Categories
course

Introduction To Insider Threat

Introduction To Insider Threat

Overview

The Introduction to Insider Threats training course is designed to provide participants with a comprehensive understanding of individuals’ potential risks within an organisation.

Insider threats, often overlooked, can result in significant harm to an organisation’s data, intellectual property, and overall security. This course aims to equip participants with the knowledge and skills necessary to identify, mitigate, and respond to insider threats effectively.

The Introduction to Insider Threat consists of self-paced learning and exercises to assist you in gaining an understanding of what constitutes Insider Threats.

Objectives

  • Understand the concept of insider threats and differentiate between various types of insider attacks.
  • Recognise behavioural, technical, and physical indicators that may signal potential insider threats.
  • Explore the motivations behind insider attacks and study common profiles of individuals who may pose insider threats.
  • Explore various strategies and best practices for mitigating insider threats, including access controls, monitoring systems, and employee awareness programs.
  • Understand the key components of an effective insider threat program and how to integrate it into existing security.
  • Gain insights into how organisations can strengthen their overall security posture by addressing insider threats.

Topics Covered

  • Understanding of Insider Threats
  • Insider Sabotage
  • Insider Theft
  • Insider Fraud
  • Dealing with non-malicious Insiders
  • Best practice for prevention and detection

Benefits

By the end of the course, participants will have a solid foundation in recognising, assessing, and responding to insider threats.

Armed with this knowledge, organisations can enhance their security measures and better protect sensitive information from internal risks, ultimately strengthening their overall cybersecurity resilience.

Who Should Attend

This course is suitable for cybersecurity professionals, IT administrators, human resources personnel, and anyone involved in managing and securing organisational assets.

It is also beneficial for individuals interested in enhancing their understanding of insider threats and strengthening their organisation’s overall security posture

Prerequisite

None.

Course Length:

Online and self-paced.

Categories
course

Insider Threat Program – Execution And Management

Insider Threat Program – Execution And Management

Overview

The course presents a process roadmap that can be followed to build the various parts of a robust Insider Threat Program. It discusses different techniques and methods to develop, implement, and operate program components.

This training course supports organisations implementing and managing insider threat detection and prevention programs based on various government mandates or guidance.

This course is designed to equip students with the knowledge, skills, and abilities required to conduct their duties to establish insider threat programs designed to detect, deter, and mitigate risks associated with trusted insiders, including the ability to gather, retain, and assess data.

Objectives

Upon successful course completion, students will possess the ability to:

  • Describes the roles and responsibilities of an insider threat program.
  • Plan the steps to build, implement and operate an insider threat program management.
  • Coordinate a cross-organisational team to help develop and implement the Insider Threat Program.
  • Develop a framework for their Insider Threat Program.
  • Identify methods to gain management support and sponsorship.
  • Plan the implementation of their Insider Threat Program.
  • Identify organisational policies and processes that require enhancement to accommodate insider threat components.
  • Identify data sources and priorities for data collection.
  • Identify infrastructure changes and enhancements necessary for implementing and supporting an Insider Threat Program.
  • Outline operational considerations and requirements needed to implement the program.
  • Build policies and processes to help hire the right staff and develop an organisational culture of security.
  • Improve organisational security awareness training.
  • Identify training competencies for insider threat team staff.

Topics Covered

The course covers topics such as:

  • Building the Insider Threat Program Framework
  • Developing an enterprise-wide approach and interdisciplinary project team
  • Creating or enhancing policies and processes to include insider threat program considerations.
  • Identifying critical asset and protection needs
  • Identifying risks to assets from insiders and enhancing any risk management program to consider risks from insiders.
  • Enhancing organisational training and awareness programs to include insider threat.
  • Enhancing organisational infrastructures to support the Insider Threat Program by determining what defences are needed and where enhancements are necessary.
  • Building the data collection and analysis function for both technical and behavioural data
  • Identifying data sources and priorities
  • Building a Roadmap for Implementation
  • Considerations for operations
  • Future improvements to the program

Benefits

  • Gain insights and guidance from experts on how to implement and operate an Insider Threat Program effectively.
  • Receive step-by-step instructions and best practices for program development.
  • Acquire the skills and knowledge to identify, assess, and mitigate insider threats within an organisation.
  • Learn strategies for early detection and prevention of insider incidents.
  • Develop a deep understanding of the various types of insider threats and their motivations.
  • Learn how to differentiate between accidental and malicious insider activities.
  • Acquire communication skills to effectively convey the importance of the Insider Threat Program to stakeholders.
  • Learn how to collaborate with different departments and foster a culture of security awareness.
  • Learn how to tailor an Insider Threat Program to meet the specific needs and characteristics of the organisation.
  • Understand how to adapt the program to evolving threats and organisational changes.
  • Share experiences, challenges, and best practices with peers to enhance knowledge and skills.

