ONLINE CATALOGUE

Legend

Level:

E:           Executive

M:     Management

All:  Employees and Management

Content:

S – Standard session (incl. discussion period)

C – Customized session (up to 25%) to meet specific audience needs

F – Fully customized (requires additional session to adapt content for delivery)

P – Professional support only (interactive consulting sessions)

Information Security

Level

Content /  Code

This critical suite of courses contains all the information that employees and management need to know to better protect the digital assets of the business.  All courses are customizable to client needs.

Introduction To Information Security

This one-hour introductory session is an overview of issues that managers and executives are concerned about every day. It discusses, from a risk perspective, how businesses must protect their most valuable asset (information) before, not after, disaster strikes. Topics covered:

1. The value of your business information

2. The cost of compromised information

3. Inherent, Internal & External threats

4. Information Protection Layers

5. The Weakest Link

M/E

S

100-A

Introduction To Secure Communications

Overview: Gain insight into secure communications at work and at home.  This module covers the top risks to Internet and network communications and suggests avenues to protect business information while it’s in transit.

Topics covered.

1. Electronic mail

2. Instant Messaging

3. Web communications

4. Protecting email information

5. Adopting security best practices

All

S

101-A

Mind The Audience: Securing Your Communications At Work

The convergence of the related concepts of security and privacy takes place within the scope of this module.  Learn to protect valuable business information, competitive data and personal correspondence.  How to both assist and leverage your IT department to secure communications.  You will also learn to implement your own protection schemes and will have access to specific software designed to do that.

Bonus: free software

All

C

102-D

Best Practices For Secure Web Browsing At Work

Understanding the security impact of having Internet access at work is a crucial element in a company’s asset protection strategy.   Understand the cause and effect of Web browsing, both work-related research and casual surfing.  Learn the do’s and don’ts of Internet access and help preserve productivity, the integrity of your business information and the security of your network.

Bonus: free software

All

S

103-A

Protecting Information By Securing Desktop Access

Physical access control is the most trivial and overlooked aspect of information protection.  Every year, it remains the leading cause of information theft and data loss.  Learn to protect your work environment, safeguard your sensitive data and protect the company’s interests with this essential module.

Included: Best-practices crib sheet to protect your computer.

All

S

104-A

Protect Your Company By Understanding How Viruses Work

This overview into worms and viruses is designed to help you protect your computers at work and at home by providing an insight into how they work, who creates them and what their limitations are.  Learn to combat viruses with confidence and to anticipate new threats by understanding how computer viruses work.

All

S

105-A

Secure Office Document Storage And Sharing

Learn to keep work documents secure and to share information in ways that preserve its integrity and confidentially.  Understand online forums, corporate  intranets and bulletin board systems before trying to collaborate on sensitive business issues.

1.       Management strategies for storing mission-critical information

2.       Best practices for storing and sharing your work information

3.       Tips for copying, backing up and discarding critical data

4.      Strategies for sharing knowledge and business documents

All

C

106-D

Managing The Responsibility Of Your Own Information Security

Accountability in data security begins with proper processes, best practices and the right tools.  Learn to implement and track the best methods for protecting your work, and your company’s information assets.  We’ll cover::

1.       Monitoring events in everyday activities

2.       Incident reporting

3.       Top 10 easy solutions for staying on top of the information you’re in charge of managing

4.      Being prepared: how to help your IT staff and consultants when something does go wrong

All

C

107-D

Creating Effective Information Security Policies

Proper policies and procedures are the blueprint of every successful corporate information security strategy.  Learn the methods used by experts to create effective strategies to create policies that fit your organization and its culture and that adapt to its changing needs. Learn how to generate critical employee buy-in.  This course is essential for all managers, executives and business owners.

