About the Course
The National Cybersecurity Center is proud to present Cyber for Executives. This course is a two-day cybersecurity training event built especially for boards of directors, company executives and executive-branch public officials. The objective of this course is to create awareness, to educate, and to engender real understanding of the issues at hand regarding cyberthreats, defenses, detection and response. This course is designed to be a “handbook” of sorts so that attendees are reminded of what questions to ask, what metrics to follow and what legal and regulatory issues to watch out for.
Meet our cyber experts
WORLD CLASS SPEAKERS
please note: exact times, speakers and topics are subject to change
Defining the Audience, the Responsibilities and the Problem
- What are the governance and oversight responsibilities and what are the consequences of not getting it right? We are at the tipping point of cyber risk.
- Duty of Care
- What is cybersecurity and what is the current environment?
- The cyber risk of false confidence
- The Dark Web – what is it?
Cyber Risk Management
- Components of an enterprise-wide cybersecurity program
- Identifying the crown jewels – what are they, where are they?
- Cyber insurance
- Use of outside cyber expertise
- Having a cyber-knowledgeable member among you
Action Plan and Take-Aways
- Recurring calendar of oversight activities
- Questions to ask
- Who answers? External adviser, internal audit, trust the CISO?
- Governance metrics
- Third-party due diligence
- You as a 3rd party to others
Defining Cyber Incidents and Incident Response
- Types of threat actors
- Types of attack patterns: Crimeware, Cyber-Espionage, Denial-of-Service, Insider Threat, Errors, Theft/Loss, Web Application Attacks, Payment Card Skimmers, Point-of-Sale Intrusions
Defining Cyber Incidents and Incident Response (continued)
- Four stages of a cyber-attack: Protect, Defend, Respond, Recover
- High Risk Sectors for a cyber-attack: Accommodation, Education, Financial Services, Healthcare, IT/Tech, Manufacturing, Public Sector, Retail
Cyber Risk Management Frameworks
- What is a cyber risk management framework and why do we need them?
- NIST Cybersecurity Framework
- ISO 2700x
- Industry-specific Frameworks: HIPAA, PCI-DSS, NERC-CIP
Managing Enterprise-wide Risk
- Not all data and systems are equal
- Mitigate risk through internal security team/external professional services
- Transfer risk with cyber insurance
What went wrong? Decoding three major breaches in the news
- Financial Gain: Equifax
- Destruction: Sony Pictures
- Espionage: Office of Personnel Management
- Group discussion on most concerning aspects of the three attacks
Lunch & Review
Q&A with panel of presenters. This lunch will be available “to go” if you need to catch an earlier flight.Panel of Experts
Registration will open soon for this event.
Discounts are available: There is a discount on this course if you are an NCC member. NCC membership is $350 and your membership entitles you to discounts on all trainings, including the National Cyber Symposium. Click HERE for more information.