Managing Cyber Risk with PAS 555 Technical Author, Grace Shacklady

The cyber threats that organisations face are growing in number and severity at an alarming rate. This means that it’s vital that all organisations improve the way they operate in regards to cyber security risk management. One key way to improve operations and overall cyber security defence is by employing qualified professionals in your cyber security workforce.

IT Governance’s training course Managing Cyber Security Risk is one which all organisations should be looking to send a member of their staff to. Course leader and PAS 555 technical author, Grace Shacklady, has taken a few minutes to answer some questions about the course, what it offers and why organisations should implement a cyber security strategy.

Why is a cyber security strategy important to an organisation?

As reliance on the use of cyber space to do business increases, so does the threat of cyber attacks. By having a fit for purpose cyber security strategy in place, organisations will be able to reduce and/or mitigate the effects of an attempted or successful cyber attack.

Does a cyber security strategy only apply to large organisations?

No – cyber security risk management can be applied in any size and type of organisation.  However, to be truly effective, cyber security must apply to the whole organisation, not just a part of it.

What is the difference between a cyber security strategy and an ISO27001 Information Security Management System (ISMS)?

An effective ISMS will help to deliver the outcomes required for effective cyber security.  However, cyber security isn’t just reliant on ISO 27001 to produce a strategy. An effective strategy relies on management commitment and several different business systems such as business continuity, IT service management, quality management among others.

What will delegates benefit from by attending the Managing Cyber Security Risk course?

Delegates will get an insight into how an effective cyber security risk management system can be developed and managed. They’ll also gain knowledge of current cyber security standards, best practice and guidance documents, as well as a wide range of other things.­

Who should be attending this course?

This course should be attended by:

  • Senior Directors (CEO, CIO) who need to ensure their organisation is protected
  • IT Directors or Managers responsible for developing and implementing a cyber security risk management strategy
  • ISO27001 Lead Implementers and Lead Auditors
  • Information Security Managers responsible for cyber security
  • Professionals who hold CISA, CISM, CISSP, CRISC or CISMP certifications, who wish to apply current knowledge to the broader context of cyber security
  • Risk and Compliance Managers who require an understanding of cyber security risk management outcomes and processes
  • Risk and Information Security Consultants who wish to advise clients on the practical implementation of cyber security risk management

How much knowledge should delegates have of cyber security before they attend this course?

Delegates don’t require any knowledge of cyber security prior to this course as it doesn’t focus on detailed IT or other technical countermeasures. However, it would be beneficial if they have some grasp of management systems in general.

Why does the course reference risk management, business continuity, IT service management, quality management and integrated management systems?

All these other systems can help to develop a robust approach to cyber security risk management.  The section on integrating management systems is designed to help delegates see how cyber security risk management can be incorporated into other management systems without an excessive increase in documentation.

What qualification will delegates receive by attending this course?

On the last day of the course there is an exam which, if passed, delegates will receive the Certified Cyber Risk Management Practitioner qualification which is awarded by IBITGQ.

In order to book a place on the Managing Cyber Security Risk course visit or call 0845 070 1750