M/E

S

107-E

Managing Employee Security Committee Meetings

How do the most successful companies make decisions that impact and incorporate security?  Learn to manage and participate in business meetings designed to address security issues. Studies prove that when employee input is ignored, corporate security suffers.  Implement the right processes to educate and empower your business to make the right decisions.  This course is essential for all managers (including project, product managers and developers)

What’s included:

1.       Selecting and ‘involving’ team members

2.       Leading an effective committee meeting

3.       How to achieve self-regulated security

4.       Catalyzing change

5.      Incident reporting 

M/E

S

107-F

Effective Due Diligence Processes for Partner Organizations

The process of creating policies to protect security includes contingency planning and risk management.  Partners and even clients become integral pieces of your security structure, impacting such aspects as business continuity and data recovery when your company depends on them.  Learn to:

1. build joint policies for information management/protection
2. evaluate remote access sites
3. define individual/group responsibilities
4. audit 3^rd party policies

M/E

S

108-A

How To Perform Due Diligence On A Vendor/Consultant

This complementary session (to module 108-A) covers the dependencies that businesses have on vendors and providers of professional services.  When your business continuity and security depend on these 3^rd parties, you need to supplement your SLA with actual numbers.

1. Carrying out an on-site visit
2. Asking the right questions
3. Give and take – a service level primer
4. Policy maintenance

M/E

108-B

Securing Corporate Boundaries: Intro To Social Engineering

Social engineering is the weakest link in your business security infrastructure because it is difficult to create policies to cover all possible aspects.  Social engineering is the process by which malicious parties take advantage of unaware individuals to gain access to restricted information and/or resources.   Learn to:

1. recognize the human threat

2. eliminate the digital element

3. report incidents and help build tighter policies to combat it

All

S

109-A

new! Responsibilities Of The Chief Security Officer

This course is intended for IT managers, directors, CIO/CFO/CEOs and any other executives with security responsibilities. Before delegating security to anyone in your organization, attend this invaluable session.   Learn to:

1. recognize and prioritize threats

2. manage functional risk

3. strategize and document for the mid and long term 

4. leverage compliance and best practices

5. demand appropriate internal and external accountability

Information Privacy

Information privacy has become the most important issue in business today.  Because of liability issues, competitive pressures and confidentiality concerns, the business value of privacy is higher than ever.

Protecting Your Company’s Privacy On The Web

The perfect complement to 103-A, this course examines the privacy impact of all Internet activity with a focus on the Web.  Understand and mitigate the risks of compromising company data by working with the Internet:

1. The privacy risks of Webmail

2. Instant Messenger privacy

3. Gateways and business portals

4. Ecommerce sites and database-driven Web sites

5. 10 direct threats to privacy

All

S

201-A

Internet Privacy II – Practical Business Implementations

The successor of 201-D addresses the management challenges of enforcing privacy policies based on different information types, communicating and monitoring activity and taking steps to correct issues before they become problems.  This advanced course discusses best practices, policies and tools that will help preserve both privacy and productivity within your group.

M

C

202-D

Controlling Unsolicited Email And Spam
The leading cause of IT-related headaches has recently become a leading threat.  Spam now effectively serves as a conduit for malicious software and collects private information without user knowledge.  Understanding spam is the first step in the creation of a strategy for combating it.  This essential module covers:

1. The different types of unsolicited email
2. Where does it come from and how does it get here?
3. Strategies for fighting spam
4. Individual experiences – a discussion with the audience

All

S

203-A

Introduction To PIPEDA Privacy Legislation

PIPEDA requires each organization to implement a privacy policy and compliance program applicable to its Canadian employees and/or customers. The Act sets out ground rules for the management of personal information in the private sector.  This high level overview provides an effective introduction to PIPEDA including:

1. Purpose of the Act
2. Information collection and intent
3. Offences and legal liability
4. Audit and questionnaire
5. Managing the change process

M

S

204-A

Confidentiality And The Internet

The vast majority of experts will agree that the main risk facing business and personal information on the Internet is not privacy loss, but confidentiality loss.  The issue of compromising critical information includes many aspects that are becoming an integral part of corporate information risk policies.  It includes:

1. Information classification and confidentiality
2. Risk levels and mitigating strategies
3. Sharing knowledge regarding confidentiality protection

All

S

205-A

Web Privacy And Trust: Introduction to the P3P Standard

The World Wide Web Consortium’s Platform for Privacy Preferences is an elegant solution to individual privacy protection on the Internet because it leverages the power of the Web browser before a Web site is even visited.

