Cyber Security: The Insider Threat including Social Engineering

Over recent years breaches involving Insider Threats, especially in Financial Services have increased in prominence and occurrence. An Insider Threat may arise from employees, former employees, contractors or business associates who have inside information or access to an organisation’s assets.

The Threat may be from unintended consequences, for example through error leading to process corruption, or intentional, for example, by unauthorised access to systems or information – in both cases, leading to loss of valuable information, theft, fraud or disruption.

Within the Financial Services Sector, the Insider Threat continues to be one of the major causes of data breaches. As the regulatory pressures increase and the expectation from Supervisory Authorities steps up, the impact of a breach for an organisation includes potentially hefty financial costs as well as major reputation and trust repercussions. With the cost of non-compliance to new regulations such as MiFID II and the GDPR/DPA being higher than ever, organisations in the Financial Sector must find effective ways to address this issue.

Certified by GCHQ, this course will help delegates understand the Cyber Threat landscape and profile; and to explore the motivations behind the Insider Threat. It will describe the key roles that line managers and HR have to play, and the influence and impact of human factors on Cyber Security resilience within organisations.

Key Learning Objectives:

• Overview of the Cyber Security Threat landscape
• Understanding of what is meant by the Insider Threat, both malicious and non-malicious, with examples/case studies from the Financial sector
• Understanding of potential indicators and motivations; and how to mitigate risks through prevention, detection and deterrents
• Understanding of evolving threats, including social engineering and why best practices in social media are critical
• Overview of key regulations and legislation and consequences of non-compliance
• Understanding of the importance of best practice leadership and governance
• Understanding of the key roles of HR, Line Managers and IT
• Consolidation of learning through relevant scenarios

• Senior leaders, managers and people managers
• Key roles within areas such as HR, Cyber Security and Information Assurance

Rekha Babber

Rekha Babber is the Managing Director for Templar’s Cyber Academy which offers a wide range of training and development solutions. She has led the development of courses, with the Templar Academy now offering an extensive portfolio of courses certified by GCHQ.
As a GCHQ Certified Trainer herself, Rekha has extensive experience of delivering courses and workshops to Boards and seniors across the private and commercial sector. Her training expertise is consolidated by experience in consultancy, delivering audits, leading on transformation programmes and mentoring in this area. Rekha is also a certified ISO27001 Lead Implementor.
Formerly, Rekha was responsible for Leadership and Management training and development at British Airways and has managed her own Learning consulting and coaching business.

12:30 Networking Lunch

• A sandwich lunch will be provided and an opportunity for you to network with the trainer and other delegates

13:30 Introductions and objectives for the workshop

• The Cyber Threat landscape and trends - focus on the Financial Sector with real examples and scenarios
• What is meant by the Insider Threat

14:30 Legislation, FCA Regulations and consequences of non-compliance

15:00 Coffee/Tea Break

15:15 What needs to be protected and why; consequences of a breach

• Holistic approach, encompassing leadership, policy, governance, processes, people and information and communications technology

15:45 Social engineering and examples of tools

• Potential indicators and motivators
• Best practices in social media and risk mitigation strategies

16:20 Fostering a positive culture

• Importance of leadership and governance
• Key roles of HR, IT and Line managers
• Supply chain and third parties

16:50 Q&A, Feedback and Close

IA Member £375.00 +VAT
Non-Member £450.00 +VAT

Pay using a credit card online, or if you wish to be invoiced please email your full details to: Training@theia.org

PLEASE NOTE: Full payment for the course must be made prior to the course commencement date.

Any cancellation must be made in writing. For all cancellation received 15-30 days prior to the course start date, 50% of the course fee is still payable. No refund is given for a cancellation made 14 days or less prior to the commencement of a course. Transferring from one course to another is treated as a cancellation. You can substitute one delegate for another at no additional cost. In this instance, please give two business days’ notice.