This course is available by: eLearning, Virtual-LIVE and Classroom
 

eLearning PDP’s eLearning courses are facilitated via a dedicated learning platform using videos, supplementary documentation and multiple choice self-assessment questions. The content can be viewed at any time allowing delegates to train around other commitments. Find out more information on PDP’s eLearning courses.
Virtual-LIVE (WEBEX) For those who prefer undertaking LIVE training remotely, PDP’s virtual courses allow delegates to interact directly with the trainer and to participate in group activities, mirroring the typical structure of Classroom sessions.
Classroom This course can be attended on an in-person basis at dedicated training venues (the yellow box below lists the upcoming dates and cities). There are ample opportunities to network with other delegates during coffee breaks and at the sit-down lunch.

Cybersecurity for Data Protection Professionals

Course Overview:

Breaches of information security are consistently one of the top two reasons for data protection regulator enforcement action. And fines for breaches of security are usually higher than for other types of breaches.

With mandatory breach notification under the GDPR and the significant uplift in potential monetary penalties, compliance professionals need to be suitably empowered with cybersecurity knowledge and awareness to assist their organisations to both mitigate ongoing data security risks and to deal with personal data breaches. It is also useful for compliance professionals to have a basic knowledge of cybersecurity terminology to facilitate effective communications with IT Team members.

This session is prepared specifically in the context of the GDPR and the objective of compliance professionals dealing more assuredly and knowledgeably with cybersecurity within their organisations. The session addresses:

• what exactly cybersecurity means and encompasses
• threats, vulnerabilities and risk from a security perspective
• comparing and contrasting “risk” in security, and data protection under the GDPR
• risk analysis and management from a security and data protection standpoint
• cryptography as a privacy tool: encryption, at rest and in transit; hashing and salting
• managing identity and authentication, security operations
• security baselines: including ISO 27001 and Cyber Essentials
• introduction to malware: botnets, ransomware, Denial of Service (and DDoS), Advanced Persistent Threats (APTs)
• personal data breach / incident management and crisis management
• business continuity planning and disaster recovery
• data breach simulations

No technical knowledge is required in order to attend this session. A basic working knowledge of data protection legal requirements would be useful. Delegates with limited data protection knowledge may find it helpful to attend Data Protection Essential Knowledge Level 1 before attending this training course.