Video Game

Understanding Cyber Security Risks

Offered bi-weekly on Mondays in one two hour CPE event

Cybersecurity challenges demand that an organization face two facts. First, the protection of critical company and customer information is a business requirement to protect the company's reputation and enterprise value. Second, even the best programs will experience failure and expose some information the company would like to protect.
 

We at Corporate Compliance Seminars believe confidence in security and privacy does not come from knowing nothing will happen; it is achieved by knowing all the things that can happen and preparing both proactive and reactive solutions. This holistic approach starts by understanding what is most important to Board Members and then structuring and supporting the cybersecurity program so that the organization is engineered to grow securely.
 

Corporate Compliance Seminars provides Understanding Cybersecurity as a risk oversight training course for board members, executives, management personnel and auditors. This course provides attendees with what they need to know and most importantly, what they need to do in order to keep data and devices secure to prevent breaches.
 

This event has been designed to meet the CPE education needs of executives, senior officers, board members and auditors. The event can be tailored for private presentation to your group with industry specific examples.


The retail cost of this 2 CPE seminar is $120.00 for the first attendee from a single organization.

Each attendee will receive 2 CPE Hours (YB). A certificate of completion will be provided.
 

Program Level of Understanding: Basic
Prerequisites: None
Advance Preparation: None
Delivery Format: Group Internet Based
NASBA Field(s) of Study: Auditing, Information Technology
CPE Credits: 2, based on 50 minutes of instruction per hour

Who should attend?

Members of an organization's board of directors, Presidents/CEOs, CFOs, lawyers, CPAs, auditors, compliance professionals and other organization advisors are invited. They will take away valuable practical information and skills necessary to improve the Tone at the Top concerning cybersecurity.

CPE Seminar Highlights

The purpose of this seminar is to provide each attendee with a high-level understanding of Cybersecurity and the Board's major fiduciary oversight and responsibilities concerning:

  • What is cybersecurity?

  • Traditional information security vs. cybersecurity

  • Key principles of cybersecurity oversight

  • What is an effective cybersecurity plan?

  • Questions to ask Management about the cybersecurity plan.

  • Situational awareness

  • Strategy and operations

  • Insider threats

  • Supply-chain and third party risks

  • Incident responses

  • After a cybersecurity incident

Learning Objectives

What you will hear at this seminar:

  • Cyber-Risk Threats by the Numbers

  • Principles of cyber-risk oversight

  • Identify the key components of a cybersecurity plan

  • Example questions to ask management about the cybersecurity situation

Key Concepts on the Agenda

Introductions
Section 1 - Executive Summary

  • What is cybersecurity?

  • Information security is complex.

  • Assume you will have a security breach.

  • Engage IT Audit and Security Leaders by asking good questions.

Section 2 - Board Guidance - Tone at the Top

  • Cybersecurity and the Board of Directors

  • Is cybersecurity an audit committee responsibility?

  • Building an effective cybersecurity plan.

  • Words of caution when dealing with risks.

Section 3 - Questions the Board Asks Management

  • Situational awareness questions

  • Strategy and operations

  • Insider threats

  • Supply-Chain and Third-Party Risks

  • Designing an Incident Response

  • After a cybersecurity incident

Section 4 - Sample Guidance

  • Top Cybersecurity Safety Actions

  • Holistic Cybersecurity

  • What is internal control?

Section 5 - Moving Forward with a Response

  • What are the contents of an Information Security Program?

  • How do you investigate an event?

  • Who needs to be notified of an event?