Our immersion into this new standard includes:

1. Business applications: how to build visitor and consumer trust
2. Privacy protection: how to gauge a site’s commitment
3. The future of integrated privacy protection

M

S

205-B

Classifying Your Data According To Confidentiality/Sensitivity

Data classification procedures are currently at the forefront of information risk management because they incorporate aspects of security, privacy and confidentially and balance them against information value, risk and expenditures.  The challenges of data classification are significant enough to cause entire information risk policies to be discarded and rendered ineffective.  Learn to implement a data classification framework, assign responsibilities, calculate implementation time frames and preserve the value of these critical documents.

M/E

S

205-D

Identity Theft And Your Work

Identity theft occurs when someone uses personal/business information such as a name, Social Security number, credit card number or other identifying information, without your permission to commit fraud or other crimes.

Identity theft is a serious crime. People whose identities have been stolen can spend months or years - and their hard-earned money - cleaning up the mess thieves have made of their good name and credit record. In the meantime, victims may lose job opportunities, be refused loans, education, housing or cars, or even get arrested for crimes they didn't commit.  Learn to identify different types of crimes that may lead to identity theft and personal and business assets.
What’s Included: Identity Theft Guide and educational materials.

All

S

206-A

Office Productivity

The proliferation of software designed to connect and distract working people is placing a strain on business productivity.  Loss of productivity means higher operational and data protection costs.  Studies prove that businesses with productivity issues also experience higher security and privacy-related losses.

Dealing With Hoaxes, Spam And Viruses At Work
Today’s workplaces are making better use of technology than ever before. Unfortunately, with all its benefits, technology is presenting employees with new challenges every day; and ones that require them to make decisions.  This module empowers you to make the right decisions when faced with unsolicited communications, potential hoaxes and malicious software.  Business productivity is precious.  Management and employees need to preserve it by gaining the awareness needed to take control of their working environment.

All

S

301-A

Instant Messaging, interactive Systems And Other Distractions

Instant messaging and other real-time digital communications options have become commonplace both at home and at the office, making it all too easy to be continually interrupted by the very systems that we install to improve the way we work.  Estimates place productivity losses due to real-time communications in the hundreds of millions of dollars, and the problem is only increasing.  Learn to control these habits while making the most of these tools.  Create opportunities for customer service, document sharing and collaboration and actually increase productivity through the use of technology.

All

S

302-A

Best Practices In Office Communications & Email Overload

Netiquette is a term that is not often mentioned in office environments.  The ability to communicate effectively, coherently and politely using technology is not innate, as many businesses assume.  This module introduces tips and concepts for effective business communication using computers and the Internet, dealing with information and email overload, and making decisions about sharing information.

All

S

303-A

Making The Most Of Collaborative Systems
This module is essential for all groups and employees that work in virtual teams, make use of technologies to boost their productivity, share resources and work collaboratively.  Managing virtual conversations, shared schedules and pooled resources can be a challenge without the proper training.  This module introduces working procedures and proven tips to maximize productivity and effectiveness when using collaborative technologies.  Topics discussed:

All

S

305-B

Better Work Practices: Customizing Your Work Environment
Microsoft Windows and most office applications allow for a vast degree of customization intended to increase productivity and maximize work enjoyment.   This module presents the various features available to customize your work environment, shortcuts to make work processes faster and easier.  The following topics are discussed: display settings, document editing, sharing data across applications, multi-tasking, the Control Panel, shortcuts, etc.

Bonus: This module now incorporates the content of 304-B (Protecting health and productivity at work).

All

C

306-A

Understanding The Risk: Spyware, Scams and Cookies

This unique module presents employees with the negative effects of technology and everyday processes.  The course content complements modules 203-A and 301-A and is intended to increase awareness of the effects and repercussions of work-related activities.    Note: although covered, this material does not focus on ways to secure systems or mitigate the risks discussed.  What’s included:

1. What’s the worst that can happen?
2. False alarms? Spyware, scams, cookies, hoaxes
3. Organizational risk and policies

All

S

307-B

Internet Research