Who Should Attend

  • Current or potential insider threat program managers
  • Insider threat program team members
  • Employees within the other areas of the organisation who interact and support an insider threat program.
  • Others who want to learn more about implementation and operating an effective program

Prerequisite

Participants are required to complete the Introduction To Insider Threat Training Course.

Course Length:

Four days, classroom and online instructor-led.

Special Arrangement:

This course may be offered by special arrangements at customer sites. For details, please contact course@insiderthreats.com.au.

Course Questions:

Email your query to course@insiderthreats.com.au.

Categories
course

Insider Threat Analyst

Insider Threat Analyst

Overview

The Insider Threat Analyst Training Course is a comprehensive 3-day program designed to equip cybersecurity professionals and analysts with the essential skills to proactively prevent, detect, and respond to insider threats.

This intensive course delves into strategies for collecting and analysing data, focusing on designing, implementing, and measuring the effectiveness of various components within an insider threat data collection and analysis capability.

Objectives

  • Work with raw data to identify concerning behaviours and activity of potential insiders.
  • Identify the technical requirements for accessing data for insider threat analysis.
  • Develop insider threat indicators that fuse data from multiple sources.
  • Apply advanced analytics for identifying insider anomalies.
  • Measure the effectiveness of insider threat indicators and anomaly detection methods.
  • Navigate the insider threat tool landscapes.
  • Describe the policies, practices, and procedures for insider threat analysis.
  • Outline the roles and responsibilities of insider threat analysts in an insider threat incident response process.

Topics Covered

  • Strategies for identifying risks to assets from insiders
  • Building a data collection and analysis function for both technical and behavioural data
  • Identifying data sources for insider threat analysis
  • Prioritising data sources to include in an analysis function
  • Developing insider threat indicators from raw data
  • Advanced analytics for insider threat mitigation
  • Measuring the effectiveness of insider threat controls
  • Features and functionality of tools used in insider threat mitigation
  • Developing an insider threat data collection and analysis process
    • Triage
    • Escalation
    • Referral
    • Continuous improvement
  • Developing an insider threat incident response process

Benefits

Participants completing the Insider Threat Analyst Training Course will emerge with a comprehensive understanding of insider threat analysis.

They will be adept at designing and implementing effective data collection strategies, utilising advanced tools for analysis, and measuring the success of their insider threat programs.

The practical exercises ensure that participants are well-prepared to address real-world scenarios and contribute significantly to strengthening their organisation’s defence against insider threats.

Who Should Attend

This course is designed explicitly for cybersecurity analysts, threat hunters, and professionals responsible for monitoring and mitigating insider threats within an organisation.

It is suitable for individuals seeking to enhance their skills in collecting, analysing, and responding to insider threat data effectively

Prerequisite

Participants are recommended to complete the Introduction To Insider Threat Training Course.

Course Length:

Three days, classroom and online instructor-led.

Special Arrangement:

This course may be offered by special arrangements at customer sites. For details, please contact course@insiderthreats.com.au.

Course Questions:

Email your query to course@insiderthreats.com.au.

Categories
course

Introduction To Insider Threat Awareness

Introduction To Insider Threat Awareness

Overview

The Insider Threats Awareness Training is a focused program designed to educate participants about the risks associated with insider threats within an organisational context.

This course aims to raise awareness among employees at all levels, equipping them with the knowledge to recognise and report potential insider threats.

By fostering a culture of vigilance and understanding, organisations can enhance their overall security posture and mitigate the impact of insider-driven risks.

Objectives

  • Foster a deep understanding of what insider threats are and the potential risks they pose to the organisations.
  • Encourage participants to be vigilant and observant, recognising potential indicators of insider threats in their day-to-day activities.
  • Educate participants on security best practices, emphasising the importance of secure data handling, communication, and the protection of sensitive information.
  • Empower employees to actively report suspicious activities, creating a culture where reporting is encouraged and perceived as a collective responsibility.
  • Equip participants with the knowledge to recognise and resist social engineering tactics, thereby reducing the risk of falling victim to manipulation.
  • Establish a culture of security consciousness at all levels of the organisation, where each employee plays a vital role in maintaining a secure work environment.

