0800 435 772

Information Security Management


£269 +VAT per person

This course can be presented in-house at your premises. You can find out more about our in-house training here.

If you would like to make an enquiry simply fill in the quick contact form below and a member of our in­house team will be in touch shortly.

Fields marked with an * are mandatory

Home > Online training > Information Security Management

Information Security Management

This course is no longer active

Course overview

Cyber Security and Information Security are invariably some of the biggest risks to your organisation. Yet organisations often struggle to understand how well that risk is mitigated and how to properly protect themselves. In addition to the risk of financial loss, reputational damage and GDPR fines, law firms are also increasingly engaging in group legal actions against organisations that have been breached. So how do you manage the risk?

This practical half-day training course is designed, with minimal technical terminology, to help business leaders, managers and representatives. It will focus on management controls for InfoSec and cyber security, to help your organisation assess and mitigate the security risks relating to personal data and company data.

Our expert presenter is a commercially experienced information security leader, who has led teams in multinational corporations and small businesses. He will explain the types of attack your organisation may face, how those attacks may be perpetrated and how you can defend against them. He will also touch on technical controls just enough to help you ask the pertinent questions from a business perspective.

What will you learn?

  • Your legal obligations
    • GDPR requirements in relation to data security
    • The risk from law suits
    • ICO security breach enforcement cases
  • Governance and management controls for security
    • Managing information security and mitigating risks
    • Policies, training, procedures and metrics to consider
  • Risk assessments
    • Producing a Security Risk Assessment
    • The risks and attack threats to consider
  • Security for property and physical assets
    • Security controls to protect physical assets that process data from theft, damage or destruction
    • Managing the security risk relating to paper based data
  • Security for IT networks and the Cloud
    • Controlling unauthorised access to your networks and denial of service attacks
    • Managing access controls and password complexity
    • Protecting “cloud” data and the importance of 2 factor authentication
  • Security for IT devices
    • Protecting data on desktops, laptops, mobile phones and tablets
    • The risks of Bring Your Own Devices (BYOD)
    • Controls to protect servers
  • Security for Internet and email
    • Mitigating the risk of phishing emails, malicious downloads and ransomware
    • Controls to prevent and detect data leaks
  • Handling breaches
    • Steps to take when a security breach is detected
    • Engaging with the ICO, insurance and law enforcement
    • Internal and external breach communication strategies
  • Industry standards and certifications 
    • Reducing your risks with Cyber Essentials, CIS Top 18 and ISO 27001 Information Security Management System

Who should attend?

This course will benefit anyone who is responsible for protecting business data or who wants to learn more about managing information security risks and controls. It is essential for senior people with a responsibility for risk and compliance, GDPR leaders, data protection coordinators or DPOs, IT Managers and IT directors. This course is designed for non-technical business leaders and managers. It will be especially useful for those who are new to information security, who feel they may need better controls, or who are developing a new service or project involving data.

Extra benefits

  • A course pack containing the information presented on the day
  • A certificate of attendance
  • Complimentary refreshments and lunch provided