Training and education

Specialised PCI and IRAP training

The PCI DSS and various controls from the ISM and PSPF all mandate security awareness training.  DotSec provides relevant, customised, online security awareness training that addresses each framework and meets your organisation’s PCI DSS and IRAP cyber-security compliance requirements.

General security awareness training

It is a well-accepted fact that general security-awareness training is the cornerstone of any effective information security practice.  DotSec can deliver online (SCORM 1.2 or hosted) general security awareness training to meet best-practice goals, and to reduce ongoing business risk.

Training for liability risk-mitigation

Liability issues are more commonly raised thanks to the Notifiable Data Breaches (NDB) scheme, the National Privacy Principles, and the increasing need for cyber-security insurance.  Cyber-security training can help to address cyber-security insurance coverage and director’s liability requirements.

Compliance, insurance and best practice

Security compliance frameworks like PCI DSS, IRAP and ISO 27001 require organisations to have a general security awareness program for all personnel. However, each compliance framework has a different emphasis and this will be reflected in the awareness-training material.

Choose the right training material to suit your needs. For example, many insurance underwriters require general security awareness training that addresses a recognised control framework such as ISO 27002. PCI DSS training material, while similar, focuses on the secure collection, processing and management of payment-card data. And IRAP training material will focus on information classification, media handling and incident reporting requirements.

DotSec will work with you to provide customised training material that is relevant, entertaining, and based on nearly 20 years of infosec training experience.

Engaging, on-line training via your SCORM-compliant e-learning system, or via our hosted training system.

No need to put your staff to sleep with boring, monotonous material:  DotSec’s training courses are lively and interactive, and engage the audience with real-life tales and anecdotes!  

Compliance schemes demand it, but infosec training also makes good business sense.

Realise the benefits that informative and entertaining infosec training has to offer:

Address compliance and liability issues

Meet compliance and cyber insurance requirements, and demonstrate due diligence on the part of senior management in managing risk.

Reduce costs associated with security incidents

By reducing the number and severity of security incidents, organisations save reputational, clean-up and liability costs.  Trained personnel who are engaged and alert to threats are less likely to be duped.

Reduce risk and improve business process

Communicate clearly what is expected and acceptable when using your organisation’s ICT services, and support disciplinary procedures should one of your staff ‘go rogue’.

Customised, professional content

We will customise course content to include your branding, policies and terminology. We can also tailor the content to the training needs of specific roles or groups. Our courses include professional voice over, as well as interactive content and scenario-based learning.

What training is best?

To comply with security frameworks like PCI DSS, IRAP and ISO 27001, your organisation needs a program that delivers general security awareness training for all personnel. In addition, specialised personnel such as privileged administrators and software developers require correspondingly specialised training!