Technology is a business-critical business capability in today’s day and age. Any interruption to an organization’s ability to use its information system poses a significant risk to its viability. Data breaches, cyber-attacks, and ransomware are examples of the most significant existential risks facing businesses today. There are threat actors worldwide that entirely focus on stealing organizational data, stealing economic resources, and disrupting commerce. They use complex social engineering attacks, pervasive phishing messages, intricate malware, and other highly effective techniques. For example, publically reported data breaches now exceed 100k annually. These breaches resulted in releasing the personal information of millions of people worldwide, billions of dollars of compromised organizational assets, and putting countless people in harm’s way.
This course covers recent major security breaches, including Solarwinds, Ubiquity, Colonial Pipeline, Tecnimont SpA, Citrix, and LabCorp. It will discuss how these breaches occurred, why they occurred, and how organizations can prevent similar incidents from impacting them. Each case study examines a different form of security vulnerability and how to avoid it. The topics will include social engineering, auditing processes for IT Security systems, forensic accounting, password, two-factor authentication, and improvements for managerial oversight. Participants will gain real-world knowledge from the mistakes of other organizations and, from that experience, develop their own security best practices for their organizations.
• Define social engineering and identify how to avoid becoming a victim of this threat
• List examples of password management procedures and identify related best practices
• Identify examples of best practices for securing technology assets, including Windows
• List examples of tactics that can minimize risks associated with ransomware and phishing
CPE credit: Recommended for 4 hours Information Technology
Program level: Basic
Who should attend: Professionals who are interested in improving security procedures