Training & Awareness
Training & Awareness programmes for staff throughout an organisation are key pre-requisites for both Information Security and Data Protection. There is also a particular need to ensure that those designing and developing new systems have this awareness at the earliest possible stage. Using its knowledge of current threats, ISAS customises the content to reflect a client's experience and regulatory environment.
Information Security Awareness
Ensuring that staff are alert to the potential threats an organisation might face is a vital non-technical defence. An educated workforce complements all the technical defences that an organisation has put in place to provide effective security.
ISAS have developed programmes to sensitise staff to their role in protecting their organisation's ICT security. "InfoSec Awareness Training" (Basics and Advanced) sessions are key to the empowerment of staff to make smart and informed decisions when it comes to potential 'cyber' threats.
These sessions are tailored to the specific industry sector, risk appetite and culture of an organisation.
'Phishing' and Social Engineering assessments for an organisation can be used as metrics in the measurement of the level of awareness amongst staff of Information Security threats.
By repeating the assessments, the effectiveness of awareness and training sessions can be demonstrated.
Data Protection Awareness
ISAS has extensive experience of explaining the evolution of legislation in this area and enabling staff to recognise issues of personal data protection. Data Protection Basics, Data Protection Specialists and Data Protection Champion Awareness Training and customised mentoring sessions are tailored training sessions for a client's particular circumstances.
These can transform the level of awareness and individual responsibility understanding when it comes to dealing the Personal Data an organisation is processing. These are more than just GDPR training courses and go to the heart of privacy.
Data Classification/Data Marking
Data Classification is a foundation principle to all good Data Governance. If an organisation’s staff members are aware of their organisation's classification scheme, and how to use it in a practical and efficient manner, the effectiveness of Data Governance is transformed. Particularly with the move to Cloud and Software as a Service solutions, Data Classification, Data Marking and appropriate technical controls are vital.
ISAS can help with training and awareness in this area and ensuring staff understand the implications of over and under classifying data.
The experience of our consultants makes them credible and persuasive trainers in their respective arenas. As we are often delivering training as part of a wider engagement, we are able to make the content particularly specific to attendees' contexts.