Cyber Security Free Resources

Webinar Agenda

• Get an overview of the SEC’s proposed rules and their significance;
• Determine if your organisation falls under the SEC’s jurisdiction;
• Understand the compliance requirements for listed companies;
• Get an in-depth examination of current laws, including:
  • Disclosure requirements and materiality;
  • 10 B 5 implications; and
  • Previous cyber incidents, hacks and vulnerabilities.
• Identify and address compliance challenges emerging from compliance issues.

Webinar Agenda

By attending our webinar, you will:

• Understand the specifics of the SEC cyber security disclosure requirements
• Learn how to meet Form 8-K and Regulation S-K obligations
• Recognize the importance of board members’ cyber security expertise

Webinar Agenda

During this webinar, you will:

• Uncover the key steps to elevate your career in cyber security management;
• Map your career path and learn about the skills and qualifications required to excel in this role;
• Discover our tailored training model for cyber security managers and how IT Governance can help;
• Access exclusive discounts and valuable resources; and
• Get answers to your questions directly from Jeremy Green during our live Q&A.

Webinar Agenda

• Discover the keys steps in a cyber security career journey today with insights from an industry expert;
• Map your career path and explore the exciting world of cyber engineering and ethical hacking;
• Pinpoint the most critical skills and qualifications you need;
• Discover the various ways you can learn with IT Governance to build your career;
• Access exclusive offers, discounts and free resources; and
• Get answers to your career development questions during our live Q&A with Jeremy Green.

Webinar Agenda

• The significance of CIR and key stages in the incident response process using NIST SP 800-61 Revision 2.
• Live CIR tabletop ransomware and phishing attack exercises with audience participation.
• Responses and techniques to mitigate the impact of cyber security incidents.
• GRCI Law’s CIR products and how they can benefit your organisation.

Whether you’re just starting to build your incident response programme or looking to improve your existing system, this webinar will provide valuable information and actionable guidance to help you succeed.

Webinar Agenda

• An introduction to cyber incident response management and why it is crucial for your survival;
• Building a dedicated and well-trained cyber incident response team with NCSC-accredited qualifications;
• Key strategies and best practices for maximising your cyber incident response capabilities;
• How CyberComply incident response management and cyber incident response retainers can support your incident response programme; and
• Practical solutions and advice to help you start your cyber incident response programme.

In the last ten minutes of the webinar, we’ll take questions from attendees. Make sure you take advantage of this opportunity to address your cyber incident response concerns.

Panel Agenda

• The critical systems and assets that organisations should prioritise for penetration testing;
• The key steps involved in a successful engagement;
• Strategies to maximise the value of penetration testing results; and
• Common misconceptions and limitations when conducting penetration testing.

Whether you’re new to it or looking to enhance your existing practices, this panel discussion will give you the knowledge and advice you need to approach penetration testing effectively.

Join us for an informative and engaging discussion that will help you understand the importance of penetration testing and how it can be used to strengthen your organisation’s security defences.

He discusses:

• The 2023 cyber and privacy threat landscape;
• The importance of cyber security as a board-level concern;
• The strategy to build cyber defence in depth;
• Leadership and management’s role in adopting a cyber-defence-in-depth strategy; and
• Practical steps and best practices for implementing a cyber-defence-in-depth mindset within your organisation.

Watch this webinar to find out more about:

• What Cyber Essentials is and why certification is critical to your survival in 2023;
• The benefits of certifying to Cyber Essentials;
• The controls covered under the Cyber Essentials scheme;
• The difference between Cyber Essentials and Cyber Essentials Plus;
• The five-step methodology to achieving Cyber Essentials certification; and
• Cyber Essentials solutions and advice.

Agenda:

• The key lessons organisations need to learn from 2022’s most notorious cyber attacks.
• The cyber security and data protection best practices organisations should adopt.
• The challenges organisations face in 2023.
• How to prepare for the unpredictable and unexpected.

Watch this 45-minute webinar to find out more about:

• 2022 cyber attacks and data breaches in the news;
• The data breach processes organisations should implement to minimise risk;
• What your organisation should do to prepare for a data breach;
• What happens once a data breach is identified;
• Cyber insurance and how it can help in the event of a data breach; and
• Practical solutions to handle data breaches.

Watch this 45-minute webinar to find out more about:

• Security measures organisations should implement to minimise the impact of a successful attack;
• Cyber incident response management and what it means for your organisation;
• How to respond to data breaches and cyber attacks;
• Embedding incident response plans into your business continuity management system by implementing ISO 22301 standard; and
• Practical advice and solutions to help you respond to cyber attacks.

