Staff Training, Testing and Support
Why: Cybersecurity is not just about technical security. Your staff are a key layer of defence. The vast majority of attacks succeed because a human has been fooled.
Why me: You can tick the box by asking staff to read through a generic CBT course. But if you want to effectively improve your human defences, you need engaging and consumable training material that can be delivered frequently, complemented by ongoing phishing tests to identify weaknesses in your human defence. You also need to support your staff, so if they receive a suspicious email, they know who to ask. You can do it yourself but it is time-consuming and you have better things to do. I have the skill and experience to deliver a far more effective solution.
What: I deliver a fully-managed cybersecurity training and testing service that can be implemented quickly and provides specific metrics on a quarterly basis to demonstrate the increasing strength of your organisation’s human defences. I can also be their point-of-contact if they receive an email that looks suspicious.
How: My service leverages the capabilities of the most appropriate online training platform for your needs, but also includes the effort involved in setting up the platform within your environment, and the ongoing management of training and phish-testing campaigns.
When: The frequency and nature of the training and testing can be tailored to your needs. But I take care of everything – Planning, implementation and reporting.
Starting On: Within 3 working days, I could be training, testing and supporting your staff.
Fee: Starts from €1,495 + VAT per annum for up to 10 staff. (The actual fee will be influenced by the number of staff, required frequency of training and testing, and your reporting requirements).
NOTE: My service is best-suited to organisations that use Microsoft / Office 365 for their corporate email system, as this is the environment that I know best. However, it may be possible to tailor the service for other email systems.
Why: The board of every regulated entity needs to know how the organisation should be managing cybersecurity risk, and what is expected of board members. They need to know about the emerging risks and current regulatory expectations.
Why Me: A cybersecurity expert can scare board members with their stories of zero-day attacks. Compliance experts can talk about the latest regulatory guidance documents. I talk about both cybersecurity risk and regulatory compliance, using plain English. I focus on the most likely risks (not necessarily those that hit the headlines) and what the regulator expects of board members (which may differ from their expectations of executives and senior managers).
What: My training includes key talking points about current threats and regulatory expectations, but encourages board members to ask me anything and to steer the session to the areas of most interest to them.
How: The 60-minute training session is delivered remotely over Zoom (or MS Teams).
When: The service also involves two 30-minute preparatory sessions (also delivered over Zoom or Teams), to ensure the session reflects the specific needs of the firm. As soon as these sessions have been completed, the board training session can be delivered.
Fee: €975 + VAT for up to 10 attendees.
NOTE: The training can be delivered in-person within the Greater Dublin region for an additional fee, and subject to availability.
I provide consulting / advisory services to firms that need someone who speaks plain English, filters out the noise, and gets to the point as quickly as possible.
- I help you to identify the right steps, and the right order in which to take them.
- I use easy-to-understand yet globally-recognised frameworks as our guide, so you can speak confidently about how your defences align to a recognised standard.
- If you are a regulated firm, I show you how to prove to your Board and your regulators that you are aligning to regulatory expectations.
- If you sell to regulated firms, I show you how to prove to these firms that you are not a risk to their security. Right now, you may think you are a solution, but they think you are a risk.
My advisory service is usually delivered in one of two ways:
Approach 1: Do It Yourself (DIY)
What it is: Retained ‘DIY Ask Me Anything’ advisory service
Best option if: You want to do this yourself, at your own pace, and following an approach that suits you. But you want someone you can contact if you hit a roadblock and don’t want to burn days going down rabbit holes looking online for an answer.
Why: If this is the first time you have done this, you will get stuck along the way – You may be unclear about what you need to do, or which option is the best one for your organisation. When you get stuck, I will get you unstuck.
How: 1 meeting per week (1 x scheduled 60-minute Zoom call). Plus ad-hoc questions by email (subject to fair usage limit)
Benefit: You improve momentum and reduce frustration, by leveraging my knowledge and experience.
Approach 2: Done With You (DWY)
What it is: Retained ‘Done With You’ consultancy service
Best Option If: You want everything offered by the DIY option. Yet, while you still want to lead the activity within your organisation, you want a partner by your side who can proactively guide and support you.
Why: As with the DIY option, when you get stuck, you want someone who can get you unstuck. You also want someone to give you a structure that will guide you on what needs to be done next. You want someone to point you to templates for policies and procedures so you spend less time writing and more time implementing.
How: 2 meetings per week (2 x scheduled 60-minute Zoom calls). Plus summary notes issued after each meeting. Plus follow-up on any actions agreed the meeting. Plus ad-hoc questions by email (subject to a more generous fair usage limit)
Benefit: You maximise momentum and minimise frustration, as you will be following a structured approach that takes the most direct route to your chosen destination. You will also have a trusted and experienced advisor on your team who will be proactively guiding you down the right path.
Are we a good fit?
Given the nature of these engagements, I only commit to a small number at any one time.
If you want to discuss your needs in more detail and see if we’re a good fit, schedule a FREEin45 call. Even if we don’t go any further, I guarantee that these 45 minutes will give you clarity on what you need to do and how you should start.
Alternatively, if that all sounds too much like a sales funnel, just get in touch.