Citadel offers a full range of information security awareness and training programs designed for everyone in your organization.
- Education programs for Boards of Directors and the C-Suite
- Awareness and education programs for staff
- Education programs for IT staff
Education programs for Boards of Directors and the C-Suite
Cyber security management begins at the top. Our educational programs for Boards of Directors and the C-Suite are designed to answer three critical questions:
- How serious is cybercrime and why should I care?
- How vulnerable am I, really?
- What do I need to do about it?
Our Board and C-Suite education programs are delivered by Citadel President, Stan Stahl, Ph.D. and are customized to the specific industry and needs of our clients. Click here for an example of a Board-level program we recently presented at a joint meeting of the Executive Next Practices / Executive Performance Group.
Awareness and education programs for staff
Citadel’s information security awareness and education programs are designed to meet the cybersecurity training requirements of information security laws, regulations, standards and contractual requirements, including:
- Federal laws, such as HIPAA and Gramm-Leach-Bliley which require the protection of personal health and financial information
- Payment Card Industry Data Security Standard requiring the protection of card information
- California Civil Code 1798.81.5 requiring California business to implement reasonable information security measures to protect personal information belonging to California citizens
- The Federal Trade Commission (FTC) security and privacy regulations
Citadel’s information security awareness training is designed to:
- Provide staff with a basic understanding of cyber crime and the important role they play in protecting information
- Provide specific guidance to staff as to their information security responsibilities, obligations and duties
- Demonstrate management’s commitment to securing critical information assets
- Support the all-important objective of creating an information security-aware culture
Training topics include:
- The Challenge of Protecting Sensitive Information
- Why Information Security Matters: Cybercrime, the Law and Basic Ethics
- Information Security Responsibilities in Your Business / Profession
- Information Security: Everyone’s Responsibility
- Passwords: Strong and Protected
- Phishing: Don’t Take the Bait
- Things staff must do to protect the Network from Malware, Spyware, Trojan Horses and Other Really Bad Things
- Protecting Information on Your Laptops, Blackberries, and iPhones
- Protecting Information at Home
Education programs for IT staff
Citadel’s information security education programs for IT staff are designed to assist IT staff integrate sound cybersecurity management practices into their current IT infrastructure management practices.
Education topics include:
- Secure Architecture Design, Deployment and Maintenance
- Anti-Malware — Solutions and Limitations
- Vulnerability and Patch Management
- Application Security, including Websites and Internet-Facing Applications
- Change Control
- Logging and Review
- Security Incident and Event Management (SIEM)
- Back Up, Information Continuity, Incident Response and Internal Investigations
- Access Control Management
- IT Infrastructure Documentation
- Vendor security management