SASIG IoT Academy Session 3: What can we learn from the OT world?
While it’s fair to say that the cybersecurity of operational technology (OT) is not near the maturity of enterprise IT, it’s far beyond that of the IoT world. In this session we examine how we secure OT systems to see what lessons can be learned and applied to IoT devices and networks in the future.
Recorded on: Friday 16th July 2021
SASIG IoT Academy Session 2: IoT; the threat it poses and how to secure it
With the prevalence of IoT devices, how do we take on the mammoth challenge of identifying and securing the devices on our networks? Join us to learn how bad actors can use IoT devices to gain access to your network, how to apply ringfencing principles to IoT devices, and how to identify shadow devices with AI techniques.
Recorded on: Friday 9th July 2021
SASIG IoT Academy Session 1: What is modern IoT and where is it?
Maturing technologies mean just about everything can be cheaply connected to the internet, but with a lack of regulation and technology standards, has the security of IoT become a maturity nightmare? We discuss what modern IoT looks like, where it sits on our networks, and what needs to be done to secure it.
Recorded on: Friday 2nd July 2021
SASIG Academy Session 4 - What have we learnt, what are our plans - people, process, technology
How can we use what we have learnt during the pandemic to help build more resilient teams? Join us for a discussion about what organisations’ security awareness strategies look like in the working world going forwards to reduce risk – incorporating the holy trilogy of people, process and technology.
Recorded on: Friday 25th June 2021
SASIG Academy Session 3 - Post-pandemic leadership challenges cyber security functions must consider
As many of us return to the office, the wellbeing of colleagues at every level must remain a priority if organisations hope to protect their most valuable assets. We attempt to join the dots from handling subcultures to our basic human need for structure and stability in the context of security culture.
Recorded on: Friday 18th June 2021
SASIG Academy Session 2 - Identifying the conscious/unconscious insider threat
Does your security culture strategy factor in colleague wellbeing? If it didn’t before, it certainly should now. Join the experts for a deep dive into insider threat risk as organisations action their plans to re-enter office environments in the next phase of post-pandemic life.
Recorded on: Friday 11th June 2021
SASIG Academy Session 1 - Culture and trust: Adapting to change in the shadow of a pandemic
The pandemic has accelerated change and forced us to adapt at pace. We have endured the disruptions of lockdown and now we are in the process of adapting again. Join us for a discussion on the importance of trust and coping with change and uncertainty, individually and as an organisation.
Recorded on: Friday 4th June 2021
SASIG Academy Cyber Health Session 4 – How to assess cyber health and risks: Users and data
Our final session in this Academy series looks at assessing the cyber health and risks of your users and data – the ultimate target for attackers with the most value and most potential for damage. If you have missed any sessions in the series, you can watch them on our website on demand.
Recorded on: Friday 28th May 2021
SASIG Academy Cyber Health Session 3 – How to assess cyber health and risks: Networks
Our Academy series has so far looked at the cyber health and risks of your builds and services. This week, we look at the health and risks associated with the ‘networks’ layer. If you’ve missed either of the first sessions or want to refresh your memory on the Kill Chain pyramid, you can watch Sessions 1 and 2 on demand.
Recorded on: Friday 21st May 2021
SASIG Academy Cyber Health Session 2 – How to assess cyber health and risks: Services
In this Academy series, we look at how to assess your cyber health and risks with the Kill Chain pyramid. Following on from the first session about the ‘build’ layer, our second session looks at the health and risks associated with the ‘services’ layer, and includes scripts, demonstrations, and data analysis techniques.
Recorded on: Friday 14th May 2021
SASIG Academy Cyber Health Session 1 – How to assess cyber health and risks: Build
Hackers gain access to systems by exploiting vulnerabilities and escalating to achieving data theft or destruction. In this Academy series, we look at how to assess your cyber health and risks with the Kill Chain pyramid. This session focusses on the ‘build’ layer and includes scripts, demonstrations, and data analysis techniques.
Recorded on: Friday 7th May 2021
SASIG Academy Supply Chain Session 2 - Supply chain questionnaires
Our fourth SASIG Academy series focuses on supply chains. Our second session of the series looks at novel new approaches to questionnaires and new initiatives in action. If you missed Session 1, catch up in our webinar library.
Our fourth SASIG Academy series focuses on supply chains. This session maps out the series, covers the basics you should have in place when engaging third-party supply chains, and introduces some of the more sophisticated approaches you could adopt.
