Phishing and other forms of social engineering regularly top the list of information security threats that organisations are most concerned about. These attacks target people, not technology.
People are the largest, most accessible attack surface for criminals. But blaming end users as the 'weakest link' or single point of failure in organisational security doesn’t achieve anything. If you work in security, it's very easy to forget that security isn’t most people’s 'day job'.
If an incident occurs because a member of staff was not trained or supported effectively, is the incident their fault, or their employers?
This course offers practical advice for developing a fresh approach to information security awareness and training, a key component of a strong security culture.
- A cross-organisational, strategic approach to information security training and awareness
- Encourage a strong, positive security culture and mindset across all staff, not just security or IT teams
- Engage and involve staff and users as part of your security defences
Who should attend
The course is intended for staff who are responsible for or contribute to information security communications, education, awareness and training activities.
This includes staff responsible for developing and delivering organisational training and communications activities, as well as IT and security teams.
What we cover
- Setting the right tone around security
- Rethinking security advice and guidance
- Creating a strong security culture and mindset
- Making security advice relevant and accessible
- Measuring success
On completion of this online course, you will be able to:
- Implement a strategic approach to information security training and awareness activity, including ways to measure its impact and effectiveness
- Develop a range of timely, accessible communications and training activities across the information security curriculum
- Recognise common information security misunderstandings and misconceptions, and how to address them
Pricing and eligibility
- Jisc members - £125 + VAT
- Non-member - not-for-profit - £150 + VAT
Member types and VAT information
- Jisc members - Typically publicly funded FE, HE and Research institutions
- Non-members - Eligible local government, public sector, private/independent education providers and non-profit customers
- VAT - is charged at 20% of the value of the service. If you are a member of Jisc’s VAT-exempt cost sharing group, and you are able to provide confirmation of the exact taxable/exempt use of the service, we will be able to reduce the amount of VAT chargeable to reflect the taxable business use proportion of the service only. This additional information is required as a result of a change to HMRC policy. Please contact firstname.lastname@example.org if you require more information.
For more information, email email@example.com or phone 01235822242.
Join the community
Get support and connect with like-minded peers by joining our cyber security community group.
You may also be interested in our simulated phishing and associated training framework to equip your users with the skills and awareness to spot threats.
An easy route to procurement
We are an approved supplier on the Crown Commercial Service dynamic purchasing system (DPS). This provides a simple and trusted way for public sector buyers and our members to procure Jisc cyber security services and training.