IT security experts are not easy to find, especially for medium-sized companies. We help you to build up the necessary know-how for your own IT security team. Or to sensitise your employees to the topic.
Training: Cyber Security Expert (5 days)
The Cyber Security Expert training aims to introduce IT technicians and administrators with technical knowledge into the world of hackers. Based on theoretical and practical content, the participants not only get an overview of the current situation and the technical possibilities of the potential attackers, but also a well-founded insight into the specific work of IT security officers and possible defence strategies. They experience the attackers' perspective first-hand by having to carry out practical tests themselves. The focus of the training is on practice. Technical IT knowledge is therefore a prerequisite for participation. In-depth knowledge of Unix or other operating systems would be recommendable.
The title of Technical Cyber-Security Expert may be used once the final exam has been passed.
Content:
- Introduction to the topic with an overview of attackers and information security
- The attackers' methods
- Carry out your own penetration tests and security checks
- Documentation and reporting to the management
- Final examination
Training: Cyber Security Manager (5 days)
Competence in leadership is strengthened by knowledge. In this five-day training course, you will learn how to better deal with the challenges of IT security. You will get a profound and real-time insight into the technical possibilities of potential attackers and what a sensible action plan should look like based on found security gaps. Different management methods of information security management are dealt with. The aim of the training is to develop a solution-oriented approach that is tailored to your needs and resources as well as the risks. The legal basis of your actions and that of the attackers are also important elements of the five-day offer, as are contact persons and contact points in the worst case. After passing the final examination, participants are able to build their own IT security team.
Graduates of the final test may call themselves Cyber Security Manager.
Content:
- Introduction to the topic with an overview of attackers and information security
- Information security management - what's behind it all
- Implementation of information security management in the company — Do’s and Dont’s
- Planning and organisation of information security in the company - positions, responsibilities, checks and the ISMS (Management System for Information Security)
- Testing method using a fictitious company
Training: User Awareness (1 day)
We use practical examples to show participants how hackers work. We introduce them to the different types of attackers and shed light on their different approaches. This short theoretical excursion is followed by a real-time demonstration in which we start a phishing attack against your company. In this way, we not only present you with the very specific options that hackers will find to break into your system, but also give you the information you need, which gaps you should close quickly in order to reduce the risk of a successful attack. Our user awareness training including live hacking can be used as proof for both certification according to ISIS12/ISO27001 and for the GDPR training.
Content:
- Introduction to the topic with an overview of attackers and information security
- Presentation of virus programs, firewalls, e-mail systems — their performance and limits
- Hacking in theory: The untargeted attack
- Hacking in theory: The targeted attack (phishing and CEO fraud)
- Live Hacking: We use a phishing attack to try to identify your company's weak points