This training is specifically designed for C-Suite and Board members of private and public organisations to understand the cyber risk and manage it actively. It raises cyber awareness and provides the necessary tools to manage the cyber risk in an integrated manner. The content is designed and delivered by recognised experts in the cyber security practice, focuses on the needs of the C-Suite and Board and delivered in a language they understand. This training will take place on November 21st and on December 5th.
Content of the course
The content is covering the following themes over the course of a day programme.
- The Threat Landscape - An overview of the current threat landscape and insights in the expected evolution in coming years. How to monitor the threat and where to obtain intelligence relevant to your organisation?
- The Risk - A primer on cyber risk and what the C-Suite really needs to know. About protection through understanding the key assets of the organisation and their risk of being compromised. How to integrate the cyber risk into the business risk and managing it instead of hiding it.
- Organise Yourself - What to expect from your CISO, where to position the him/her in your organization and which resources. Define relevant KPIs and set up processes to report them to you. Recruit and retain specialised cyber staff in an extremely competitive environment.
- Prepare and Respond - Have a crisis response plan before the crisis hits. Comply with regulations on data asset management, impact assessment and reporting obligations (NIS, GDPR, sectorial legislation). How to behave during the crisis? When and how to report? Cooperation with law enforcement: opportunities and pitfalls. What to say to your staff, your clients, the press and when? Who is in the lead during the crisis?
- Your Digital Footprint - A session on personal IT hygiene and managing your social media footprint as well as the ones close to you. How to be secure while travelling? How to safeguard your devices, your data and your credentials? With practical guidance based on your actual footprint and recommendations for mitigation.
The course is delivered in three parts. In the first part the course material will be delivered in a small classroom setup (less than 10 participants) allowing for substantial interaction with the trainer. The training could be integrated with an in-house C-Suite brainstorming on cyber risk and mitigation. In a second part the participants will take part in a cyber exercise simulating real life conditions in Room 42, allowing the participants to face a cyber-attack in an immersive and playful environment, and in real time. In the third part, the participants will receive feedback on their observed interaction in the cyber exercise and will be able to discuss lessons learnt and action plans.