Cyber Security Free Resources

Join on this 20-minute flash briefing to find out more about:

• 2022’s headline cyber attacks and the critical infrastructure caught up in cyber warfare;
• State-issued warnings and cyber warfare defence initiatives;
• Cyber warfare tactics employed by threat actors;
• Addressing vulnerabilities in your supply chain; and
• Practical steps to implement a cyber-defence-in-depth strategy.

Join us on this webinar to find out more about:

• Key legal cyber security changes as a result of cyber warfare;
• The US Cyber Security Act and the Cyber Incident Reporting for Critical Infrastructure Act of 2022;
• The new EU corporate accountability rules and what they mean for directors;
• The EU-US agreement on the principles for data transfer mechanisms to replace the Privacy Shield; and
• Practical steps to avoid non-compliance and implement a cyber-defence-in-depth strategy.

Join us for our anniversary webinar as we look at the past and future 20 years in cyber security. Alan Calder, founder and executive chairman of IT Governance and GRC International Group, will discuss:

• The inception of cyber criminals and how we fought them in the early 2000s;
• IT Governance’s role in the evolution of cyber security and privacy management;
• COVID-19 and the shift to remote working and increase in security concerns; and
• The demand for cyber security skills and how cyber security will change in the future.

This 45-minute webinar provides insight into the key measures organisations should take to prevent a data breach, and what do following a breach to minimise losses and protect your organisation’s reputation.

It covers:

• The types of data breaches organisations face in today’s cyber landscape;
• The data breach processes organisations should implement to minimise risk;
• What your organisation should do to prepare for a data breach;
• What happens once a data breach is identified; and
• Practical solutions to handle data breaches.

Aimed at senior management, board members and heads of department, as well as cyber security and data protection professionals, this bite-sized session provides insight into the Russia cyber attacks on Ukraine and practical advice on how to reduce risk to keep your organisation above water as you navigate disruptions caused by cyber warfare.

To help UK organisations understand the cyber security implications a Russian invasion of Ukraine could bring, this 20-minute flash briefing provides insight on what the cyber security consequences would be.

It covers:

• Russian cyber attacks on Ukraine in the news;
• How the Russia-Ukraine conflict will impact procurement and supply;
• The impact Russia’s cyber attacks on Ukraine could have on organisations worldwide; and
• Practical steps organisations should take to build cyber defence in depth.

In this panel discussion, our security tester, cyber incident responder and systems and security engineer will analyse specific vulnerabilities and attacks, and provide insight into how cyber criminals deploy attacks, the impact they have on organisations, and how to prevent and respond to such threats.

This 45-minute panel discussion discusses:

• The most successful vulnerabilities exploited by attackers;
• Offensive and defensive approaches to handling vulnerabilities;
• The controls and measures organisations should implement to reduce risk; and
• How to respond to cyber incidents.

We are delighted to bring together our cyber security, privacy and incident response experts to help you understand the challenges you can expect to face this year and how your organisation can prepare for and prevent cyber threats.

Our panel answered pre-submitted and live questions from those attending on:

• The key lessons organisations need to learn from 2021’s most notorious cyber attacks;
• The cyber security and data protection best practices organisation should adopt;
• The challenges organisations face in 2022; and
• How to prepare for the unpredictable and unexpected.

To help you understand the impact of data breaches resulting from human error and how you can reduce the risk, Alan Calder, IT Governance’s Executive Chairman, will discuss the approaches organisations can take to protect themselves.

This 20-minute flash briefing covers:

• The types of human error that lead to data breaches;
• The cost of human error and recovery;
• How to reduce human error; and
• Solutions to implement a staff awareness programme.

This webinar covers:

• Current email security threats and incidents affecting organisations;
• How hybrid working shifted requirements to a new governance approach to security systems and processes;
• The effects of data breaches due to human error on operations and the implications for your staff’s mental health; and
• Practical steps to implement a staff awareness programme and build a security culture.

Educating your employees about how phishing attacks are carried out, as well as implementing and maintaining appropriate security controls to mitigate them, is critical for your organisation’s survival.

Watch our live flash briefing to find out:

• How organisations are affected by phishing attacks and what they can do to prevent them;
• What we can learn from a headline data breach that occurred in October 2021;
• The benefits of training your staff to identify phishing emails, ransomware, and other threats; and
• Practical steps to implement a phishing awareness training programme.

Organisations must consider additional risks to the confidentiality, integrity and availability of corporate information as well as compliance requirements and cyber security risks.

Watch this webinar to discover:

• How the shift to hybrid working impacts organisations;
• The privacy and cyber security risks organisations face during and after the transition to a hybrid working model;
• Key areas organisations must consider when operating under a hybrid working model; and
• Six practical steps to successfully implement hybrid working.

Download this 20-minute flash briefing, to learn about one of the major cyber attacks that hit the headlines in July 2021 and the benefits of security testing in reducing cyber risk. The webinar provides a high-level overview and practical advice on how to prevent attacks, and the steps organisations need to take to mitigate risk.

This briefing will cover:

• The July 2021 headline cyber attack: what went wrong and how it could have been mitigated;
• How penetration testing can help reduce cyber risk;
• The pros and cons of penetration testing; and
• How our penetration testing solutions can help your organisation.

Our cyber expert will discuss:

• What cyber incident response is and why it is important;
• What protect, detect and respond means;
• The phases of cyber incident response;
• What an organisation needs to have in place before a cyber incident occurs; and
• Where an organisation can go to learn more.

Colonial Pipeline: The major fuel pipeline was hit by a ransomware attack that caused the US government to issue emergency legislation as the operator took itself offline in order to attempt to restore its services.

