SEC 303 Cybersecurity Simplified: for Non-Technical Users

SEC 303 Cybersecurity Simplified: for Non-Technical Users

by | Aug 24, 2021 | Specialist security training

SEC303: Cybersecurity Simplified for Non-Technical Users

 

Course Duration: 2 Days

Cybersecurity is a major concern for everyone, but it doesn’t have to be complicated

Course Introduction

This training is designed to simplify cybersecurity for non-techies. It looks at cybersecurity from a user’s perspective.  It will teach you how to protect your data on any device from anything that could breach digital security and privacy when communicating on the Internet. It is about creating and maintaining basic digital hygiene. The focus is on the actions you could take today to greatly improve your cybersecurity and protect yourself, family and business.

At the end of the training, you will understand security principles, and how to use them to implement simple security hygiene that would result in huge benefits to your digital security.

For the ease of understanding, we have treated Cybersecurity from the user’s perspectives by answering the simple question. What can I do to be safe online and manage my privacy?  The answer to this question can be divided into four main areas of cybersecurity, and privacy. These are

  • Device security
  • User account security
  • Communication security
  • Privacy

The course will teach you several security principles, and how to implement them in real life. Finally, you will get written plan to follow. The subjects covered include how to strongly improve your security by easily implementing the following:

Training Content

Password Management

Each user must manage access to tens, if not hundreds of websites today. It can be confusing and hard to manage password due to the number of passwords that need to be managed. As a result, passwords are repeatedly used on multiple sites. In cybersecurity, this is the first problem that needs to be solved. In this section you will learn how to manage all your account in a central location and properly manage your account credentials in a secure way.

Two factor authentication (2FA)

Using password only is not the strongest form of authentication. Therefore, the user of two factor Authentication (2FA) is highly encouraged. Although, this will increase your security, it creates a new challenge of managing these 2FA codes. So, it is important to know how to manage and backup these 2FA system.

Disk encryption

Disk encryption is not for spies or criminals who have something to hide. Encryption is a legitimate cybersecurity controls which can help you increase security whether you have something to hide or not. It can also help in improving your privacy by protecting confidential information on your computer.

However, encryption is not widely used by users due to the perseived complexity. Your emails, payment information, and other types of information can be protected using different forms of encryption that are easy to use. This section will teach you the types of encryptions that are available to you as part of your security measures for cybersecurity and how to implement them correctly.

System security

Proper security measures should begin with the system. You will learn to secure your system by implementing good Operating Systems security. Setup endpoint security to detect and stop possible intrusion into your system.

Browser security

The browser has become the major tool we use daily. As such, the browser is on the firing line daily from phishing attack, malware, and hackers who tries to make use of misconfigurations or bugs in the browsers to gain access to the system. It is important to choose a secure browser, but also learn to maintain it regularly. Learn to use security extensions that greatly improve your security on the internet.

Mobile security

Mobile phones are used today for everything, from simple telephone calls, and chat to Internet banking. A compromised phone is a compromise of your life. Learning to secure your phone and maintaining security all the time is a highly recommended kills to have.

Backup security

With the proliferation of phishing and ransomware attack, many people are starting to learn about the importance of good backup system. However, it is still very difficult for non-technical people to implement a backup system that could resist a ransomware attack. The goal of this section is to teach you how to implement a good backup system that could mitigate a ransomware attack.

Lock up social media

Social media is a major source of risk to cybersecurity, and online safety. Posting of too many personal information increase your exposing to cybercrime. The chance that a successful phishing attack would work on you partly depends how much information Cyber criminals can learn about you. Many of the information They need can be found on your social media posts and profiles. It is very important to learn how to secure your social media profile and stay safe online.

Email security

Email is still a major way of communicating. However, many of the old problems of email, such as spam, and phishing are still there. Although, there are lots of technologies to deal with these problems, they are not often implemented. As a result, most people are still using email unsecurely.  This section will teach you the types of security available to you to secure your email communications, and how to implement them.

Virtual Private Network (VPN) on all devices

Using a VPN will add a layer of protection to your Internet traffic, and could stop bad actors from seeing your private information. Learn to setup, and use VPN daily because it is designed to provide two things. Privacy of your communication, and confidentiality.

