Organizations invest a significant amount of money and resources securing their systems and infrastructure with technology. But they spend little or nothing at all on training their staff on the proper implementation of security policy, or supporting plans, procedures and guidelines. As a result, the staff becomes the weakest cyber security link.
The most effective way to secure the human element is to establish a comprehensive security awareness program that goes beyond just compliance and changes user behaviors.
38North offers security training and awareness services that complement our full spectrum of cyber service offerings. We invest a great deal of time into getting to know our clients’ culture, business challenges and risk profile, so we are frequently called on to train staff once we’ve made changes and improvements to the security program. What often results is a tailored training program using case studies and examples from the client’s actual system environment.
By ensuring our training courses are within the context of organizational process and security controls, the staff can hit the ground running immediately after training.
38North offers the following types of security training:
- Security awareness training. Perfect for organizations wanting their users to understand the importance of new security initiatives after our security solutions are implemented. We typically design this course around the roles and responsibilities of each type of user (management, staff and technical personnel), which allows us to ensure the content isn’t any more than they need to know. In other words, we keep it short and sweet.
- Role-based security training. Usually recommended for technical personnel with significant IT and/or security responsibilities, including system administrators, network administrators, security analysts, business continuity specialists, incident response specialists, etc. Our role-based training goes into greater depth to cover complex issues such as technical configurations, incident handling and indications of different types of security compromises so they can be properly identified and mitigated.
Our security training courses can be packaged as either half-, one- or two-day sessions depending on your needs. We conduct most of our courses at your premises for your convenience and to allow for maximum participation. However, arrangements can also be made for an offsite location if needed.