Cyber Attack & Data Breach Preparedness, Response & Compliance Workshop
Recent cyber breaches at major corporations and government agencies have highlight the increasing sophistication, stealth and persistence of cyber-attacks that organisations are facing today – from nation-states, organised crime, and hacktivists, as well as threats from within the organisation (which often pose the greatest risk). A total of 1.5 million SingHealth patients’ non-medical personal data were stolen, while 160,000 of those had their dispensed medicines’ records taken too, according to MCI and MOH. Their personal data that include names, NRIC numbers, address, gender, race and date of birth were stolen by the cyber attackers including Prime minister Lee Hsien Loong’s personal data were also stolen by the cyber attackers. Many Singaporeans are feeling worried as their stolen personal data might have the possibility of targeted phishing attacks at a later data.
Our Biggest Challenge: How to Prevent and Respond Swiftly to Data Breaches
If the most robust defence system in Singapore can be infiltrated, how can businesses including SMEs deal with this challenge of protecting their information systems and digital assets – financial information, customer data, intellectual property – and the reputational and regulatory implications of failing to do so continue to raise the stakes of cyber security and governance. Investors and regulators are increasingly challenging boards to step up their oversight of cybersecurity and calling for greater transparency around major breaches and their impact on the business.
Learn How to Implement Data Breach Precautions, Safety measures for your Organization. We cannot stop the digital advancement, but we can conduct safety measures and precautions to prevent personal data breaches. Prevention is always better than trying to stop something that is inevitable.
1 Day Workshop on Data Security, Compliance Policy & Data Resilience in Your Organization (A Step by Step Guide)
Facilitated by Data Compliance Expert, Mr Sam Gibbins. This 1 Day hands-on workshop aims to equip you with the core competencies to devise and implement policies & practices required by data protection laws and ensure compliance in a cost effective and productive manner. Using the most recent real cases and scenario analysis, including previously imposed legal penalties, fines, business limitations, and licence revocations. This practical workshop will provide you with the most current understanding of the evolving regulatory scrutiny, consumer expectations and emerging risks.
Valuable Key Takeaways
- Identify the key components of cybersecurity architecture
- Describe key risk management tools, processes and procedures
- Understand different classes of attacks, including malware, viruses, worms, spyware, and ransomware
- Definite types of incidents including categories, responses and timelines
- Outline Data Risks, Social Engineering challenges, and Computer/Mobile Security which you can implement in your organization IMMEDIATELY
- Understand and manage compliance obligations under the Singapore Personal Data Protection Act
- Assess first line of defence impact for data protection and privacy, including customer data
- sharing and exchanging best practices for preventing and mitigating the occurrence of data breaches
- Classify the principles and objectives of the legislation in HK and Singapore including data breach notification management as well asthe offences and punishments in accordance to local legislation.
- Gain guidance & best practices from experienced and internationally renowned security and data privacy expert
- Cybersecurity Objectives
- Cybersecurity Roles
- Cybersecurity Principles: Confidentiality, Integrity, Availability
Cyber Crime Threats & Vulnerabilities
- Recognising the Threat
- Risk Assessments and Threat Vulnerabilities
- Known Vulnerabilities
- Cybercrime detection
Data Privacy Provisions
- Legislation and Regulation centred on data protection and privacy
- Individual and societal concerns over data collection, storage, and use
- The need to collect, disclose, and use, personal data
- Personal data versus corporate data
Data Protection Concepts (Singapore PDPA)
- Protecting Personal Data
- Consent, Purpose, Reasonableness
- Do Not Call; rights, responsibilities
Cyber Attacks & Breaches
- Operational Threat Environments
- What is malware?
- What are the different types of malware?
- Viruses & Worms
- Spyware & Trojan Horses
- The importance of security and data protection
- Data concerns; volume, use, storage and sharing
- Social engineering, phishing, tailgating, and malware
- Case Study
- Lazarus Group
Computer & Data Security
- Computer Security
- Wireless networks
- Non-secure computers
- Untrusted USBs
- Mobile security – tips on protecting data
- Data protection – remote data storage
- Software restrictions and licence breaches
- Incident response
Combating Cybercrime & Complying with Data Regulation
- Proactive Governance and a strong GRC Framework
- Moving away from the siloed approach towards integrated Preventive, Detection, and Response mechanisms
- Stress testing
- Disaster Response and Business Continuity Planning
Who will Benefit?
This workshop is designed for, but not limited to
- middle to senior level professionals who are involved in IT, Information Security and Data Protection management as well as legal practitioners.
- Policy maker, risk managers, auditors, internal legal counsel and practitioners that are interested in understanding and managing legal obligation for cyber data breach related issues.
- DPOs, Compliance, IT, Info System and employees from SMEs, MNCs and NGOs including the following sectors
- Financial & Banking Services
- Law Enforcement
- Critical Infrastructure
- Large Enterprises
- High Tech Companies
Discussion points and simulations, aligned with a structured training plan and real-life scenarios, allow individuals to develop the skills necessary for success. Handbooks will be used, but individuals are encouraged to make use of the sessions to take their own notes, practising the vital audio, visual and kinaesthetic skills which are vital in their role, learning how to process and store information which they will later be required to recall.
“Sam is very knowledgeable and very precise in explaining the concepts well.” – Chai Yoke Peng, Pioneer Electronics AsiaCentre Pte Ltd
“The trainer is very informative. He provides many real-life examples instead of reading off from the materials. Interesting and beneficial class!” – Rick Tay, Zico Allshores Trust (S) Ltd
“The delivery of the content is very interesting and kept the class well-engaged. His class is high-recommended as he gives practical information using real-life case studies” – Ong Choon Yam, Petrobras Singapore Private Limited
Digital Data Compliance Expert: Sam Gibbins (Certified Compliance Professional and Founder of Complilearn)
Mr Sam Gibbin is the Founder of complilearn, providing specialist and advanced Compliance learning to clients globally. He has extensive experience delivering content across a wide range of Governance, Risk, and Compliance areas, to a variety of industry sectors. Sam spent five years in Singapore working for the International Compliance Association, developing, building and promoting courses under the Financial Industry Competency Standards. Sam worked on the skills and competency-based development framework and associated courses, for Compliance and Anti-Money Laundering with the Asian Institute of Finance and the Asian Institute of Chartered Bankers (formerly IBBM), as well as with the Australian Financial Markets Association. In recent years he has helped establish a number of ‘Compliance Academies’ at global firms.
Sam has completed the Advanced Certificate in Training and Assessment with the Institute for Adult Learning, the in-house training division of the Singapore Workforce Development Agency. He possesses a BA (Hons) from King’s College, University of London, as well as a Diploma in Anti-Money Laundering from the International Compliance Association, a Certificate in Combating Financial Crime from the Chartered Institute for Securities & Investment (CISI) and is also a Certified Compliance and Ethics Professional (International) with the Society for Corporate Compliance and Ethics. He is a Certified Compliance Professional with, and a member of, the International Academy of Business and Financial Management.