Education and Workshops
Many business owners are worried about the impact of cyber crime on their businesses, but don’t understand what the issues are or how to start protecting themselves.
Whitgift Security has devised a series of practical workshops providing insights into cyber crime, how you can be targeted, and advice on how to protect your business online.
During the workshop we will explore the trade-offs between usability and security. There will be lots of opportunities to discuss these trade-offs as we consider the different security measures your organisation could implement. We will highlight how the requirements of Cyber Essentials and the IASME standard will impact implementation decisions on security measures.
During the workshop we will work through examples. We will review templates and identify resources that could be used as a starting point for implementation in your organisation.
Standard Workshops include
Protect Your Accounts
How Cyber Guardian protects your websites and customers
Most of us want to “be connected” all of the time, be it for work or fun.
This workshop explores how the cyber criminal uses our online presence to trick us and exploit our assets to make them money. We all need to “think before we click” on a link, or to connect to a network, or give or publish information with practical advice on protecting accounts for online services.
- The adversary, what they want from you and how they get it
- Managing your organisation’s digital footprint
- How to avoid being caught
- Recognising fake and malicious Websites
- Spotting phishing emails
- Avoid becoming a victim of Vishing
- Don’t get caught by SMiShing
- Safe shopping online
- Using public WI-Fi networks
- Protecting your accounts for online services
- Protecting your passwords
- Working in a safe way when not in your organisation office
- How to get help if you have been caught
Are you ready to respond?
58% of small organisations reported a security breach in 2018.
With the new GDPR legislation, organisations will need to be ready to able to report breaches to the Information Commissioner’s Office within 72 hours.
This workshop explores how to prepare for an incident to enable your organisation to respond quickly and efficiently in case of attack, or if something goes wrong.
- Topics include:
- The different response plans needed-
- Business Continuity Plan,
- Incident Management Plan,
- Disaster Recovery Plan
- Disaster Recovery Plan
- The Plan management cycle
- Different Scenarios
- Advance preparation
Protect Your Network
You depend on your IT network for important organisation operations, probably including communication and sales. This workshop explores the framework of security measures for protecting your organisations network and the data it holds. With many organisations extending their networks into the cloud, security considerations when selecting cloud providers and basic measures for protecting your organisations website are also explored.
- How adversaries attack your network
- Protecting the network boundary
- Default configurations for shared IT assets
- Knowing what is on your network
- Managing who is accessing your network and what they have access to
- Securing the Supply chain
- Using the Cloud
- Protecting websites
Know your Organisation
With limited resources you can’t do everything. This workshop provides a framework to identify the data, people, technology and processes that are important for your organisation. It explores the key legislation to protect sensitive data and the associated organisational policies required. With this clear focus you can then identify how to best use limited resources to protect your clients, your data and your organisation.
- Understanding of the adversary – Who you are defending against? How are they attacking you? How is the threat landscape is changing?
- Understanding the key assets in your organisation – What needs to be protected? Why does it need to be protected?
- Key legislation for protecting data – Data Privacy legislation eg GDPR
- Policies for protecting your sensitive data
Protect Your Devices
Isaac Asimov’s sentiment “I do not fear computers. I fear the lack of them.” is even more relevant today with our increasing dependence on our devices – PC’s, laptops, tablets and smartphones. This workshop explores simple effective protection to safeguard the devices individuals use to access data. Keeping them in a healthy state keeps your data secure and the devices running efficiently.
- IT asset lifecycle – security requirements during each phase
- Bring Your Own Device (BYOD)
- Security requirements triggering an IT asset investment program
- Incorporating security requirements into the planning and procurement
- Default configurations for the devices individuals you use to access data
- Security measures to protect devices over their lifetime
- Managing the device to protect your organisation data
- Securely disposing of devices
Governance & Policies
Security leadership starts from the top. This workshop explores frameworks suitable for SMEs to put in place, identifying the best way to manage security for the organisation. This includes ensuring security risks have been considered and putting in place policies defining necessary security measures.
- Why your organisation is a target of cyber crime
- Different approaches to security management in small organisations
- Defining a risk management program for your organisation
- Which cyber security risks should be in your organisation’s risk register
- What security policies your organisation should consider
- Building the right security culture for your organisation