Cybersecurity culture & Human Behaviour – Introduction
Understanding human failures, following procedures, effective communication, understanding security culture, organizational factors
This course empowers learners to build resilient cybersecurity cultures, distinguish the human role in cyber risks, and manage crisis communication effectively.
Course Description:
This course focuses on the critical role that human factors play in cybersecurity and provides strategies for effective communication during and after security incidents. It is designed for non-technical professionals, such as HR managers, purchasing officers, supply chain managers, and office workers, to enhance their understanding of cybersecurity risks and response strategies.
The first part of the course addresses Human Factors in Cybersecurity. Participants will learn to distinguish between different types of human failures by examining the roles of both users and attackers. Real-world cybersecurity incidents are analyzed to illustrate why human behavior is often the weakest link in an organization’s security chain. Additionally, the course introduces practical tools and methodologies for identifying and mitigating human-related vulnerabilities. The importance of fostering a just culture that encourages transparent reporting of security incidents without fear of punishment is also emphasized.
In the second part, the course covers Crisis Communication. Participants will gain the skills needed to communicate effectively during and after a cybersecurity incident. This includes strategies for delivering clear, timely, and coordinated messages to maintain organizational trust and minimize potential damage.
The training is offered both as online instructor-led sessions on the following dates (duration approximately 4 hours) and as self-paced e-learning available on demand (duration approximately 2 hours).
Learning Outcome:
•Gain insight into the role of human behavior in cybersecurity and the dynamics between user and attacker.
•Analyze past cybersecurity incidents to understand why humans are often considered the weakest link in security.
•Learn to utilize various tools and methodologies to mitigate human error and enhance security measures.
•Understand the importance of a just culture and reporting in promoting a proactive cybersecurity environment and preventing future incidents.
•Develop effective communication strategies for use during and after a cybersecurity incident, ensuring compliance with GDPR and maintaining stakeholder trust.