Knowledge is power, none more so than in the cybersecurity space, which is the reason courses in said topic are growing in popularity.
With security skills at a premium, IT Governance Europe has established itself as one of the top locations for learning about cybersecurity.
The company, which specialises in providing training for ISO 27001 certification, has expanded its services to include GDPR, data protection and staff awareness training.
Alan Calder, chief executive of IT Governance Europe, says that much of the course development is rooted in life experience students can relate to.
“Our training courses are developed using our extensive practical knowledge and experience in designing and implementing management systems,” said Calder.
“When we are developing a course, we use our real-world experience with clients and the problems we have overcome with them. We build these qualities into our courses, so they provide our delegates with tangible information they can take away.”
The training courses are designed to reflect the current state of the security landscape, with leeway built in to allow updates and changes to be made as new developments emerge.
Calder says there are two main drivers behind its courses, helping people develop the skills they need and providing the tools required to advance people’s careers.
The latter is particularly important as there is a shortage of trained security professionals, not just in Ireland, but globally.
“We want to help people develop the skills needed to deliver best practice compliance in their organisation, as well as providing the tools for career advancement via industry standard certification,” said Calder.
“We know that Ireland, like much of the world, is currently experiencing a skills gap when it comes to cybersecurity and we hope our courses can help to bridge that gap.”
Much of the focus of IT Governance Europe’s projects is on those who are serious about security and privacy compliance as well as mitigating risk within their organisation. For those who don’t come from a security background, it offers entry-level courses which provide in-depth explanations of regulations and standards.
“We believe that in order to correctly implement a standard or align an organisation to a regulation, the people involved in the project must fully understand what they are implementing and aligning themselves to, and how it will benefit their organisation,” said Calder.
“That is the key to a successful project and it is why we have developed our foundation-level courses to ensure people are equipped with the knowledge they need.”
With GDPR coming into play and security breaches reported more often, the average person is now more aware of security than ever before. The topic is now popping up in boardrooms with more people interested in improving their knowledge on the subject.
“People are beginning to get a clearer understanding of what threats are out there,” said Calder. “In Ireland, we are seeing an increase in people approaching us having identified an issue to seek our guidance and help on how to mitigate the threat.
“Interest in our GDPR training has been increasing in the last few months, so much so that we have added Limerick and Galway to our list of cities we deliver in, on top of Cork and Dublin.”
While GDPR has become the area of focus for many businesses, Calder said that security as a whole should be a core feature for every business.
“Cybersecurity as a whole must become a key priority for organisations to maintain integrity and confidentiality, as Helen Dixon [Data Protection Commissioner for Ireland] stated in her last annual report.
“Maintaining integrity and confidentiality of personal data is paramount for GDPR compliance, ISO 27001 provides an excellent starting point to do this and organisations should really consider implementing this standard to bolster their GDPR compliance.”
It’s important to remember that buy-in must come in from all areas. While the backing of those at the top or executive level is important, all staff members must be aware of the range of threats that can come and know the signs to look out for.
The goal is to ensure that such checks are second nature to staff and not something left to chance.
“Threats can come in a variety of ways, from a phishing email or social engineering call, to a direct attack on a network,” said Calder.
“All members of staff need to be able to spot suspicious activity and, more importantly, know who to report this to, to ensure it is properly dealt with.”
“This message needs to be sent from the top down. When we undertake any project with a client, one of the first things we do is develop a staff awareness programme so everyone in the organisation is singing off the same hymn sheet.
“When clients ask me why staff awareness is so important, I always say the same thing. There is no point in having the world’s best goalkeeper if the rest of your team aren’t trained in how to defend properly. Attacks will happen, and it is a team effort to ensure an organisation doesn’t concede a breach.”
To find out more about IT Governance Europe and its solutions visit itgovernance.eu, and get 15 per cent off GDPR training