Cyber Attack & Data Breach Preparedness, Response & Compliance Workshop
INTRODUCTION TO THE CYBER SECURITY COURSE
Recent cyber breaches at major corporations and government agencies have highlighted the increasing sophistication, stealth, and persistence of cyber-attacks which organisations are facing today – from nation-states, organised crime, and hacktivists, as well as threats from within the organisation (which often poses the greatest risk). A total of 1.5 million SingHealth patients’ non-medical personal data were stolen, and 160,000 of them had their dispensed medicines’ records taken as well, according to MCI and MOH. Their personal data such as name, NRIC number, address, gender, race, and date of birth were stolen along with Prime minister Lee Hsien Loong’s personal data. With the lack of cyber security practices in Singapore, Singaporeans are worried as their stolen personal data has the possibility of targeted phishing attacks at a later date. Demand for improved cyber security is ever growing. This course aims to educate executives in the field of cyber security, how to prevent future data breaches and actions to take.
Our Biggest Challenge: How to Prevent and Respond Swiftly to Data Breaches
If the most robust defence system in Singapore can be infiltrated, how can businesses including SMEs deal with this challenge of protecting their information systems and digital assets – financial information, customer data, intellectual property – and the reputational and regulatory implications of failing to do so continue to raise the stakes of cyber security and governance. Investors and regulators are increasingly challenging boards to step up their oversight of cybersecurity and calling for greater transparency around major breaches and their impact on the business.
Learn How to Implement Data Breach Precautions, Safety measures for your Organization. We cannot stop the digital advancement, but we can conduct safety measures and precautions to prevent personal data breaches. Prevention is always better than trying to stop something that is inevitable.
1 Day Workshop on Data Security, Compliance Policy & Data Resilience in Your Organization (A Step by Step Guide)
Facilitated by Data Compliance Expert, Mr Sanjeev. This 1 Day hands-on workshop aims to equip you with the core competencies to devise and implement policies & practices required by data protection laws and ensure compliance in a cost effective and productive manner. Using the most recent real cases and scenario analysis, including previously imposed legal penalties, fines, business limitations, and licence revocations. This practical workshop will provide you with the most current understanding of the evolving regulatory scrutiny, consumer expectations and emerging risks.
Valuable Key Takeaways
- Identify the key components of cybersecurity architecture
- Describe key risk management tools, processes and procedures
- Understand different classes of attacks, including malware, viruses, worms, spyware, and ransomware
- Definite types of incidents including categories, responses and timelines
- Outline Data Risks, Social Engineering challenges, and Computer/Mobile Security which you can implement in your organization IMMEDIATELY
- Understand and manage compliance obligations under the Singapore Personal Data Protection Act
- Assess first line of defence impact for data protection and privacy, including customer data
- sharing and exchanging best practices for preventing and mitigating the occurrence of data breaches
- Classify the principles and objectives of the legislation in HK and Singapore including data breach notification management as well asthe offences and punishments in accordance to local legislation.
- Gain guidance & best practices from experienced and internationally renowned security and data privacy expert
- Cybersecurity Objectives
- Cybersecurity Roles
- Cybersecurity Principles: Confidentiality, Integrity, Availability
Cyber Crime Threats & Vulnerabilities
- Recognising the Threat
- Risk Assessments and Threat Vulnerabilities
- Known Vulnerabilities
- Cybercrime detection
Data Privacy Provisions
- Legislation and Regulation centred on data protection and privacy
- Individual and societal concerns over data collection, storage, and use
- The need to collect, disclose, and use, personal data
- Personal data versus corporate data
Data Protection Concepts (Singapore PDPA)
- Protecting Personal Data
- Consent, Purpose, Reasonableness
- Do Not Call; rights, responsibilities
Cyber Attacks & Breaches
- Operational Threat Environments
- What is malware?
- What are the different types of malware?
- Viruses & Worms
- Spyware & Trojan Horses
- The importance of security and data protection
- Data concerns; volume, use, storage and sharing
- Social engineering, phishing, tailgating, and malware
- Case Study
- Lazarus Group
Computer & Data Security
- Computer Security
- Wireless networks
- Non-secure computers
- Untrusted USBs
- Mobile security – tips on protecting data
- Data protection – remote data storage
- Software restrictions and licence breaches
- Incident response
Combating Cybercrime & Complying with Data Regulation
- Proactive Governance and a strong GRC Framework
- Moving away from the siloed approach towards integrated Preventive, Detection, and Response mechanisms
- Stress testing
- Disaster Response and Business Continuity Planning
Who will Benefit?
This workshop is designed for, but not limited to
- Middle to senior level professionals who are involved in IT, Information Security and Data Protection management as well as legal practitioners.
- Policy maker, risk managers, auditors, internal legal counsel and practitioners that are interested in understanding and managing legal obligation for cyber data breach related issues.
- DPOs, Compliance, IT, Info System and employees from SMEs, MNCs and NGOs including the following sectors
- Financial & Banking Services
- Law Enforcement
- Critical Infrastructure
- Large Enterprises
- High Tech Companies
Discussion points and simulations, aligned with a structured training plan and real-life scenarios, allow individuals to develop the skills necessary for success. Handbooks will be used, but individuals are encouraged to make use of the sessions to take their own notes, practising the vital audio, visual and kinaesthetic skills which are vital in their role, learning how to process and store information which they will later be required to recall.
Sanjeev Gathani is a qualified Governance, Risk and Compliance Professional with more than 20 years of diverse experience in the Asia Pacific Region, helping entities in both public and private entities across a range of industries including not for profit organizations. He has provided his professional service career and advised clients in a variety of industries including but not limited to Manufacturing, Pharmaceuticals, Semi-conductor, Motor, Hospitality, FMCG, Construction and Professional services
Currently, he is the Chief Executive Officer and Knowledge Leader of Better Business Governance – APAC Pte Ltd (BBG), a boutique advisory and training firm. In 2018, he was appointed by RHT Academy as their Programme Advisor – G.R.A.C.E Series.
Additionally, he has also been awarded the credential of Full Member Corporate Governance Practitioner (MGP) by The Association of Corporate Governance Practitioner, United Kingdom. To further enhance his background, he obtained additional credentials including Certified Fraud Examiner, License Private Investigator (Singapore), Expert Court Witness and Certified Privacy Professional..
Specialization: Corporate Governance, Sarbanes Oxley, J-SOX, Internal Audit, Fraud Management, Compliance to Foreign Corrupt Practices Act (FCPA), UK Anti-Bribery Act, Data Privacy and Security and Integrated Risk Management.
- Certified Fraud Examiner (CFE)
- Data Protection Officer (DPO)
- Professional Certificate in Anti-Bribery & Compliance
- Licensed Private Investigator (Singapore)
- Certified Information Privacy Manager (CIPM)
- Cyber Security Practitioner Induction (CSPI)
- Expert Court Witness
- Full Member Governance Practitioner (MGP) UK
- Certified member of Governance Institute of Australia
- Governance, Risk & Compliance Professional (GRCP), United States of America
- Governance, Risk & Compliance Auditor (GRCA), United States of America
- Certified Internal Control Professional (CICP)
- Certified HR Professional (Talent Management)
- Certified Management Accountant (CMA)
- Exin – the global independent certification institute for ICT Professionals – Privacy and Data Protection Foundation
- Customer Service Professional (CSP)
- Advanced Toastmaster – Gold (ATMG)