Ensuring that your organization has the basics of cybersecurity sorted is a key step towards preventing and mitigating cybersecurity risk. However, establishing exactly what should be ‘essential’ for your organization can be a fraught process. The purpose of this Security Cybersecurity Essentials course is to explain and discuss commonly recommended ‘Essentials’ from the Essential Eight (from the Australian Signals Directorate) and the Critical Controls from CERTNZ, to ensure attendees can make an informed decision when choosing or prioritising these controls.) The course embraces that a “One-size-fits-all” approach to cybersecurity is seldom helpful when seeking to minimize organizational risk. The course also covers other potential sources of cybersecurity advice (NIST, NZISM).
Target audience and course pre-requisites:
The Cybersecurity Essentials course is appropriate for any staff with roles or responsibilities which include responses to or planning for Cybersecurity risks. Technical knowledge of systems is helpful but not required for this course.
Specifically, it is recommended that you have the following skills and knowledge before starting this course:
- Have experience with organisation-specific IT infrastructure and practices.
- Have an interest or remit in identifying or implementing cybersecurity risk reduction strategies for your organisation.
- Have some responsibility for cybersecurity practices in your organisation.
This course explains the ‘Essential Eight’ and the Critical Controls security practices as recommended by the Australian Cybersecurity Centre and NZCERT, respectively. It also covers a variety of common web vulnerabilities and common security misconfigurations.
Upon completion of this course, you will be able to:
- Evaluate the costs and benefits of each of the "Essential Eight" security controls.
- Identify how well tested your organisations perimeter has ben to cybersecurity threats.
- Evaluate the maturity level of your organisation across different areas of cybersecurity.
- Understand different types of threat actors and the risks they pose.
- Understand key risk mitigations (including reputational, financial, regulatory and technical risks).
Module 1: The Essential Eight and other critical controls
- What are the Essential Cybersecurity Controls?
- How important and practical are each of these controls for your organisation?
- What can you do if you can't manage some of these essential controls?
Module 2: Modern threat actors
- What's the difference between targeted and opportunistic attackers?
- What are the current most common and impactful attack types?
- How do the "Essentials" protect against these actors and attacks?
Module 3: External and Web vulnerabilities
- What are the most common web vulnerabilities?
- How can a detection and response process for these help inform your risk decision?
- How can you keep track of your changing cybersecurity risk?
Dr Elf Eldridge is a security consultant for ZX Security. Dr. Eldridge has been working as a penetration tester and security auditor for over 5 years, and has extensive experience delivering technology courses to both public and private sector organisations. Previously he taught computer science, engineering, physics and mathematics at Victoria University of Wellington from 2013-2017 after obtaining his PhD through The MacDiarmid Institute for Advanced Materials and Nanotechnology.
Currently scheduled workshops
Want to run it at another time or place, or in-house?
Indicative cost for public workshops. Please contact us for in-house pricing
|All ITP Financial Members||$300.00 + GST / $345.00 incl GST|
|Staff of Corporate Partners (20% Discount)||$344.35 + GST / $396.00 incl GST|
|Non-Members||$430.43 + GST / $495.00 incl GST|
This is an indicative cost only. Actual cost will be confirmed with you. Minimum numbers and other conditions apply.