$1,000.00

Legend

LocationStart dateEnd DateClass TimesClass DetailsAction
No class dates currently scheduled. Click here to request a date

Overview

OVERVIEW

The mile2 vendor neutral Certified Security Awareness Boot Camp certification course is intended for anyone that uses a computer on the internet. Attendees will understand the security threats as well as the countermeasures associated with these attacks. Employees will learn that the weakest link in any security program is a poorly trained department.  This course teaches general security awareness as well as how to develop a strong security culture within your company’s community. The Social Engineering portion of the class is designed to teach the participants the skills used by Social Engineers to facilitate the extraction of information from an organization using technical and non-technical methods.

Computer fraud, black-hat hacking, cyber-terrorists; these phrases describe an innovative generation of criminals that use over-the-wire technology to attack us, steal from us and terrorize us. However, the best tool in their arsenal is not new. It is only used by the most experienced, the most dangerous, boldest hackers.

The mile2 Certified Security Awareness  program is innovative and trains students on how attacks are performed, the skills necessary to perform an attack, how to train people to identify an attack but most importantly:  how to train internal targets so that the training is effective and lasts.

WHO SHOULD ATTEND?

  • Anyone
  • End User
  • Company Employee
  • Basic Computer User

Description

COURSE DETAILS

 

Module 1 – Basic Security Awareness 

What is it and why it’s needed?
2017 End User Risk Trends

  • Who, What and How are people the target
  • What are the losses associated to end user hacks?
    • The policies are as good as the employee who embraces them

 

Module 2 – Social Engineering
Phishing

  • mail, via phone, social websites are common

Spear Phishing

  • Example: Fake email sample

Social media

Personification

 

Module 3 – Data Classification and corporate use (Safe Guarding)

Corporate

  • Sensitive, internal or public classification
  • Objectives of securing data (IP, Compliance/legislature)

Personal vs. Business Use

  • Segregating personal use with business use

Data management

  • Business standard for deleting data
  • Personal standard of data dumping (old phones/hard drives and usb)
  • Did you know that I can unearth deleted docs from a USB drive from a standard Forensics app off of the internet?

How to delete and get rid of your old data

 

Module 4 – End User Best Practices

Internet utilization

  • Hot spots, public places & roaming risks

Safe Web Site surfing

  • Discerning safe secure sites (never go to a site link indirectly)
  • Locks and HTTPS

Computer Usage

  • Using computer in non-admin mode
  • Ransomware

Password management

Removable Devices

Mobile, Smart Phones and Tablets (risks associated with mobile devices)

  • Device always locked
  • Device should always be trackable

 

Module 5 – Creating a Cyber Security Culture

  • Overview
  • Non-malware Attack Statistics 2017 (Carbon Black)
  • Cyber Security Culture
  • Requirements for Successful CSC
  • Steps to Create CSC
  • Key People for a Successful CSC and Their Roles
  • How Various Departments are Related to the CSC Program
  • Leadership Skills
  • Techniques Used by Successful Leaders
  • Yearly Training and Drills

 

Module 6 – Social Engineer Attacks: Executive Management and Assets

  • Overview
  • Techniques used by Hackers
  • Why Executives are Pinpointed as Targets
  • Whaling Attacks
  • Recent Successful Whaling Attacks
  • Whaling Mitigation
  • Intellectual Property
  • IP Categories
  • IP Legally Defined Categories
  • Keeping IP Safe
  • Keeping IP Safe – Recommendation

 

Module 7 – Incident Preparedness and Management Planning

  • Overview
  • Incident Mitigation
  • Incident Mitigation
  • Cyber Insurance
  • Cyber Insurance Gaps
  • Incident Preparedness Steps
  • Preparation Step
  • Identification Step
  • Crisis Management
  • Post Crisis Management
  • Post Crisis Management
  • General Recommendation for Post Crisis

 

Module 8 – Laws and Global Compliance Standards

  • Overview
  • Laws & Standards
  • Laws & Standards
  • 12 PCI DSS Requirements
  • Laws & Standards
  • SOX Most Important Sections
  • Laws & Standards
  • Data Classification
  • Objectives of Data Classification
  • Personal vs. Business Use
  • Personal vs. Business Use
  • Business Standard for Deleting Data
  • Mobile Device Security Risks
  • Mobile Device Security
  • BYOD Challenges
  • BYOD Policy