Watch this 45-minute webinar to find out more about:

• The third stage of your cyber-defence-in-depth strategy and what it means for your company;
• ISO 27001 and its role in demonstrating security best practice;
• Policies and procedures to ensure and demonstrate compliance with any regulations and standards;
• Supply chain security management;
• Audits and certification to standards; and
• Practical advice and solutions to implement a cyber-defence-in-depth-strategy.

Watch this 45-minute webinar to find out more about:

• Emerging threats and cyber attacks organisations face today;
• The protection stage and how to build your second layer of defence;
• Employee cyber security awareness training and their role as a crucial line of defence;
• Regular pen testing and how it can help you identify and protect against threats;
• How to implement a baseline level of security through certification schemes and standards;
• Practical advice and solutions to protect your organisation against cyber attacks.

Watch this 45-minute webinar to find out more about:

• The threats you face and where your cyber defences are most at risk of being breached;
• The detection stage and how to build the first layer of a cyber defence-in-depth strategy;
• The controls and measures your organisation should implement to detect security flaws;
• How regular vulnerability scanning and staff awareness training can help reduce risk; and
• Practical advice and solutions to help your organisation detect cyber threats and implement a cyber defence-in-depth strategy.

Watch on this 20-minute flash briefing to find out more about:

• Why it is important for organisations to implement cyber defence in depth;
• The five stages of a cyber-defence-in-depth strategy;
• The benefits of implementing a cyber-defence-in-depth strategy; and
• Practical steps to implement cyber defence in depth.

Agenda

Watch this 45-minute webinar to find out more about:

• The cyber threat landscape organisations face;
• Regulation changes and updates you need to be aware of;
• The challenges identified by our current user base; and
• How CyberComply can help you overcome these challenges.
• You will also gain insight into internal expert knowledge, agile development and after-sales support. The webinar will close with a Q&A session.

Join us for our anniversary webinar as we look at the past and future 20 years in cyber security. Alan Calder, founder and executive chairman of IT Governance and GRC International Group, discusses:

• The inception of cyber criminals and how we fought them in the early 2000s;
• IT Governance’s role in the evolution of cyber security and privacy management;
• COVID-19 and the shift to remote working and increase in security concerns; and
• The demand for cyber security skills and how cyber security will change in the future.

This webinar covers:

• Key legal cyber security changes as a result of cyber warfare;
• The US Cyber Security Act and the Cyber Incident Reporting for Critical Infrastructure Act of 2022;
• The new EU corporate accountability rules and what they mean for directors;
• The EU-US agreement on the principles for data transfer mechanisms to replace the Privacy Shield; and
• Practical steps to avoid non-compliance and implement a cyber-defence-in-depth strategy.

This 20-minute flash briefing covers:

• 2022’s headline cyber attacks and the critical infrastructure caught up in cyber warfare;
• State-issued warnings and cyber warfare defence initiatives;
• Cyber warfare tactics employed by threat actors;
• Addressing vulnerabilities in your supply chain; and
• Practical steps to implement a cyber-defence-in-depth strategy.

This 45-minute webinar provides insight into the key measures organisations should take to prevent a data breach, and what do following a breach to minimise losses and protect your organisation’s reputation.

It covers:

• The types of data breaches organisations face in today’s cyber landscape;
• The data breach processes organisations should implement to minimise risk;
• What your organisation should do to prepare for a data breach;
• What happens once a data breach is identified; and
• Practical solutions to handle data breaches.

Aimed at senior management, board members and heads of department, as well as cyber security and data protection professionals, this bite-sized session provides insight into the Russia cyber attacks on Ukraine and practical advice on how to reduce risk to keep your organisation above water as you navigate disruptions caused by cyber warfare.

To help UK organisations understand the cyber security implications a Russian invasion of Ukraine could bring, this 20-minute flash briefing provides insight on what the cyber security consequences would be.

It covers:

• Russian cyber attacks on Ukraine in the news;
• How the Russia-Ukraine conflict will impact procurement and supply;
• The impact Russia’s cyber attacks on Ukraine could have on organisations worldwide; and
• Practical steps organisations should take to build cyber defence in depth.

In this panel discussion, our security tester, cyber incident responder and systems and security engineer will analyse specific vulnerabilities and attacks, and provide insight into how cyber criminals deploy attacks, the impact they have on organisations, and how to prevent and respond to such threats.

