Employees must recognise that the corporate data on their computers is both valuable and vulnerable. They must understand their legal responsibilities regarding the unauthorised release of sensitive data. Note that sensitive data means data that requires protection due to the risk and magnitude of loss or harm that could result from its unavailability, disclosure, alteration, or destruction. The means of ensuring employee understanding and/or recognition of their responsibilities varies. User/employee security awareness training is one of the most common means available to achieve recognition of responsibility and computing asset worth.
The Security Awareness Program is designed for the everyday user of computers and networks. The program is in easy to understand language without all the techno jargon. Suitable for end users such as executives, admin staff, clerks, sales teams etc.
Duration: 4 hrs
Prerequisite: Working knowledge of computers and internet.
Management has the ultimate responsibility for implementing a data security program based on an assessment of business risk (corporate cost/benefit tradeoff) and an information system (IS) security risk assessment. All levels of management must be involved (and held accountable) to ensure the program is understood and properly implemented. Management must understand that they are legally responsible for the integrity of corporate data assets just as they are with other assets of the corporation.
The Security Awareness Program is designed for management personnel such as CSOs, CEOs, CTOs, COOs, VPs and other managerial positions. These special Information Security Awareness classes for management personnel will inform management of:
Duration: 4 hrs
Prerequisite: Working knowledge of computers and internet.
IS vulnerabilities in general, relate to the weak points of the tangible computing assets in the corporation, and how exposed these assets might be to exploitation. These vulnerabilities can vary greatly depending on the network or stand-alone environment used by the corporation. Obviously, the weakest link in the security chain is also the most vulnerable point. Since the three basic goals of computer security are ensuring secrecy, integrity, and availability of data, vulnerabilities of a computer oriented business can include just about everything related to the business operation. Typical assets are hardware, software, data files, support documentation, people, and outside communication. The in house technical staff is responsible for maintaining the networks and other computing resources in a secure manner.
The Security Awareness Program is designed for technical staff such as Network professionals, Network and IT Managers.
Duration: 8 hrs
Prerequisite: Good understanding of computers and networking aspects, any kind of certification in basic networking and computers will be added advantage