Security Awareness for IT Staff & Information Workers

Gain the security awareness and knowledge needed to recognize and defend against all major forms of destructive hacking including social engineering. In this Security Awareness for IT Workers course you will learn modern security practices, common hacking exploits and means of good IT security hygiene. The course is designed to be highly flexible with a wide range of information that can be tailored to security knowledge needs of any organization. 

After completing this course you will be able to:

1. Recognize all common destructive hacking techniques and understand appropriate organizational tactics to resolve the resulting issues
2. Understand the importance of personal and organizational Security Awareness
3. Be able to evaluate the importance of user buy-in and compliance
4. Describe and understand all key terms and methods of cybersecurity
5. Recognize all major forms of cyber attacks
6. Gain proficiency in reading and evaluating cybersecurity case studies
7. Recognize and defend against Social Engineering techniques and attacks
8. Understand and implement Mobile Device best practices for security
9. Evaluate password profiles, email and browser exploits and good digital hygiene

Attention Employers
This course will “inoculate” employees against both purposeful and accidentally triggered security threats to your organization. Employees will come away empowered to self-sustain a competent level of security awareness for protection of organizational property as well as personal identity security.

Employees will gain a basic understanding of the terminology covered in this course which will allow better discourse between individuals and departments when planning, implementing and executing policies, troubleshooting  or auditing in any IT subject. 

Security practices need to be adaptable to your organization and its various environments. The courseware, instructors guide, case studies and labs are designed to allow a comprehensive and flexible coverage for all information worker roles. Including the case studies, almost four days of materials are included in the courseware and instructor manual allowing the course to be presented in a format that matches the skill and experience levels of learners.

Introduction to Security Awareness

• TRADEMARKS AND RIGHTS
• TABLE OF CONTENTS
• WHY “SECURITY AWARENESS”?

KNOWLEDGE IS POWER

• TECHNICAL TOPICS
• BUY - IN
• CYBERSECURITY …AND THE RED QUEEN’S RACE.

KEY CONCEPTS IN CYBER SECURITY

• FUNDAMENTAL TERMS
• “DEFENSE IN DEPTH”
• ANALYSIS              
• GOVERNANCE AND METADATA
• RETENTION POLICY
• MITIGATION AND DETERRENTS
• HASHES AND ONE-WAY ENCRYPTION
• SINGLE KEY AND TWO KEY ENCRYPTION
• TCP/IP PRIMER AND REVIEW
• CYBER ATTACKS AND EXPLOITS
• SELECTED CASE STUDIES
• SOCIAL ENGINEERING         
• HOAXES

CLOUD SPECIFIC SECURITY & PRIVACY CONSIDERATIONS

• HOW SECURE IS THE CLOUD?            
• PRIVILEGED USER ACCESS
• REGULATORY COMPLIANCE
• INVESTIGATIVE SUPPORT
• DATA SEGREGATION
• RECOVERY
• LONG-TERM VIABILITY – TRANSFER OF DATA
• REVIEW:

PKI FUNDAMENTALS

• DIGITAL SIGNING
• PKI REVIEW QUESTIONS:

MANAGING SECURITY INCIDENTS

• THE BYOD PROBLEM
• CONTINUING YOUR SECURITY EDUCATION
• SUGGESTED LABS AND EXERCISES

Case Studies and Discussions:

• Case Study Analysis: Social Engineering
• Case Study Analysis: Ransomware
• Case Study Analysis: DDOS
• Case Study Analysis: USB Memory Stick
• Case Study Analysis: Mobile APP
• Case Study Analysis: BlueSnarfing

Hands-On Labs

This course is intended for both novice and experienced IT Professionals, Network Administrators, Help Desk Personnel, Network Support Personnel, Desktop Support Personnel and Managers who oversee IT Personnel and Developers and any Information Worker using Cloud products or mobile operating systems.