Armed with motive and skill, hackers and internal bad actors continue to release more sophisticated exploits taking advantage of opportunities and “weaknesses” in our environments. Tomorrow’s auditor needs to know more than just the terms and concepts regarding cybersecurity.
Auditors need to be able to assess the effectiveness of an enterprise’s Cybersecurity program. They need to understand what controls are needed, where the controls should be positioned and how to perform substantive tests to assess the controls reasonable effectiveness specifically related to cybersecurity.
During this training attendees will explore cybersecurity through a series of lecture segments reinforced by related scenarios based on actual events which are designed to reinforce the attendee’s knowledge of effective control design and execution along with warning signs and investigative techniques. We will simulate an actual cybersecurity program audit, vulnerability and threat analysis and cyber risk assessments giving attendees the opportunity to conduct a series of exercises which are designed to establish or reinforce the attendee’s knowledge of effective control design and execution.
By the end of the session attendees will be armed with additional knowledge of how to implement and assess controls and how, as auditors, they can be a valued player in their organizations “Cyber Defense Team”.