Topics Covered

  • Introduction to the spectrum of Insider Threats
  • Common insider threat indicators
  • Importance of safeguarding sensitive information and business assets
  • Recognising changes in co-worker behaviour
  • Recognising manipulation attempts and phishing attacks.
  • Communications best practices
  • Guidelines on reporting suspicious activities
  • Familiarisation with organisational policies related to insider threats.
  • Understanding the role of each employee in maintaining a secure environment.

Benefits

By the end of the Insider Threats Awareness Training, participants will be equipped with a heightened awareness of potential insider threats.

This awareness contributes to a more vigilant workforce and establishes a foundation for a culture of security within the organisation.

This proactive approach aids in early detection, reporting, and mitigating insider threats, ultimately strengthening the organisation’s resilience against internal risks.

Who Should Attend

This course is essential for all employees across different departments and levels within an organisation. From executives to front-line staff, creating awareness about insider threats is crucial for fostering a collective commitment to organisational security.

Prerequisite

None.

Course Length:

Online and self-paced.
Categories
course

Handling Incident Management

Handling Incident Management

Overview

This four-day course provides foundational knowledge for those in security-related roles who need to understand the functions of an incident management capability and how best to perform those functions.

It is recommended for those new to incident handling or security operations work.

The course introduces the basic concepts and functions of incident management. The course addresses where incident management activities fit in the information assurance or information security ecosystem and covers the key steps in the incident handling lifecycle.

Discussions include topics on security operations services, insider threats, and the nature of incident response activities. Course modules present standard practices to enable a resilient incident management capability. 

Course attendees will learn how to gather incident information, understand the technical issues related to commonly reported attack types, analyse and respond to sample incidents, apply critical thinking skills to incidents, and identify potential issues to avoid while managing incidents.

The course incorporates interactive instruction, in-class discussions, small group work, and practical exercises. Attendees have the opportunity to participate in sample incidents that they might face on a day-to-day basis in a group or team scenario/situation. 

Objectives

This course will help participants to:

  • Detect and characterise various insider and outsider attack types
  • Develop a strategy for analysing and responding to complex or significant events and incidents within your organisation
  • Comprehend various methods for analysing artifacts and information left by an insider and also on a compromised system and issues involved with such analysis
  • Develop and execute cyber threat hunting goals, searching, and analysis
  • Obtain practical experience in the coordination of vulnerability handling tasks
  • Formulate and deliver effective publications and communications such as advisories, alerts, after-action reports, and management briefings

Topics Covered

  • Incident handling lifecycle and critical information review
  • New technologies and impacts on incident handling and mitigation
  • Discussion on the types of insider threats
  • Discussion of advanced persistent threats
  • Threat hunting processes and critical thinking
  • Vulnerability handling overview, including vulnerability disclosure
  • Analysing and coordinating responses to significant insider events and incidents
  • Developing and delivering compelling communications

Benefits

By attending this course, you will benefit from the comprehensive content and interactive nature of the training. 

  • Gain solid understanding of the essential concepts and functions of incident management
  • Understanding incident management lifecycle
  • Integration of incident management with your existing security ecosystem
  • Technical skills enhancement
  • Critical thinking skills development
  • Insights into security operation services
  • Awareness of insider incidents
  • Development of a resilient incident management capability
  • Practical experiences through exercises

Who Should Attend

  • Current cybersecurity incident management
  • SOC staff
  • Insider threat practitioner

Prerequisite

Before attending this course, participants should have the following experience:

  • At least six months of incident handling experience
  • Understanding the foundations of insider threat

Course Length:

Four days classroom instructor-led.

Special Arrangement:

This course may be offered by special arrangements at customer sites. For details, please contact course@insiderthreats.com.au.

Course Questions:

Email your query to course@insiderthreats.com.au.

Categories
course

Information Technology Disaster Recovery

Information Technology Disaster Recovery

Overview

This two-day course provides foundational knowledge for those in Information Technology Disaster Recovery (IT DR) roles who need to understand the foundations of developing and implementing an IT DR framework for their organisation; it is recommended for those new to IT DR or technology resilience roles.

The course introduces the basic concepts and functions of IT disaster recovery management and addresses how activities align with an organisation’s overall business continuity framework, and covers the fundamental steps of the IT DR lifecycle.