  • This solution provides users the ability to access a private network even though they are not physically connected to it.
  • Allow remote employees access corporate resources without compromising security and prevent information leakage.
  • Improve your online privacy on the Internet to hide web traffic from networks that are not trusted. Hide your Internet Protocol (IP) address and encrypts the data that you send over the Internet while you are connected to a VPN.
  • Provide security when you access public Wi-Fi networks at airports, cafes or hotels. Hackers often use public network to attack users of those networks.

Wi-Fi security

Wi-Fi is everywhere. Hackers are also out there to attack you on a Wi-Fi. There are many ways you can secure your Wi-Fi connection at home and when under way. This section will teach you the types of attacks that Wi-Fi networks are vulnerable to, and how to protect against them.

Network segmentation

No matter how small a network is everyone, and every device on the network are exposed to each other. If you let other people access your Wi-Fi network once, they will always have access anytime they are in the area unless you change the Wi-Fi password. Once they have access, they can also access other devices on your network even when you are not at home. This is one reason you would want to divide your network into several partitions or security zones so you can place devices in separate security zones depending on the security requirement.

Internet Safety for all

In this section you will learn how to prevent websites from tracking your every move, and how to protect everyone in your household, or your business.

  • Implement strong privacy on your browsers.
  • Setup strong traffic filtering system for the entire family and control it on your routers.
  • In this section you will learn how to use free tools to setup DNS filtering on your home or small business network to protect your privacy and reduce phishing attack and other malicious activities online.
  • Learn how to set up DNS redirection to stop all malicious site request.

IoT security

If you have security cameras, baby monitoring, smart TV’s and other smart devices then you have IoT devices. These devices are not only connected to the Internet but are constantly exposing your privacy to the internet daily. Many of these devices are not secured because there is no security inbuilt and those with security inbuilt are not properly configured. Learn about simple steps to take to secure your IoT devices and be one step ahead of the attackers.

There are different types of security measures you could implement to prevent any uninvited guests from finding you and your family. This section will give you simple steps to secure your smart gizmos or gadgets from being hacked into. It will also show you how to setup strong security measures to protect you, and your family.

Who Should Attend?

If you are a non-technical user who wants to protect yourself from hackers, this training is for you! You don’t need any prior knowledge or experience with cybersecurity to take this course. It’s designed specifically for non-technical users who want an easy way to learn the basics of cybersecurity as quickly as possible.

How To Attend

This is a 2-day training. To attend, please contact use at:

SEC 201: Stop Ransomware and Phishing Attacks before they happen

SEC 201: Stop Ransomware and Phishing Attacks before they happen

by | Jun 15, 2021 | Ransomware, Specialist security training

SEC 201: Advanced Security: Stop Phishing & Ransomware Attack

 

Course Duration: 2 days

Learn How To Stop Phishing & Ransomware And Recover From Attack.

Course Introduction

Ransomware is no longer a threat, but rather a clear and present risk to businesses of all sizes. Ransomware assaults have increased in the last two years. The ransom requested has risen as well. Many major organizations with sophisticated IT infrastructure and a significant number of skilled security personnel have also been infiltrated and forced to pay millions of dollars in ransom.

This demonstrates that, regardless of how robust your IT infrastructure is, ransomware can be directed at anybody or any organization. The major reasons for this are that most attacks employ phishing to get the payload inside organizations, and every organization uses email.

This two-day in-depth course is intended to educate organizations with information on ransomware and to assist them in preparing for a ransomware assault. It will assist organizations in knowing what to do when they are attacked and responding correctly and quickly to the assault.

This course goes beyond the standard advice given to organizations; it is intended to teach administrators and security engineers how to create greater protection by examining the many attack routes and learning how to reduce the risk provided by each.

Training Content

Ransomware Infection Vectors

  • What are the most frequent infection vectors utilized by attackers, and how can you counter them?
  • The Most Common Exploit Kits Used by Attackers and Why They Work
  • What can you do about these tools, and how can you prevent them from entering your network?
  • The Command and Callback (C&C) and Compromise Indicators
  • How to Detect a Ransomware Infection on Your Network

Ransomware Incident Response Plan:

  • The Lifecycle of an Incident Response
  • Making a strategy for incident response in the event of a ransomware attack.
  • Creating a ransomware response policy – pay or not pay the ransom
  • What are the first crucial measures you must-do if you are attacked?
  • Understanding the Compromise Incident Response Indicators:
    Containment and detection
  • How to Spot an Attack in Its Early Stages
  • Learn how to stop a ransomware assault.
  • Eradication and Recovery of Incidents
  • How to Recover from a Ransomware Infected Computer
  • Recovering Local and Network Files
  • Tools and resources for combating ransomware

Email Security

  • Improve the security of your email system to reduce the danger of ransomware.
  • Reduce the possibility of email domain spoofing and phishing attempts.
  • Implement email encryption and digital signatures to prevent impersonation of business employees.
  • Have systems in place to identify and remove possible email-based threats.

