COURS.

Cybersecurity for Engineers and Technical Professionals

Webinaire / les 21 et 22 novembre 2024 /
Code : 15-1138-ONL24

Inscrivez-vous
La confirmation du cours dépend de votre inscription. Inscrivez-vous tôt pour éviter que le cours soit reporté ou annulé.
  • APERÇU
  • PROGRAMME
  • FORMATEUR

APERÇU

Veuillez noter :
This course is held online over 2 days on the following schedule (All times in Eastern Time Zone):
10:00 am to 6:00 pm Eastern (Will include the usual breaks)

After participating in this course, you will be able to:

  • Explain and understand what social engineering is, the evolution of social engineering techniques, the motives of criminals using social engineering tactics, and the current most commonly used types of social engineering tactics
  • Name some real-life social engineering exploits currently being widely used by cybercriminals (use of AI, imposters, spoofing, malicious websites, and more) for which other engineers and technical professionals have been victims
  • Determine the types of harms that social engineering exploits have on the associated business, individuals who fell for the tactics, and the people associated with the personal data that was breached
  • Create protections to help individuals identify social engineering attempts, and steps to take to prevent the organization, and the individuals themselves, from falling victim to social engineering attacks, and key actions for investigating phishing and other types of social engineering attacks
  • Implement a variety of approaches to create awareness and training programs within your organization to protect against social engineering attacks, including considerations for choosing whether or not to use phishing campaigns to test your organization
  • Have access to additional resources to use to maintain ongoing privacy, security, and associated safety protections

Description
Engineers and all types of technical professionals have their professional and personal information exposed and targeted by criminals through their physical and digital footprints. These criminals target such professionals via snail mail, telephone, legal documents including bank checks, email, texting, online chats, social media sites, and more. They are all potential targets and are at risk for falling victim to social engineering attacks, such as phishing, identity spoofing, bogus websites, and more. All organizations have been targeted. Not only are new social engineering tactics emerging, but all the old tactics are also increasing in frequency.

To strengthen your resilience of your organization, systems and facilities against social engineering, engineering and technical professionals need to understand the wide and growing range of social engineering attacks. In this two-day course, Rebecca Herold, a world-renown practitioner, expert in and professor of information and technology security and privacy, describes how cybercriminals use a variety of social engineering tactics in general, and in particular within the chemical, civil, electrical, environmental, industrial, mechanical, municipal and general technical professions and industries.

Examples of the concepts are provided, along with descriptions and advice for planning how to address the risks and the next steps to take practical and effective actions to mitigate the risks. Real-life use cases of cybersecurity and privacy incidents will be reviewed, ethical considerations for preventing and responding to social engineering attacks and explanations of the types of actions that could have been taken to prevent the incidents will be discussed. Multiple use cases will be analyzed, with student participation. Participants will leave the course with an understanding of how to identify and defend against a social engineering attack.

Who Should Attend
Practitioners that depend upon, or have within their work environment, technologies, including but not limited to:

  • Technical personnel
  • Facility managers
  • IT managers
  • Sourcing/Contracting managers
  • Design engineers
  • Facility engineers
  • Electric grid engineers
  • Construction engineers
  • Product development engineers
  • Software engineers & architects
  • IT engineers & architects
  • Engineering consultants
  • Transportation engineers
  • Material managers
  • Facility operators
  • Environmental scientists
  • Lawyers
  • Cybersecurity managers
  • Privacy managers

Audience Skill Level
Beginner/Intermediate. No prior experience or prerequisites are needed.



Veuillez noter :
This course is held online over 2 days on the following schedule (All times in Eastern Time Zone):
10:00 am to 6:00 pm Eastern (Will include the usual breaks)

Horaire : 10:00 AM - 6:00 PM EDT

Exigences techniques

Pour les utilisateurs de PC
OS: Windows 7, 8, 10 ou plus récent

Navigateur :
IE 11 ou plus récent, Edge 12 ou plus récent, Firefox 27 ou plus récent, Chrome 30 ou plus récent

Pour les utilisateurs de Macintosh
OS: MacOS 10.7 ou plus récent

Navigateur :
Safari 7+, Firefox 27+, Chrome 30+

iOS
OS: iOS 8 ou plus récent

Android
OS: Android 4.0 ou supérieur

voir le programme complet

PROGRAMME

Veuillez noter :
This course is held online over 2 days on the following schedule (All times in Eastern Time Zone):
10:00 am to 6:00 pm Eastern (Will include the usual breaks)

