Cybersecurity training: essentials for executives and managers
Understand the new cybersecurity challenges to protect your company and meet your responsibilities as a manager. Geopolitical tensions combined with the widespread deployment of digital technologies in our societies have given rise to a major new risk: cyberthreats and cybersecurity.
To protect its economy and its citizens, the European Union has issued new regulations (NIS2, DORA, etc.) that senior executives need to know about and apply. This training course is designed for non-technical executives. It will give you a better understanding of cyber threats and risks, as well as the new legal frameworks. You will define your organization’s protection strategy, the measures to be taken (whether technical, organizational, cultural…) and your own cyber protection roadmap.
This course is organized by HEC Liège Executive Education and the Digital Lab.
Program
- 08:45 Welcoming DAY 1
- 09:00 ▶12:30: Understand the current context (digital era, geopolitical tensions, cyberthreats, etc.) and establish the link with your organization ▶Understanding the current risk and security context : External threats and internal vulnerabilities: identify the threats facing my organization // Regulations and legislation: identify the rules that apply to my organization// Practical exercise
- 13:30 ▶ 17:00: Analyze the risks incurred by the organization : Introduction to security features (confidentiality, integrity, availability, security, privacy,...) // Qualifying risks according to context // Establishing links between risks, threats, vulnerabilities and controls ▶ Practical exercise : Identify and assess your organization's inherent risks based on scenarios. ▶ Debrief of the first day
- 08:45 Welcoming DAY 2
- 09:00 ▶ 12:30: Reminder of the first day ▶ Risk management measures and controls: Understanding existing measure repositories // Understanding the main security measures (administrative, technical, cultural, physical,...) ▶ Practical exercise: Selection of the best security measures to implement based on risk analysis and qualification of residual risk ▶ Specific focus: Roles and responsibilities of the Board of Directors and Executive Committee: Understanding the new legal responsibilities of Boards of Directors and Executive Committees // Best practices for integrating cybersecurity into corporate governance // Concrete case of reporting to federal authorities in the event of an incident
- 13:30 ▶ 17:00: Defining your action plan: Introduction to security roadmaps // Case study: Define your own security roadmap ▶ Some security processes in detail: //Zoom on vulnerability management //Zoom on BCP (Business Continuity Plan) and DRP (Disaster Recovery Plan) //Zoom on security monitoring (Security Operations Center) ▶ Going further: Conclusions and closing discussions
Speakers
-
Hans HUJOEL
Expert in Critical Infrastructure IT, Security, Risk & Sourcing -
Benoît DELFOSSE
Expert in Enterprise Security Architecture
Hans HUJOEL is a consultant at INNOCOM with over 20 years’ experience in cybersecurity, IT, architecture and risk management, both in industry and consulting. Over the course of his career, he has acquired extensive experience in securing critical infrastructures, and has been involved in complex transformation and change management projects.
Benoit DELFOSSE is a security architect with over 15 years’ experience in various sectors. He helps companies develop robust security strategies by understanding their specific risks. Benoit specializes in integrating new technologies and trends, while optimizing existing systems for effective transformation.