Course Overview

Organisations have invested a tremendous amount of money and resources into securing technology, but little if anything into securing their workforce. As a result, people, not technology, have become the primary attack vector for cyber attackers. The most effective way to manage your organisation's human risk is to establish a mature security awareness programme that goes beyond compliance, changes people's behaviours, and ultimately creates a secure culture.

This two-day intensive course will teach you the key concepts and skills needed to do just that, whether you are establishing a new program or maturing an existing one. The course content is based on lessons learned from hundreds of security awareness programmes from around the world. You will learn not only from your instructor, but from extensive interaction with your peers. Finally, through a series of labs and exercises, you will develop your own custom plan to implement as soon as you return to your organisation

You will be able to:

• Understand the Security Awareness Maturity Model and how to leverage it as the road map for your awareness programme

• Gain and maintain leadership support for your programme, including aligning the program with your organisation's strategic priorities

• Implement key models for learning theory, behavioural change, and cultural analysis

• Explain the difference between awareness, education, and training

• Identify the maturity level of your existing awareness programme and the steps to take it to the next level

• Ensure compliance with key standards and regulations

• Define human risk and explain the three different variables that constitute it

• Explain risk assessment processes

• Leverage the latest in Cyber Threat Intelligence and describe the most common tactics, techniques, and procedures used in today's human-based attacks

• Identify, measure, and prioritise your human risks and define the behaviours that manage those risks

• Define and build a role-based training programme to manage your organisation's human risks

• Effectively engage, train, and communicate with your workforce, including by addressing the challenges of different cultures, generations, and nationalities

• Sustain your security awareness programme over the long term, going beyond changing behaviour to changing culture

• Measure the impact of your awareness programme, track reduction in human risk, and communicate the programme's value to leadership