Recorded on: Friday 9th April 2021
SASIG HR Academy Session 4 – Balancing employee privacy and company security: a legal, ethical and cultural concern
Balancing privacy and security in an ongoing battle. There are legal, ethical and cultural concerns to consider. Our last session in this Academy series looks at the new WFH threat landscape, the employee experience, the difference between monitoring and invasion of privacy, third-party risk, and transparency.
Recorded on: Friday 26th March 2021
SASIG HR Academy Session 3 - New perspectives on employee screening: From fake employees to digital innovation
Join us to find out about the latest activity within UK Government, third sector, and industry to modernise employee screening across the UK. We look at themes such as social media and innovation for the Fourth Industrial Revolution. We also discuss the rise of the fake employee; how Covid and fraudsters are threatening businesses and work seekers alike.
Recorded on: Friday 19th March 2021
Blind administration: An interactive supply chain compromise crisis simulation
How would you respond to a cyberattack compromising state secrets? Based on the 2020 SUNBURST attack, Immersive Labs’ crisis simulation lets you experience managing the political, diplomatic, reputational and security impact of a supply chain compromise exposing your data. Join us to find out how well you could cope in a crisis threatening national security.
Recorded on: Thursday 18th March 2021
SASIG HR Academy Session 2 – They have started; now what? Security of personnel in the working environment
Your new employees have started; now what? From staff induction to the exit strategy. The second instalment of this Academy series ventures into a practical look at the elements required to build a culture of security, including onboarding, probation, mentoring, disciplinary processes and exit strategies.
Recorded on: Friday 12th March 2021
SASIG HR Academy Session 1 – Security in the earliest stages of the employee lifecycle
People aren't always who they say they are and there can be many reasons for this. The first of this academy series looks at security in the earliest stages of the employee lifecycle, including advertising, interviewing and pre-employment screening, and what practical steps you can take to improve and develop security in your hiring process.
Recorded on: Friday 5th March 2021
SASIG Metrics Academy Session 4 - The future of managing human cyber risk: What might the role of metrics, data and reporting be?
Join us for the last Metrics Academy session as we look to the future. Explore the opportunities and challenges brought by developments such as big data and predictive analytics. We will also share the predictions and research which all security professionals with an interest in people-related risk (and shouldn’t that be all of us?) should be aware of.
Recorded on: Friday 26th February 2021
SASIG Metrics Academy Session 3 - Reporting on human cyber risk: Using data and metrics to tell the story and understand the risk
Session 3 of the SASIG Metrics Academy builds on your understanding of different aspects of human cyber risk reporting. Various SASIG members and guest panellists will share their experiences and thoughts on best practice, building a collective picture on what human cyber risk reporting and data collection looks like in different organisations.
Recorded on: Friday 19th February 2021
SASIG Metrics Academy Session 2 - Meaningful metrics (part 2): Where to find them, which ones matter, and how to prioritise them
In this session, we explore the different types of metrics and data available and widely used in human cyber risk management. We will look at the pros and cons of each type and explore why it is so important to be clear about what we are measuring. We also consider how metrics relate to the measurement of security behaviours.
Recorded on: Friday 12th February 2021
SASIG Metrics Academy Session 1 - Meaningful metrics (part 1): Why and how data is changing the way we manage human cyber risk
Join us for the first session in our four-part Metrics Academy series. The ‘security awareness’ space is evolving. Rapidly. So what has changed? And why? Find out how metrics, data and reporting have evolved cybersecurity from simple compliance to human-focussed risk management. This interactive session will include a panel discussion and workshop.
Recorded on: Friday 5th February 2021
SASIG PR Academy: Effective corporate communications and public relations in response to a data breach - How to handle crisis communications in any organisation during a cyber-incident
A third of UK businesses were cyber-attacked in the last year, nearly all due to human error. Organisations must involve C-level and comms representatives in responding to these situations. In this webinar, we learn how to create a cyber-breach response plan to mitigate financial and reputational risks.
Recorded on: Friday 29th January 2021
SASIG PR Academy: Effective corporate communications and public relations in response to a data breach - Remember the people
Plans, policies and procedures are important, but they are nothing without a focus on the people caught up in a crisis. Amanda gives her perspective on how to develop effective crisis communication by building in humanity and empathy. She looks at how to transform plans so people remain at the centre of communication – before, during and after a crisis.
Recorded on: Friday 22nd January 2021
SASIG PR Academy: Effective corporate communications and public relations in response to a data breach - A comprehensive playbook for corporate communications after a cybersecurity incident
Dr Jason Nurse presents his comprehensive and freely available playbook which supports corporate communications and public relations after a data breach. It provides guidance for before a breach occurs and how to communicate and manage public relations after a breach. How you handle an incident can make all the difference in how your organisation is perceived.