This 45-minute panel discussion discusses:

• The most successful vulnerabilities exploited by attackers;
• Offensive and defensive approaches to handling vulnerabilities;
• The controls and measures organisations should implement to reduce risk; and
• How to respond to cyber incidents.

We are delighted to bring together our cyber security, privacy and incident response experts to help you understand the challenges you can expect to face this year and how your organisation can prepare for and prevent cyber threats.

Our panel answered pre-submitted and live questions from those attending on:

• The key lessons organisations need to learn from 2021’s most notorious cyber attacks;
• The cyber security and data protection best practices organisation should adopt;
• The challenges organisations face in 2022; and
• How to prepare for the unpredictable and unexpected.

To help you understand the impact of data breaches resulting from human error and how you can reduce the risk, Alan Calder, IT Governance’s Executive Chairman, will discuss the approaches organisations can take to protect themselves.

This 20-minute flash briefing covers:

• The types of human error that lead to data breaches;
• The cost of human error and recovery;
• How to reduce human error; and
• Solutions to implement a staff awareness programme.

This webinar covers:

• Current email security threats and incidents affecting organisations;
• How hybrid working shifted requirements to a new governance approach to security systems and processes;
• The effects of data breaches due to human error on operations and the implications for your staff’s mental health; and
• Practical steps to implement a staff awareness programme and build a security culture.

Educating your employees about how phishing attacks are carried out, as well as implementing and maintaining appropriate security controls to mitigate them, is critical for your organisation’s survival.

Watch our live flash briefing to find out:

• How organisations are affected by phishing attacks and what they can do to prevent them;
• What we can learn from a headline data breach that occurred in October 2021;
• The benefits of training your staff to identify phishing emails, ransomware, and other threats; and
• Practical steps to implement a phishing awareness training programme.

Organisations must consider additional risks to the confidentiality, integrity and availability of corporate information as well as compliance requirements and cyber security risks.

Watch this webinar to discover:

• How the shift to hybrid working impacts organisations;
• The privacy and cyber security risks organisations face during and after the transition to a hybrid working model;
• Key areas organisations must consider when operating under a hybrid working model; and
• Six practical steps to successfully implement hybrid working.

Download this 20-minute flash briefing, to learn about one of the major cyber attacks that hit the headlines in July 2021 and the benefits of security testing in reducing cyber risk. The webinar provides a high-level overview and practical advice on how to prevent attacks, and the steps organisations need to take to mitigate risk.

This briefing will cover:

• The July 2021 headline cyber attack: what went wrong and how it could have been mitigated;
• How penetration testing can help reduce cyber risk;
• The pros and cons of penetration testing; and
• How our penetration testing solutions can help your organisation.

Our cyber expert will discuss:

• What cyber incident response is and why it is important;
• What protect, detect and respond means;
• The phases of cyber incident response;
• What an organisation needs to have in place before a cyber incident occurs; and
• Where an organisation can go to learn more.

Colonial Pipeline: The major fuel pipeline was hit by a ransomware attack that caused the US government to issue emergency legislation as the operator took itself offline in order to attempt to restore its services.

Ireland’s Health Service Executive: The service was forced to shut down its entire IT network as a precaution following a significant ransomware attack, which caused a maternity hospital to cancel all routine appointments.

Our experts also outline the ICO’s (Information Commissioner’s Office) upcoming guidance on ransomware attacks and incident response, and discuss the ICO’s warning that it will also review an organisation’s compliance with the GDPR (General Data Protection Regulation) for suspected breaches when notified of a ransomware attack.

This briefing covers the following:

• An overview of the rapid rise of ransomware attacks.
• What went wrong: how did Colonial Pipeline and Ireland’s Health Service Executive fall victim to these attacks?
• The anatomy of a ransomware attack.
• How to prepare for, protect yourself from and respond to such an attack.
• What does the ICO’s upcoming ransomware and incident response guidance mean for your organisation?

An organisation’s ability to identify and respond to cyber incidents promptly can assure their survival. In this webinar, we examine the key challenges SMEs face when responding to a cyber attack and how to successfully prepare for an incident, covering:

• The cyber threats organisations have faced in 2020;
• How to assess your organisation’s cyber incident response capabilities; and
• How to improve your ability to identify and respond to incidents and potential data breaches.

