STANDARDS AND BEST PRACTICE
It is an accepted fact that general security-awareness training is the cornerstone of any effective information security practice, and security awareness training is a key requirement in almost every security compliance framework and cyber insurance policy.
DotSec will work with you to provide customised training and testing material that is relevant, entertaining, and based on over 23 years of cyber experience
ENGAGING CONTENT FOR ALL
Don’t let your users sit through hours of boring classes. Our clients participate in a customised, on-line training program that provides regular reinforcement of your information security policies and procedures.
DotSec delivers online (SCORM 1.2 or hosted) security awareness training, meeting best-practice goals, and reducing business risk. Without a solid security-awareness program, no amount of technology will be successful.
LIABILITY AND RISK MITIGATION
Liability issues are more commonly raised thanks to the Notifiable Data Breaches (NDB) scheme, the National Privacy Principles, and the increasing need for cyber-security insurance. Add to that the recent changes to CPS 234 and it’s clear that training is a must.
Cyber-security training can help to address cyber-security insurance coverage and director’s liability requirements.
Compliance, insurance and best practice
Security compliance frameworks like PCI DSS, IRAP and ISO 27001 require organisations to have a general security awareness program for all personnel. However, each compliance framework has a different emphasis and this will be reflected in the awareness-training material.
Choose the right training material to suit your needs. For example, many insurance underwriters require general security awareness training that addresses recognised control guidelines such as ISO 27002 or the CIS Controls V8. PCI DSS training material, while similar, focuses on the secure collection, processing and management of payment-card data. And IRAP training material will focus on information classification, media handling and incident reporting requirements.
DotSec will work with you to provide customised training material that is relevant, entertaining, and based on over 23 years of infosec implementation and training experience.
Address compliance & liability issues
Meet compliance and cyber insurance requirements, and demonstrate due diligence on the part of senior management in managing risk.
Our customised courses include professional voice over, as well as interactive content and scenario-based learning
REduce risk and improve process
Communicate clearly what is expected and acceptable when using your organisation’s ICT services.
There is less chance of mistakes happening if everyone is on the same page, and formal training will support disciplinary procedures should one of your staff ‘go rogue’.
Reduce security incident COSTS
By reducing the number and severity of security incidents, organisations save reputational, clean-up and liability costs.
Trained personnel who are well-trained, engaged and alert to threats are less likely to be duped by clever attackers.