Developing Ransomware Countermeasures

  • Improve the security of your email system to reduce the danger of ransomware.
  • Reduce the possibility of email domain spoofing and phishing attempts.
  • To prevent impersonation of corporate employees, use email encryption/digital signatures.
  • Have systems in place to identify and remove possible email-based threats.
  • Finally, we will look at some of the finest anti-ransomware techniques.
  • What risk-mitigation measures do you have in place?
  • What role do insurance companies play in the fight against ransomware?
  • Learn to implement the best strategies for safeguarding your company against ransomware.
Who Should Attend?

This course is intended for professionals who are responsible for planning, protecting, and responding to ransomware events inside their organization. It is intended for anybody interested in learning more about ransomware and how to mitigate it in the organization, as well as those who are responsible and accountable for the security of information systems:

  • IT managers
  • Chief Information Security Officers (CISO)
  • Information Security professionals
  • System Administrators
  • Security Engineers
  • Incident Response Managers
  • Operational Managers
  • Risk Managers

How To Attend

This is a 2-day training. To attend, please contact use at:

Security Training and Tutoring

Security Training and Tutoring

by | Jan 17, 2021 | Our Programs, Specialist security training

Consulting In Cybersecurity Skills development

Improving Cybersecurity Personel Performance

Optimize Your Information Security Results Today!

Get A Free Consultation
Get Started

Do More With Less

Optimize Your Training Budget And Get More Results

Information Security has become vital to every business. Data breaches have led to the demise of some organizations. Today, business leaders and government regulations demand that organizations make information security a high priority. Organizations are expected to have  someone responsible for information security.

However, having someone with the title such a Chief Information Security Office (CISO) to head information security is not always practicable for many organizations due to various constrains.

Therefore, our security training support program is designed to combine practical training with support of security professionals in the implementation of security in their organizations.  The goal is to combine security training with practical implementation. We help you take steps to create quick wins in information security with the resources you already have.

Our Security Training & Mentoring Program

Train People to take action and not just pass a certification Exam

Security And Tutoring  Service
Our Security support program combines training and tutoring that helps small & medium size businesses manage their own information security program with the resources they have.

Phishing Simulation
Through our security awareness program companies gets a phishing simulation program that helps their employees avoid serious security pitfalls.

Cloud Security Consulting
The cloud is a major challenge for modern business today. We teach you the best way to use cloud services and still ensure data safety and protection from hacking attacks.

Security Audit And Assessment Training
We teach and provide you the knowledge to have clear visibility into the vulnerabilities in your company and carry out an Information Audit and self-assessment.

Business Security Support
We educate  and provide you with a one-one tutoring with high-quality security advice and know-how to take step-step actions and to implement security in your businesses.

Roadmap To Empower Your Organization

Step 1: Orientation Meeting

The orientation meeting is a free one-hour virtual meeting with you to discuss and find out what you are trying to archive. Based on the findings from this meeting we can create a working plan that meet your needs.

Step 2: Planning

Based on the result of the orientation meeting we will set up a training plan which will cover the theory and practical hands-on implementation of the subject matter based on what you are trying to archive in your organisation.

Step 3: Working session

This series of 3-hours training workshop consist of teaching of the theory and practical knowledge of the subject. Our instructor will work with the participants to learn how to implement the security program in reallife based on company goals and objectives.

Step 4: Work Review

There will be a review at the end of a series of 3 hours working sessions to determine if more time is needed to complete the work or the participant have enough knowledge to move further on their own. The instructor will be available for further tutoring in the future as needed. 

Risk Management Case Study

In this case study you will see how you can leverage the time and resources spent on traditional training to get better ROI from training by combining our training program directly into on the job practical experience.

