As we enter the era of Digital Transformation information is becoming an increasingly critical asset that must be protected. International terrorism and increasing cyber theft and fraud has placed the need for information security high on the agendas of Both governmental and private sector organisations. Information security has been a capability that has been for too long ignored or not given the attention it deserves. Failing to do so is an unacceptable business risk for many organisations but this risk is still not taken as seriously as it should be by many organisations.
Is your organisation implementing Information Security processes and measures? Are you worried about the people and behavior issues relating to security? Are you struggling to get Information security on the agenda and taken seriously?
Many organisations think IT technology solutions are the answers to minimise or avoid security risks, but they forget that the behavior of employees are even more important.
Many employees do not adhere to the security policy, they don’t see the need, they don’t understand. As a result the company is wide open to being attacked, as security criminals are targeting behavior more and more.
Many organisations still do not have effective security awareness initiatives, involving their customers, providers and employees in the early stages of the security programs. As a result there is a lack of understanding and the program is often seen as an IT program, not as a corporate program.
Scenario The owner of a Tokyo Bank has decided to organise an exhibition of 3 world famous art objects in the Tokyo Museum. A criminal team called Oceans 99 has plans to steal the objects. The team consisting of museum owners, a transport manager, a security advisor and a project manager is responsible for realising this project. The team has to develop an information security policy, perform a risks analysis to identify threats, risks and vulnerabilities and execute a strategy for dealing with these risks. The team will transport the objects from the museums to the Tokyo Museum, but Oceans 99 is not to be underestimated. After each round the team will receive feedback as to how well they protected the objects and will have time to improve. Will the Sponsor (the Tokyo bank) realize a Return on Investment or will the exhibition become a drama.
The simulation will be customized towards your specific learning objectives. In general these are the main objectives:
Learn the key processes for managing Cyber Security
Learn how to organise your security roles and responsibilities, both business and IT
Learn how to recognise and deal with all kinds of Cyber Security issues
Learn how to balance different interests with the organisation: operations vs security
Learn how security frameworks such Resilia or ISO27001 can be used