Discussion topics include evaluating technology risks, technology impact assessment, ITDR strategy development, ITDR Plan development, ITDR training and awareness, ITDR testing and ongoing audit, compliance and governance aspects.

Course attendees will learn how to assess technology risks, develop a technology-focused impact analysis, develop IT DR strategies and plans, select and implement disaster recovery tools and applications, design and implement training programs and develop testing and exercise plans.

The course incorporates interactive instruction, in-class discussions, small group work, and practical exercises. Attendees can participate in sample ITDR incident simulations they might face daily in a group or team scenario/situation. 

Objectives

This course will help participants to:

  • Plan for and undertake a technology assessment
  • Plan for and undertake a Technology Impact Assessment
  • Develop IT Disaster Recovery strategy options
  • Develop an IT Disaster Recovery policy and plan(s)
  • Develop IT Disaster Recovery training and awareness materials
  • Develop IT Disaster Recovery testing and exercising strategies and plans
  • Assess Tools and Applications to support IT Disaster Recovery
  • Formulate and deliver effective publications and communications, including exercise outcomes reports and management briefings

Topics Covered

  • Technology Risk Management
  • Technology Impact Assessment
  • Developing IT DR Strategies
  • IT Disaster Recovery Applications, Systems and Tools
  • Developing IT DR Plans
  • Developing IT DR Training
  • Developing IT DR Exercising

Benefits

By attending this course, you will benefit from the comprehensive content and interactive nature of the training.

  • Gain a solid understanding of the essential concepts and functions of IT Disaster Recovery Management
  • Understanding the IT Disaster Recovery management lifecycle
  • Integration of IT Disaster Recovery with resilience frameworks such as business continuity management, crisis management, emergency management, IT Disaster Recovery, Cyber Security Management
  • Technical skills enhancement
  • Critical thinking skills development
  • Insights into IT DR management services
  • Awareness of IT Disaster Recovery management
  • Development of IT Disaster Recovery capabilities
  • Practical experiences through exercises

Who Should Attend

  • IT Disaster Recovery Managers
  • IT Operations and Support Managers
  • IT Risk & Resilience Managers
  • IT Compliance & Governance Managers

Prerequisite

Before attending this course, participants should:

  • Understand the foundations of IT disaster recovery management

Course Length:

Two days, classroom and online instructor-led.

Special Arrangement:

This course may be offered by special arrangements at customer sites. For details, please contact course@insiderthreats.com.au.

Course Questions:

Email your query to course@insiderthreats.com.au.

Categories
course

Business Continuity Management

Business Continuity Management

Overview

This two-day course provides foundational knowledge for those in business continuity management roles who need to understand the foundations of developing and implementing a business continuity framework for their organisation. It is recommended for those new to business continuity or risk management roles.

The course introduces the basic concepts and functions of business continuity management and, addresses how business continuity management activities align with an organisation’s overall risk management framework (including insider risks) and covers the fundamental steps of the business continuity lifecycle.

Discussion topics include risk evaluation, business impact assessment, business continuity strategy development, plan development, training and awareness, testing and exercising and ongoing audit, compliance and governance aspects.

Course attendees will learn how to assess operational risks, develop a business impact analysis, develop continuity strategies and plans, design and implement training programs and develop testing and exercise plans.

The course incorporates interactive instruction, in-class discussions, small group work, and practical exercises. Attendees can participate in sample incident simulations they might face daily in a group or team scenario/situation.

Objectives

This course will help participants to:

  • Plan for and undertake a risk assessment
  • Plan for and undertake a Business Impact Assessment
  • Develop business continuity strategy options
  • Develop a business continuity policy and plan(s)
  • Develop business continuity training and awareness materials
  • Develop business continuity testing and exercising strategies and plans
  • Formulate and deliver effective publications and communications, including exercise outcomes reports and management briefings

Topics Covered

  • Operational Risk Management
  • Insider Risk Management
  • Business Impact Assessment
  • Business Continuity Strategies
  • Business Continuity Planning
  • Business Continuity Training
  • Business Continuity Exercising

Benefits

By attending this course, you will benefit from the comprehensive content and interactive nature of the training.

