In this course, we use scenarios/examples to examine the threat of a cyber-attack and good practices on mitigating the risk. This course is designed for accountancy, finance and business professionals working in all organisations from small business, large corporates or financial services or who are just interested in learning more about the vulnerabilities organisations are exposed to and the options available to protect their organisation.
Class Deals by MOOC List - Click here and see EdX's Active Discounts, Deals, and Promo Codes.
With a focus on practical skills throughout, this course provides the ability to apply skills as well as understand them.
This course is part of the FinTech for Finance and Business Leaders Professional Certificate.
What you'll learn
- How to facilitate a risk assessment to identify the potential threats and the vulnerabilities they may exploit and the business impacts of a cyber-attack.
- Recognise that the risks are constantly changing and the need for continuous process improvement. Including how to monitor and report on the effectiveness of the cyber/information security practices.
- Understand how to manage an incident and the processes required to effectively respond and recover.
- Understand that effective security protection is a combination of people, process and technology and how to create a culture of cyber and information security.
- Understand the physical and logical access controls which should be implemented to adequately and appropriately protect the organisation’s information and technology resources.
- Understand the potential risk responses and mitigation actions to appropriately and adequately protect the business from the identified cyber risks.
Syllabus
1. Introduction
- Objectives of the course
- Outline of the cyber threat
- What’s different about cyber
2. The basic hygiene factors
- Secure configuration of IT infrastructure
- Malware protection
- Configuring network devices securely
3. Approach and effective access controls
- Implement approaches and effective access controls
- The importance of 2 factor authentication
4. Understand risks
- Principles of risk management
- Manging the risks effectively
5. Understand and manage third-party supplier risks
- Manging the full supply chain
- Information value and sensitivity
- Supplier impacts on service delivery
6. Understand and manage third-party supplier risks
- Manging the full supply chain
- Encouraging a cyber-security aware culture
- Words into actions
7. Respond and recovery
- Incident management capability
- Respond and recover plan for breaches
8. Continuous improvement
- The need for performance monitoring
- Defining appropriate KPIs
- Performance dashboard
9. Skills and resources
- The importance of access to the right skills
- The need for up-to-date training
10. Concluding themes