Attend our webinar to learn about cyber security risks and how to prepare and protect your organisation. It covers:

• The top seven cyber risks, and the impact of a cyber attack on Cambridgeshire businesses;
• Common attack methods in the context of COVID-19;
• [Channel Partner] Cloud security tips to reduce the risk of cyber threats;
• The cost and ramifications of cyber attacks; and
• How to educate your staff to prevent and reduce the impact of cyber crime.

Building and maintaining a security culture is the only truly effective measure to address the human factor as part of your security threat prevention strategy. Attend this webinar to learn about:

• The accidental and malicious human threat impact on SMEs;
• Social engineering and the benefits of staff awareness training to reduce the risk of cyber security incidents;
• The role of policies and procedures in reducing the human threat;
• Securing organisation-wide commitment to your cyber security staff awareness programme; and
• The key steps to implementing an effective cyber security awareness programme.

By examining cyber threats and your risk appetite, considering scenarios that can affect business activities, your organisation can take significant steps towards improving its overall cyber security. Providing insight into how an organisation can do this with limited resources, the webinar covers:

• Threat actors, motivators and their impact on SMEs by industry;  
• The pros and cons of vulnerability scans and security testing; 
• The key areas SMEs should address to reduce cyber risks; and
• Quick wins to improve your cyber security posture.

Taking advantage of the current lockdown period to prepare for and prevent cyber attacks, and to train employees on imminent privacy and cyber risks, is key to organisations’ survival and their ability to respond to future challenges.

This online panel discussion provided guidance and advice to those leading a project to transition back to business as usual. It is particularly suitable for change managers, heads of operations, heads of HR, chief information security officers, legal counsels and data protection officers.

Get answers to your questions around:

• The cyber and privacy risks organisations need to consider as they plan for the lockdown to ease;
• The key information security, legal and privacy measures employers will need to put in place during the transition period;
• The main privacy and cyber risks and opportunities employers must take into account as they return to business as usual; and
• What we learned during this lockdown period and what organisations should do differently if there are further lockdowns.

In this on-demand online panel discussion, IT Governance brings together cyber security and privacy experts to discuss the key cyber security and privacy challenges during the COVID-19 crisis.

The panel answers three prepared questions that organisations concerned about privacy and cyber risk have frequently asked over the past month. The panel then takes questions from the audience to provide advice and guidance on measures to prevent and reduce the risk of data breaches and cyber attacks.

Get answers to your questions around managing the heightened cyber security risks related to home working, such as ransomware and phishing attacks, the increase in data privacy risks posed by remote working, and managing GDPR compliance while working from home.

Panellists

• Camilla Winlo, Director of Consultancy Services, DQM GRC
• Geraint Williams, Chief Information Security Officer, GRC International Group
• John Potts, Head of DPO, DSAR and Breach Support, GRCI Law Limited

This webinar aims to outline the key benefits of insourcing your cyber security operations by discussing:

• Identifying and prioritising cyber risks.
• What does effective cyber risk management look like?
• How do you resource a cyber risk management team?
• An overview of core cyber security competencies vital for success.
• Options for optimising scare skills and resources.

This webinar will cover:

• The cyber security landscape and the need for cyber resilience.
• An overview of the IT Governance Cyber Resilience Framework.
• The recommended four-step approach to cyber resilience.
• The importance of standards and supporting frameworks.
• Establishing a governance structure and reporting on progress

This free webinar explains what the Cyber Essentials scheme is and the role that it plays within the Cyber Resilience Strategy for Scotland and the UK. You will also learn the expectations and deadlines for achieving Cyber Essentials certification.

This webinar covers:

• An overview of the GDPR and NIS Directive compliance frameworks.
• Similarities and differences between the GDPR and NIS Directive.
• GDPR – what the law states.
• GDPR – what the law implies: considerations and incident response management as an essential means of providing data privacy, data protection and cyber resilience; reporting requirements.
• NIS Directive: what it is; operators of essential services (OES); digital service providers (DSPs).
• Technology considerations.
• Competent authorities and reporting requirements.
• General incident response management concepts and the CREST methodology.

This webinar will cover:

• What is CIRM?
• Definitions: event and incident.
• Current cyber threat landscape: example threats, threat actors, attack vectors, attack surfaces.
• The cyber kill-chain.
• Cyber attack example: Target.
• Incident response process: CREST.

This webinar covers:

• Reporting incidents.
• Identifying critical assets.
• What should be included in the incident response plan.
• Typical attack scenarios.
• How can IT Governance help?