Today, even with the evolution of technology, an organisation’s greatest weakness, irrespective of how much a company spends on technical systems, interventions, surveillance and or external consultants, is the human factor. The truth is that your security is only as strong as the weakest link. The greatest risks are still associated with internal human error and negligence. An organisation’s security is only as strong as its human resources. This is because an organization’s ability to address security risks is largely influenced by its internal (human) capabilities, and the manner in which these are equipped to prevent and manage security breaches.
The readiness of the human capital, supported by technology and business processes, is often the Achilles heel of an organization’s threat mitigation strategies.
GCS consequently places great emphasis on assisting companies in preparing their members of staff to withstand, and respond to, the threats posed by security risks. GCS Europe’s ultimate objective is to train organisations from operational liability to cyber warriors. This is achieved through a comprehensive portfolio of Awareness and Training Offerings, including but not limited to:
- awareness presentations in relation to cyber security,
- staff behavior change management (specifically with respect to phishing threats),
- skills development for IT practitioners (including simulation of cyber-attacks and mitigation approaches) and
- crisis management for company executives.
This portfolio of training and awareness interventions are aligned with global best practices and are offered in partnership with recognized, credible and accredited Institutions and organisations.
The courses are presented by our experts and partners, each with a wealth of experience and insights in their fields of competence.
GCS has been providing security training to a diverse range of organizations globally for many years, providing both high level and technical security training to different audiences. Our team of experts combines extensive knowledge in security and technological expertise, and has first-hand experience in developing educational awareness sessions and delivering interactive and memorable awareness workshops, tailored to an organization’s needs, sector and environment.
GCS’s security awareness training for an organization’s employees includes information on the very latest security threats and trends. The material is developed using recent case studies and examples.
Training sessions are specifically developed and tailored to an organization. GCS’s approach to security awareness training is based on basic rules that are essential to any successful training:
- Simple and Direct (clear goals and outcomes)
- Accurate to Policy (customised to meet the organization’s requirements)
- Employee relevant
- Engaging, interactive and memorable
- Channel appropriate
Our training aims to bridge the gap between knowlegde and action.
The training is typically conducted in limited groups (up-to ~ 25 employees, except the Cyber Simulator which is limited to 6 trainees per session), thereby enhancing the learning process and enabling an environment whereby the employee is open to learn, exposed to new material and encouraged to engage with the subject matter.
Training follows a structured approach, including:
- Training is supported by full documentation and typically accompanied by some form of assessment and appropriate certification (attendance and competency);
- Training facilitators and assessors are typically, and where required, trained and registered with appropriate international training providers;
- Moderators are also professionally trained to verify the quality of the training content prior to certification.
| CODE | TRAINING PACKAGE | TARGET RECIPIENTS | DESCRIPTION | DURATION |
|
CY-001
CY-003
|
Executive Crisis Management – Media/Messaging Training and awareness
(An optional add on Module to Cyber Readiness Simulation) |
Executive decision makers / C-Suite | This intensive programme focuses on dealing with media messaging and communications on the management of cyber incidents before, during, and after any cyber incidents.(Optional – live media camera crew). | Three-hour interactive workshop |
| CY-002 | Cyber Awareness and Readiness Training (Tailored) | Company staff members | These interventions are tailor-made to suit the needs of the organization, and includes practical and real-life examples to convey powerful messages to the audience | Modules last for 3 hours.Basic 1x moduleAdvanced 2x module |
| CY-004 | PCI DSS Compliance (Payment Card Industry Data Security Standard) |
Back office staff | Applies to companies of any size that accept credit card payments. | Tailored to clients requirements. |
| CY-005 | Cyber Readiness Simulation: Executive Workshop | Executive decision makers / C-Suite | This workshop aims to raise the readiness level of Executives in the event of a Cyber-attack and to test the familiarity and effectiveness of the organization’s “Crisis Management Plan”. The outcome is an increase in cyber resilience at all levels, improved decision-making in cyber scenarios, and response to security incidents. | Initial preparation and consultation, followed |
| CY-006 | Phishing attacks | All staff members with access to the internet | A yearlong staff behaviour-change intervention aimed specifically at mitigating the risks associated with phishing attacks – through awareness, education, and effective behaviour change. | Regular campaigns and interactive engagements over a 12- month period. |
| CY-007 | Interactive User behavioural training | All company staff members | A People Centric Security mobile application to mobilize the organization against the rapidly growing cyber threats. | Interactive engagements over an agreed period. |
| CY-008 | Responsible social media & social networking | All company staff members | An intervention designed to raise awareness of the risks involved in social media and social networking actives. | Integrated according to client requirements. |
| CY-009 | Real time Cyber Attack & Defence Simulations | CIO/CTOs, including IT professionals | Utilizing our unique simulator, which is configured to match the client’s IT environment, we simulate multiple types of attacks, based on the current global threat landscape, allowing IT professionals to gain valuable experience and insights in dealing with cyber- attacks. | Up to five days simulation at the GNL Cyber training facility |
| CY-010 | Secure Development Training | Developers | Understanding the various development frameworks and best practices, relating to cyber security when designing, writing, and implementing applications. | Conducted over a 2-day period. |
| CY-011 | Educational/Academic training on Cyber Security | IT professionals | Accredited training modules on Cyber Security in partnership with Ariel University, Israel. | Available on request |
| CY-012 | SCADA (Supervisory Control And Data Acquisition) | Various – Under Development | Available on request | Various – Under Development |
| CY-013 | GDPR 2-3 hour Executive decision makers / C-Suite Executive course | Executive decision makers / C-Suite | This is an engaging and interactive workshop which explores the new obligations upon businesses imposed by the EU General Data Protection Regulation which comes into effect in May 2018.The seminar is tailored to meet the unique needs of senior management in their leadership of the organization to be GDPR ready in time for the regulation’s application.Participants will be introduced to the uncluttered complexities of the new regulatory framework, and the leading role which management must play to prepare. | 2-3 hours |
| CY-014 | GDPR 1 day basic fundamentals course (in-house) | All company staff members | The GDPR fundamentals course reviews all of the basic requirements for organisational adherence to the legislation. It provides sufficient detail to identify issues within organisations and enables companies to move towards identifying solutions. | 1 day |
| CY-015 | GDPR 2 day detailed general course | All company staff members | A comprehensive in depth analysis of GDPR legislation. Presented by legal and cyber-security experts. The course framework is thorough and specialised. Participants will get up to speed with GDPR incl. fundamentals and delicate nuances. It is a guide of all compliance aspects and is designed to assist companies in identifying all aspects of the legislative requirements. | 2 days |
| CY-016 | GDPR 2 day foundation DPO (Data Protection Officer) course | Junior or new DPO (Data Protection Officer) | 2-day course covering fundamentals of GDPR and foundation of DPO role and responsibilities. Targeted to the role of the DPO functions, responsibilities etc. It is designed as a key education tool to get DPOs up to speed and enable them to fulfil the roles legislative requirements. | 2 days |
| CY-017 | MiFID II
(Markets in Financial Instruments Directive II) |
Various – Under Development | These courses are aimed at covering security issues that come with MiFID II. | Under Development |
| CY-018 | NIS
(EU Network and Information Security Directive) |
Various – Under Development | These courses are aimed at covering security issues that come with NIS. | Under Development |