Objectives
. Identify and analyse cybersecurity issues with the aim of ensuring intelligence and economic security.
. Take into account all security aspects in an organisation.
. Identify threats linked to the use of digital spaces and social media, a company’s private platforms and public platforms.
. Adopt good cybersecurity practices for both companies and individuals.
. Protect a company’s intangible property by using digital tools and inherent services.
. Establish a management protocol for IT incidents: from detection to crisis management.
TRAINING LOCATION
The training course is entirely done remotely, through Webex, a video conference tool.
FINANCING
Contact us to get a cost estimate.
Prerequisites
Have basic knowledge of the office pack (Microsoft Office, browsers, Windows and Android operating systems).
Understand the concept of information systems, including their components, functions, and impacts on an organization.
Training content
1. A company’s digital transition
The digital transition of companies is explained through examples: vertical integration, profiling and digital marketing, digital communication, websites, the blurred lines between professional and personal life.
2. The (new) uses
• BYOD,
• The right to disconnect,
• GDPR rights of data subjects. Dereferencing on the internet
3. Digital skills
• Password policy and password managers
• Data back-up policy
• The convergence of equipment: computers, smartphones and tablets
• Messaging services and the reservation of a domain
• Connectivities: wired vs. wireless; VPNs and secure web access
• “Public” clouds vs. “private” clouds (NAS)
• Profiling on the internet
• Search engines and privacy
• Digital identity
4. Good practices and cybersecurity
• Physical, logical and organisational security
• Encryption:
○ Basic algorithmic and mathematical principles
○ Mechanisms with public keys (asymmetrical) and symmetrical
○ Quantum cryptography
• Authentication and access management
• Managing incidents
5. Security by Design
• Security from the designing of products, services, softwares
• Data protection by design and by default
6. Certifications • ISO 2700x, SOC1, SOC2, CFIUS
7. Attacks
• Social engineering, DDoS
• Botnets
8. Participants • Bodies responsible for ensuring the security of sensitive information (ANSSI)
• Cyberattackers
• Data protection authorities (CNIL, ICO)
• ENISA
• CERT / CSIRT
Intended audience
· Jurists,
· Employees,
· Human resources and marketing managers.