Awareness training is designed to address one problem that computers cannot solve: how to make people behave securely. Although most security incidents can be attributed to human error, when given proper training, humans can detect and prevent novel attacks that computers will miss. By helping employees understand how security breaches occur and how cybercriminals operate, organisations can defend themselves more effectively, and minimise the damage from successful attacks.

The Chain's security awareness training sessions raise awareness through an engaging presentation, real-life war-stories and hacking demonstrations.

What your staff will learn:

• Personnel safety
• Technical security
• Physical security
• How to respond to an incident

Topics include email safety, phishing threats, password selection, social media and privacy risk, and working safely from home or while travelling.

All organisations that process credit card transactions must meet the requirements of the Payment Card Industry Data Security Standard (PCI DSS). Many organisations struggle to understand and comply with the Standard.

This presentation provides newcomers an introduction to PCI DSS.

Attendees will learn about key PCI requirements such as:

• Requirements on penetration testing and scanning
• The need for Wi-Fi assessment
• Testing of network segmentation
• Tough controls over user account management
• Training developers in secure coding practices

There will also be some reminders and clarification on often-misunderstood areas such as:

• Network documentation and asset inventories
• Storage of cardholder data
• Risk assessments
• Incident response planning

Who should attend?

Typically professionals in IT, compliance, finance, and legal, as well as anyone else who is involved with PCI compliance.

This short lecture offers an insight into the fascinating world of digital forensics. Electronic evidence is everywhere and holds many secrets about our activities – public and private. Courts and industrial tribunals are seeing increasing amounts of electronic evidence. Failing to understand and properly handle electronic evidence can lead to missed opportunities and legal disasters. This presentation aims to increase awareness of the subject so that organisations are better placed to deal with incidents and respond to litigation.

After a short explanation of the theory and application of forensics a series of case studies are used to teach attendees when, where and how to use forensics.

Objectives

The presentation is designed to provide an understanding of what digital forensics is and show just how effective it can be in supporting a wide range of investigations and disputes. The session will also outline the investigative process and highlight some of the common mistakes made when handing electronic evidence. After the course attendees will know how to utilise forensics investigations in their own organisations.

What will you learn

• The role of digital forensics in corporate, private, civil and criminal investigations
• Electronic evidence can prove and disprove many different allegations
• Legal considerations – employee rights and privacy obligations
• Deleted, hidden and encrypted information can still be recovered

Content

• What is digital forensics?
• Understanding the many different types of electronic evidence, including email, documents, deleted data, internet and file access history
• The investigative process, preserving evidence and maintaining the chain of custody
• Selected case studies from the following: money laundering, information/IP theft, fraud, harassment.

Target audience

Litigation teams, in-house legal counsel, internal auditors, compliance and risk officers, MLRO’s, HR, IT, security staff, directors, other senior management and anyone likely to be involved in dealing with an investigation or litigation.