Ireland’s Health Service Executive: The service was forced to shut down its entire IT network as a precaution following a significant ransomware attack, which caused a maternity hospital to cancel all routine appointments.

Our experts also outline the ICO’s (Information Commissioner’s Office) upcoming guidance on ransomware attacks and incident response, and discuss the ICO’s warning that it will also review an organisation’s compliance with the GDPR (General Data Protection Regulation) for suspected breaches when notified of a ransomware attack.

This briefing covers the following:

• An overview of the rapid rise of ransomware attacks.
• What went wrong: how did Colonial Pipeline and Ireland’s Health Service Executive fall victim to these attacks?
• The anatomy of a ransomware attack.
• How to prepare for, protect yourself from and respond to such an attack.
• What does the ICO’s upcoming ransomware and incident response guidance mean for your organisation?

An organisation’s ability to identify and respond to cyber incidents promptly can assure their survival. In this webinar, we examine the key challenges SMEs face when responding to a cyber attack and how to successfully prepare for an incident, covering:

• The cyber threats organisations have faced in 2020;
• How to assess your organisation’s cyber incident response capabilities; and
• How to improve your ability to identify and respond to incidents and potential data breaches.

Attend our webinar to learn about cyber security risks and how to prepare and protect your organisation. It covers:

• The top seven cyber risks, and the impact of a cyber attack on Cambridgeshire businesses;
• Common attack methods in the context of COVID-19;
• [Channel Partner] Cloud security tips to reduce the risk of cyber threats;
• The cost and ramifications of cyber attacks; and
• How to educate your staff to prevent and reduce the impact of cyber crime.

Building and maintaining a security culture is the only truly effective measure to address the human factor as part of your security threat prevention strategy. Attend this webinar to learn about:

• The accidental and malicious human threat impact on SMEs;
• Social engineering and the benefits of staff awareness training to reduce the risk of cyber security incidents;
• The role of policies and procedures in reducing the human threat;
• Securing organisation-wide commitment to your cyber security staff awareness programme; and
• The key steps to implementing an effective cyber security awareness programme.

By examining cyber threats and your risk appetite, considering scenarios that can affect business activities, your organisation can take significant steps towards improving its overall cyber security. Providing insight into how an organisation can do this with limited resources, the webinar covers:

• Threat actors, motivators and their impact on SMEs by industry;  
• The pros and cons of vulnerability scans and security testing; 
• The key areas SMEs should address to reduce cyber risks; and
• Quick wins to improve your cyber security posture.

Taking advantage of the current lockdown period to prepare for and prevent cyber attacks, and to train employees on imminent privacy and cyber risks, is key to organisations’ survival and their ability to respond to future challenges.

This online panel discussion provided guidance and advice to those leading a project to transition back to business as usual. It is particularly suitable for change managers, heads of operations, heads of HR, chief information security officers, legal counsels and data protection officers.

Get answers to your questions around:

• The cyber and privacy risks organisations need to consider as they plan for the lockdown to ease;
• The key information security, legal and privacy measures employers will need to put in place during the transition period;
• The main privacy and cyber risks and opportunities employers must take into account as they return to business as usual; and
• What we learned during this lockdown period and what organisations should do differently if there are further lockdowns.

In this on-demand online panel discussion, IT Governance brings together cyber security and privacy experts to discuss the key cyber security and privacy challenges during the COVID-19 crisis.

The panel answers three prepared questions that organisations concerned about privacy and cyber risk have frequently asked over the past month. The panel then takes questions from the audience to provide advice and guidance on measures to prevent and reduce the risk of data breaches and cyber attacks.

Get answers to your questions around managing the heightened cyber security risks related to home working, such as ransomware and phishing attacks, the increase in data privacy risks posed by remote working, and managing GDPR compliance while working from home.

Panellists

• Camilla Winlo, Director of Consultancy Services, DQM GRC
• Geraint Williams, Chief Information Security Officer, GRC International Group
• John Potts, Head of DPO, DSAR and Breach Support, GRCI Law Limited

This webinar aims to outline the key benefits of insourcing your cyber security operations by discussing:

• Identifying and prioritising cyber risks.
• What does effective cyber risk management look like?
• How do you resource a cyber risk management team?
• An overview of core cyber security competencies vital for success.
• Options for optimising scare skills and resources.

This webinar will cover:

• The cyber security landscape and the need for cyber resilience.
• An overview of the IT Governance Cyber Resilience Framework.
• The recommended four-step approach to cyber resilience.
• The importance of standards and supporting frameworks.
• Establishing a governance structure and reporting on progress

This free webinar explains what the Cyber Essentials scheme is and the role that it plays within the Cyber Resilience Strategy for Scotland and the UK. You will also learn the expectations and deadlines for achieving Cyber Essentials certification.

This webinar covers:

• An overview of the GDPR and NIS Directive compliance frameworks.
• Similarities and differences between the GDPR and NIS Directive.
• GDPR – what the law states.
• GDPR – what the law implies: considerations and incident response management as an essential means of providing data privacy, data protection and cyber resilience; reporting requirements.
• NIS Directive: what it is; operators of essential services (OES); digital service providers (DSPs).
• Technology considerations.
• Competent authorities and reporting requirements.
• General incident response management concepts and the CREST methodology.

This webinar will cover:

• What is CIRM?
• Definitions: event and incident.
• Current cyber threat landscape: example threats, threat actors, attack vectors, attack surfaces.
• The cyber kill-chain.
• Cyber attack example: Target.
• Incident response process: CREST.

This webinar covers:

• Reporting incidents.
• Identifying critical assets.
• What should be included in the incident response plan.
• Typical attack scenarios.
• How can IT Governance help?