Day 1: 7 hours

  • What is social engineering, and related terminology
  • The evolution of social engineering techniques throughout history
  • The current most commonly used types of social engineering tactics
  • Types of social engineering tactics currently being widely used by cybercriminals (use of AI, imposters, spoofing, malicious websites, and more), and the types of individuals they are targeting.
  • Type of motives people have for using social engineering tactics, and how they think
  • Type of organizations and individuals targeted for social engineering
  • How to prevent being a victim of the same types of tactics
  • Actions to prevent the organization from falling victim to social engineering attacks
  • Types of harms that social engineering exploits have on the associated business, individuals who fell for the tactics, and the people associated with the personal data that was breached
  • Real-life social engineering exploits for which other engineers and technical professionals have been victims

Day 2: 7 hours

  • Ethics, risks and laws to consider when using social engineering to test your organization
  • Determining whether or not to test your organization for the different types of social engineering tactics
  • Choosing the best tools to create various types of social engineering campaigns to test your organization
  • Investigating phishing and other types of social engineering attacks
  • Tools to help block social engineering attacks from being successful in organizations
  • Tools to help block social engineering attacks from being successful in personal life
  • Use cases for each type of social engineering tactics. Examples include:
    • Physical Security Tactics
      • Insider threat
      • Lobby/entryway
      • Tailgating
      • USB drops
      • RFID cloning
      • Snail mail
      • Digital trackers
      • Compromised security cameras
      • Phishing
      • Spear Phishing
      • Whaling
      • Impersonations
      • AI and voice spoofing
    • Email spoofing
    • Cloning Websites
    • Vishing
    • Smishing
    • Caller ID Spoofing
    • Tailgating and Physical Access
  • Implementing a variety of approaches to create awareness and training programs within your organization to protect against social engineering attacks
  • Laws that include requirements that social engineering activities support
  • Additional resources to use to maintain ongoing privacy, security, and associated safety protections.

FORMATEUR

Rebecca Herold

Rebecca Herold is CEO of the Privacy & Security Brainiacs SaaS Services business she launched in 2021 with her son Noah, the third SaaS business for which she has been co-founder and engineering architect. Rebecca is also founder (2004) and CEO of The Privacy Professor consultancy. Rebecca has over 25 years of systems engineering, information security, privacy & compliance experience.

Rebecca has authored 23 books to date. The most recent book is the soon-to-be-published second in the Privacy & Security Brainiacs, "Cybersecurity for Grandparents and Everyone Else!" series of books, "IoT Security and Privacy." Rebecca is finishing another book in 2022 published by CRC Press titled "Security & Privacy when Working from Home & Travelling." Rebecca's radio/podcast show, Data Security and Privacy with the Privacy Professor, is on VoiceAmerica. Rebecca has been a subject matter expert since January 2020 on the NIST Cybersecurity for IoT Program team, performing research and co-authoring IoT security and privacy standards, guidelines, and other informative references.

Rebecca also serves as an expert witness for IT, security, privacy and compliance topics, including two cases that involved IoT use to commit crimes, including assaults. Rebecca was an Adjunct Professor for the Norwich University MSISA program for 9 ½ years and has earned 10 professional certifications (FIP, CDPSE, CISSP, CIPP/US, CIPT, CIPM, CISM, CISA, FLMI, Ponemon Institute Fellow).

Rebecca has Masters' and Bachelors' degrees in Computer Science, Mathematics and Education and lives in Des Moines, Iowa, USA. For more information about Rebecca, see:



INSCRIVEZ-VOUS
VOUS N’ÊTES PAS INTERESSÉ PAR CE COURS ?

Nous visons toujours à améliorer la qualité de nos cours. Veuillez sélectionner les raisons pour lesquelles vous pensez que ce cours est inadéquat (Cochez toutes les cases qui s’appliquent).

Svp cochez cette case :
Note d’évaluation pour cette formation
4.4 sur 5

Évaluation globale de ce cours par ses participants précédents !

UNITÉS & FRAIS
  • 14 Heures de formation continue

1295 $ (+ TPS/TVQ)

Inscrivez-vous




Accumulez vos heures de formation continue avec le CIPE

Tous les cours du CIPE vous permettent d’obtenir vos Heures de formation continue; utiles pour ceux qui doivent accumuler et soumettre leurs Heures comme l’exige l’Ordre des ingénieurs du Québec (OIQ) et l’Ordre des technologues professionnels du Québec (OTPQ).

Ces exigences de formation prennent fin le 31 mars 2025 pour l’OIQ et le 30 avril 2025 pour l’OTPQ !

VOIR LES COURS
Abonnez-vous à notre bulletin électronique
Formation en entreprise

Les AVANTAGES de la formation de groupe en ligne :

  • Efficacité et coût
  • Des cours de grandes qualité
  • Flexibilité
  • Pratique
  • Confidentialité
  • Obtenez un certificat avec des Heures de formation continue
DEMANDER UNE PROPOSITION
Top