Julien MAS
Project Overview
I designed the awareness and incident response training program aimed to enhance the organization's capability to effectively identify, respond to, and recover from malicious campaign and Cybersecurity incidents. This program provided comprehensive training for employees across various roles to ensure a coordinated and efficient response during security incidents, minimizing potential damage as well as recovery time.
Project Planning and Preparation
• Objective Definition : The goal was to ensure that everyone took responsibility for security by providing employees with the knowledge and skills necessary to identify and report security incidents.
• Stakeholder Engagement : RH, Legal and IT managers where involved in the project definition.
• Requirements Gathering : The relevant stakeholders where identify for training specific for their type of action (reporting only, analysis, communication). The KGI where defined and validated with the project sponsor.
• Vendor Selection : Two product where identified, a training platform provider and a phishing campaign simulator provider.
Selection was done regarding the scaling capability, the compatibility with the technological environment and it's capacity to manage it.
• Budget and Resources : Costs for deployment, training, and ongoing maintenance was estimated to fit in the annual allowed budget of RH and security department. Human and technological resources required was secured before initiating the project.
Scope of Work
The training program covered:
Incident identification and reporting procedures
Incident response roles and responsibilities
Communication strategies during an incident
Use of incident response tools and technologies
Post-incident analysis and reporting
The phishing campaign simulator showcased :
Impersonation of employee
Malicious attachment
Malicious link
Key point of interest were :
Sensitive user trained rate (Management)
Advanced user trained rate (Security operations, IT Department)
Regular users trained rate (Regular users)
Rate of successfully reported phishing during campaign
Rate of employee tricked by the phishing campaign
Target Audience
Security Operations Team : Focus on advanced incident handling techniques.
IT Department : Emphasis on technical aspects of incident response and system recovery.
Management : Overview of incident response strategies, decision-making, and communication.
All Employees: Basic awareness of security threats and reporting mechanisms.4. Delivery Methods
Deliverables
• Classroom Training : sessions for interactive learning.
• Online Courses : Self-paced modules for flexibility and broader reach.
• Workshops and Simulations : Hands-on exercises and mock incidents to practice response skills.
• Tabletop Exercises (for incident response managers) : Scenario-based discussions to test response plans and coordination.
Conclusion
This project has effectively empowered employees with the skills needed to recognize and handle security incidents. This proactive approach enhances the overall security posture and ensures a swift, coordinated response to potential threats. Continous improvement was made posible by implementing creating a schedule for training session and training material update.
Generality of this type of project
Key Considerations
Regular Updates and Refresher Training : Ensure that the training content is regularly updated to address new threats and emerging technologies. Periodic refresher courses help reinforce key concepts and keep employees aware of the latest security practices and incident response procedures.
Engagement and Practical Exercises : Incorporate interactive elements and practical exercises, to enhance learning and retention. Engaging training methods help employees better understand how to apply their knowledge in real-world situations.
Clear Communication and Reporting Channels : Establish and clearly communicate procedures for reporting security incidents. Employees should know whom to contact, how to report issues, and the steps to take when they suspect a security event, ensuring an appropriate response.
Potential Challenges
• Low engagement or participation: Lack of active involvement from participant will impede the raise of awareness, incorporate interactive and practical elements to enhance engagement. It's also important to engage employee's responsibility when it's relevant.
• Insufficient resources or budget constraints: Insufficient time, budget, or skilled personnel can delay the project or reduce its effectiveness. It's important to prioritize essential training components and seek cost-effective solutions.