Please use the links above to find what you were looking for.
You may not have been able to visit your page because of:
1. An out-of-date bookmark/favourite
2. A search engine that has an out-of-date listing
3. A mistyped address
4. You have no access to this page
5. The requested resource was not found.
6. An error has occurred while processing your request.
Organisations like yours have the evolving task of securing complex IT environments whilst delivering their business and brand objectives.
The threat to key systems is ever increasing and the probability of a security weakness being accidentally exposed or maliciously exploited needs to be continually assessed – such as via a penetration test – to ensure that the level of risk is at an acceptable level to the business.
A penetration test involves the use of a variety of manual and automated techniques to simulate an attack on an organisation’s information security arrangements – either from malicious outsiders or your own staff. Undertaking a series of penetration tests will help test your security arrangements and identify improvements. When carried out and reported properly, a penetration test can give you knowledge of nearly all of your technical security weaknesses and provide you with the information and support required to remove or reduce those vulnerabilities. Research has shown that there are also other significant benefits to your organisation through effective penetration testing, which can include:
Buy this guide and get the Penetration Testing Services Procurement Guide for free!
Augusta University’s Cyber Institute adopted the book “The Psychology of Information Security” as part of our Master’s in Information Security Management program because we feel that the human factor plays an important role in securing and defending an organization…We want our students to not only understand technical and managerial aspects of security, but psychological aspects as well.”
Director of Graduate Studies in Information Security Management
When implementing security polices, information security professionals are constantly faced with a conflict between the security team and the rest of the business. They must ensure that their organisation is adequately addressing information security risks, whilst also communicating the value of security appropriately.
David Ferbrache, Technical Director at KPMG UK, says “No approach can ever succeed without considering people – and as a profession we need to look beyond our computers to understand the business, the culture of the organisations, and, most of all, how we can create a security environment which helps people feel free to actually do their job.”
By gaining an understanding of the psychology of information security, you can ensure your security programme is a success.
Based on insights gained from academic research and interviews with security professionals from various sectors, this essential guide explains the importance of careful risk management and reveals how to align a security programme with wider business objectives, providing methods and techniques to engage stakeholders and encourage buy-in.
The Psychology of Information Security redresses the balance by considering information security from both end users’ and security professionals’ perspectives, and helps you to understand how a security culture, that puts risk into context, promotes compliance.
The Psychology of Information Security is part of the Fundamentals Series, co-published by IT Governance Publishing and Information Security Buzz.
The ISO 27034 standard provides concepts, principles, frameworks, components and processes to help organisations seamlessly integrate security throughout the lifecycle of their applications.
This part of ISO 27034 defines the processes required to manage the security of applications in the organisation, and introduces security-related elements of applications and the process for auditing the organisation normative framework (ONF).
It is aimed at a general audience as well as managers, members of the ONF committee, the ONF development team, domain experts and auditors.
The Certified EU General Data Protection Regulation (GDPR) Foundation and Practitioner Combination online course consists of the Certified EU GDPR Foundation (one-day) and Practitioner (four-day) training courses. This unique training programme provides a comprehensive introduction to the requirements of the GDPR, and a practical guide to planning, implementing and maintaining a GDPR compliance programme. It also enables attendees to fulfil the role of DPO.
Delivered by an experienced data protection consultant, this training session is built on the foundations of our extensive practical experience gained advising on the implementation and compliance with data privacy laws and related information security standards such as ISO 27001.
The course also supports professional development: attendees who pass the included online exams are awarded the ISO 17024-certificated EU GDPR Foundation (EU GDPR F) and EU GDPR Practitioner (EU GDPR P) qualifications by IBITGQ. It is also accredited by the Institute of Information Security Professionals (IISP) and satisfies the IISP Skills Framework requirements at Level 1: A1, A2, A3, A4, A5, A6, A7, B1 and C2.
Certified EU GDPR Foundation Online | Certified EU Practitioner Online |
---|---|
This Foundation-level course provides a complete introduction to the GDPR, and an overview of the key implementation and compliance activities. | This Practitioner-level course is focused on equipping attendees with the knowledge and skills to implement and manage an effective privacy and information security compliance programme under the GDPR, and fulfil the role of the role of DPO. |
Learn more | Learn more |
The tools are included free of charge for all attendees to use in the workplace.
Attendees take the EU GDPR Foundation (EU GDPR F) and Practitioner (EU GDPR P) online examinations: a 60-minute and a 90-minute multiple-choice exam, both certificated by IBITGQ. There is no extra charge for these exams. These course also support continued professional development programmes by qualifying attendees for 35 CPD/CPE credits.
There are no formal entry requirements.
Please note that attendees must pass the EU GDPR Foundation (EU GDPR F) exam before they can be awarded the EU GDPR Practitioner (EU GDPR P) qualification.
Please note that this course is delivered as a WebEx Live Online session at fixed times and on fixed dates throughout the year.
Attendees booked on this course are expected to have a reliable Internet connection at their home or office. We will check and confirm that you have the WebEx application installed, and that you can correctly log on to our WebEx training centre before the course.
On the last day of the course, you will be invited to take the EU GDPR Foundation (EU GDPR F) and Practitioner (EU GDPR P) exams. To sit the online exam, you will need: