT systems, detection and mitigation
- Customer fraud via IT systems such as online backing
Day 3
Threat Mitigation
- The importance of authentication and encryption
- Types of authentication and encryption systems used
- Introduction to social engineering (refresher and in an IT context) External Threats - Direct threats
- Social engineering attacks (attacking systems through staff and what staff do)
- Hackers, crackers, script kiddies and links to organised crime
Day 4
External Threats – Indirect threats
- Threats to customers
Social engineering, Scams, phishing emails, keylogging, browser hijacking
(What to watch for and ways to assist those who have been affected)
- Mitigation against external threats (what IT will be doing, how you can help)
- Case study of an external threat External Threats - Direct threats
- Social engineering attacks (attacking systems through staff and what staff do)
- Hackers, crackers, script kiddies and links to organised crime
Day 5
Appropriate Responses
- Internal reporting procedure
- Laws and regulations
- Appropriate authorities and their roles
|