GDPR Compliance Case study

Combine training with the practical implementation of GDPR in your company. See how staff can learn about GDPR at the same time and actually create policies and setup plans and start putting this plan into action at the same time.

WE CAN PROVIDE  INFORMATION SECURITY TRAINING AND TUTORING IN THESE AREAS
  • ISO 27001 Certification support
  • Setting Up Risk Management Program
  • Identity and Access Management
  • Security Alignment with Organizational Goals and Objectives
  • Developing security awareness program
  • Setup Security Programs
  • Security Policies development
  • GDPR  (Privacy) implementation
  • Building Security into System Development LifeCycle (SDLC)
  • Threat Modelling
  • Incident Management
  • Security Monitoring and Management
  • Business continuity Development

 

Get In Touch

Erfstede 4b
3431 KH
Nieuwegein
info@intellfence.com

Understanding Zero Trust Security (ZTS)

Understanding Zero Trust Security (ZTS)

by | Dec 2, 2020 | Specialist security training, workshops

SEC 103 Understanding Zero Trust Security (ZTS)

About the Zero Trust Security (ZTS) Course

This 2-day intense course focuses on this new way of thinking about network security. Learn about the fundamentals of Zero Trust Security and how to start with its implementation in your company. During the training you will learn the following:

  • Introduction to Zero Trust Security
  • Zero Trust vs traditional perimeter security?
  • Why do we need Zero Trust Security?
  • Why is the Zero Trust Model Important?
  • Understanding micro Segmentation
  • Implementing a perimeterless Design
  • Identity management for Zero Trust Security
  • The Pillars of Zero Trust Security
  • Device Trust
  • User Trust
  • The five steps to a Zero Trust network
  • How to architect a Zero Trust network
  • A look at some vendor implementation of Zero Trust Security Model
  • Zero Trust Security in the Cloud using  Cloud Access Security Broker (CASB)

At the end of this course all participants will understand what Zero Security is and able to determine if it will be useful for their company and how to get started with it.

Target Audience

This training course is intended for professionals who would like to keep up to date with the new technology and apply them in real life environment.

  • CISO’s
  • Security Risk Managers
  • Security Engineers
  • Information Security Managers.
  • Information Security Directors.
  • All other security professionals who want to be kept up to date.

 

Intellfence Logo

WE TEACH YOU INFORMATION SECURITY SKILLS  TO USE YOUR ABILITIES THROUGH OUR MASTERING PROGRAM

Learn More

© 2021 Intellfence BV. –  All Rights Reserved

Intellfence BV
Erfstede 4b 
3431 KH
Nieuwegein

info@intellfence.com

 

HOME
ABOUT INTELLFENCE
SECURITY BLOG
CONTACT-US

TERMS OF SERVICE

Understanding Data Loss Prevention (DLP)

Understanding Data Loss Prevention (DLP)

by | Dec 2, 2020 | Data Loss Provention, Security Management, Security Risk Management, Specialist security training, workshops

SEC105 Understanding Data Loss Prevention (DLP)

About the Data Loss Prevention (DLP) Course

Data Loss is one of the biggest security challenges faced by companies today. This pose significant risks to the organization in terms of compliance to regulations, financial and reputational risk that can result from a breach of confidential data. Organization needs to find ways to protect their data and keep the customer’s data secure through. Data Loss Prevention (DLP) systems is one of the method used for this. It helps organizations to identify, monitor, and protect data in use and in transit.

The workshop will focus on the following topics:

  • Overview of data prevention.
  • The need for data loss prevention.
  • The risk of Data Loss to the organization.
  • A look at leading data loss prevention systems.
  • Understand and learn to implement Data Loss Prevention Solutions to meet the data protection needs.
  • Implement DLP systems with Security Information and Events Management (SIEM) systems.

The Online Classroom includes:

  • Access to recordings and course content for 360 days.
  • Interactive flash cards to reinforce learning
  • Independent reading and learning activities
  • Case studies and real-world scenarios
  • Knowledge checks after each domain
  • Post-course assessment questions to gauge exam readiness

Target Audience

This training course is intended for professionals who would like to keep up to date with the new technology and apply them in real life environment.

  • CISO’s
  • Security Risk Managers
  • Security Engineers
  • Information Security Managers.
  • Information Security Directors.
  • All other security professionals who want to be kept up to date.