Description:

While the world becomes more connected and technology advances at an unprecedented rate, the human element is still at the heart of all of the systems that we build.  People are our end-customers and the strategic decision makers, they are involved in running our processes and responding to problems.  They are also behind all of the cyberattacks our organisations face, and over 85% of breaches involve the cooperation or inaction of someone in your organisation who could have prevented it.  From social engineering of your colleagues to the use of open source intelligence to gain insights into the workings of your organisation, it is impossible to adequately secure your services without understanding the human element of cybersecurity.

This course is designed for business analysts with some experience of delivering change and is intended to provide a background into how the activities of people such as users, customers, third parties and threat actors influence an organisation’s security posture.  It will help you to design better processes and user journeys that protect your organisation against the actions of bad actors such as hackers and fraudsters. You will learn about access control, management of privilege, and about precautions that can be taken during process design to minimise the risk arising from social engineering, open-source intelligence and insider threats.

Objectives:

After the course you will be able to:

• Describe the characteristics of the different kinds of people who might interact with systems and services that you may develop and what risks they may present.

• Recognise the most common tactics used by threat actors while carrying out social engineering and open source intelligence to achieve their objective.

• Describe the different components of identity based access control including identification, authentication, authorisation and accountability and explain when each of these is required.

• Identify how threat actors may take advantage of missing controls within processes and how to fix these processes to prevent them from carrying out actions that they are not authorised to perform.

Structure:

This course is delivered as a 2 day course, or equivalent.

There are currently no spaces available on this course. If you are interested in booking a place on a future course, please let us know via the button below.