  • Gain a solid understanding of business continuity management’s essential concepts and functions
  • Understanding the business continuity management lifecycle
  • Integration of business continuity management with resilience frameworks such as crisis management, emergency management, IT Disaster Recovery, Cyber Security Management, Insider Threat Management
  • Technical skills enhancement
  • Critical thinking skills development
  • Insights into business continuity management services
  • Awareness of business continuity management
  • Development of business continuity management capabilities
  • Practical experiences through exercises

Who Should Attend

  • Risk & Resilience Managers
  • Compliance & Governance Managers
  • Business Continuity Managers
  • Business Continuity Coordinators

Prerequisite

Before attending this course, participants should: 

  • Understand the foundations of business continuity management

Course Length:

Two days, classroom and online instructor-led.

Special Arrangement:

This course may be offered by special arrangements at customer sites. For details, please contact course@insiderthreats.com.au.

Course Questions:

Email your query to course@insiderthreats.com.au.

Categories
course

Effective Communication

Effective Communication

Overview

Effective Communication is an essential course for leaders, managers, and anyone who needs to communicate effectively.

It provides the necessary skills to confidently navigate the complex world of communication. The ability to connect, inspire, and drive change is crucial in today’s world. This course emphasizes clarity, adaptability, and the development of real connections and rapport.

Objectives

Leading with Communication is an initiative that strives to assist those who aim to improve their communication skills.

The program is designed to equip participants with a comprehensive set of abilities to enhance their leadership capabilities through effective and influential communication.

Topics Covered

  • Clarity in Message Crafting
  • Understanding body language
  • Non-Verbal Communication
  • Creating metaphors and stories
  • Building rapport in leadership
  • Effective listening strategies
  • Building trust and credibility

Benefits

By attending this course, you will learn how to speak in a way that anyone can understand, connect effectively with all kinds of people, and even use stories to make your ideas stick.

Communication involves more than just words. You will pick up the subtle moves of body language, the art of making people trust you, and a framework for handling tough conversations.

These foundations make you feel heard, valued, and ready to conquer anything. This course is about authentic, down-to-earth skills that make communication valuable.

Who Should Attend

  • Executives
  • Managers
  • Supervisors
  • Anyone eager to communicate better

Prerequisite

None.

Course Length:

Online and self-paced.

Categories
course

Dealing With Toxic Behaviour

Dealing With Toxic Behaviour

Overview

Dealing with Toxic Behaviour follows the critical foundation laid by Effective Communication.

This self-preparation training is designed to underscore the importance of properly equipping oneself with internal skills and clear communication leadership before delving into modules that address toxic situations and how to navigate them effectively.

Recognising the pressing need for leaders to manage toxicity, this course focuses on enhancing emotional hygiene, internal resilience, and conflict resolution skills.

Objectives

  • Emotional Hygiene: Elevate emotional mastery to navigate emotionally charged situations effectively. Participants will develop the ability to recognise and regulate their emotions, fostering composed and empathetic responses to toxic behaviour.
  • Resilience Building: Cultivate resilience as a response to adversity. The course provides tools and techniques for leaders to bounce back from challenging situations, maintaining focus and effectiveness amidst workplace toxicity.
  • Conflict Resolution Skills: Participants will acquire practical conflict resolution skills to address toxic behaviour constructively. They will learn to navigate difficult conversations, mediate conflicts, and facilitate positive resolutions.
  • Mindful Communication: Integrate mindfulness into communication practices. Through mindfulness exercises, participants enhance their ability to remain present and composed during toxic conversations, promoting thoughtful and measured responses.
  • Boundary Setting: Develop the art of setting and maintaining healthy boundaries. Leaders explore strategies for establishing clear expectations, addressing unacceptable behaviour, and promoting a culture of mutual respect.
  • Empathy Development: Strengthen empathy as a key leadership skill. Participants understand the perspectives of others, even in challenging situations, enabling them to respond with understanding and compassion.

Topics Covered

– Coming soon. 

Benefits

– Coming soon. 

Who Should Attend

This course is the second foundational step for leaders who have completed Effective Communication Training and are gearing up for a comprehensive leadership development journey that delves into toxic situations.

It is specifically designed for individuals who recognise the importance of being prepared to handle Toxic Behaviour in the workplace.

Prerequisite

Before embarking on this course, participants should have completed the Effective Communication course to ensure they possess the necessary leadership communication skills. It is essential to be properly prepared and equipped to take the lead in communication before delving into the nuances of dealing with toxic situations.

Course Length:

Online and self-paced.

Special Arrangement:

This course may be offered by special arrangements at customer sites. For details, please contact course@insiderthreats.com.au.

Course Questions:

Email your query to course@insiderthreats.com.au.

Sign up for early access