Training: Computer Security
Computer (End User) Security Training for common users and employees is steadily underestimated, although there is a proof that implementing of this training reduces a number of security incidents, helpdesk load and misuse or non-availability of information.
Training is made-to-measure for every organization depending on it’s needs. Our know-how includes presentation of actual security issues which our consultants face up daily. We are also giving recommendations for safety using IS/IT by users. The Emphasis is on sophisticated attacks by social engineering, what is actually the biggest risk, because it bypasses technical security measures.
We follow trends, so now the training contents theme blocks about risks in using social networks and smart mobile devices (smart phones, tablets).
The Structure of Training
The Introduction of information security
Information Security threats – real examples
Inside Job examples
External threats
Danger of an electronic communication
Social engineering attacks
Social network risks (Facebook in company environment)
Mobile devices – good or evil?
Current internet threats
Principles of information security management
Guidelines for users (based on individual needs and organization‘s security policy)
Summary, Decalogue for users
Discussion
The Form of Training
The training is in a form of slide-show presentation/workshop – learners can interact with an instructor and ask during the lesson, what makes a training more dynamic and interesting for audience.
There is a possibility of training modification, for example check knowledge by test (immediately or with some interval), give a discharge by issuing the certificate, use e-learning (using existing SW of your company) or include life demonstrations.