Skip to main content

Cyber Academy

Personnel Training

While cyber awareness provides foundational knowledge, personnel training equips individuals with the practical skills and deeper understanding necessary to effectively identify, respond to, and mitigate cyber threats. We offer specialized personnel trainings and advisory sessions tailored for executive leadership and board members, IT and security professionals, and employees at all levels. Our approach grants clients a real-world experience by leveraging intelligence to customize training based on the organization's specific cyber threat exposure.

  • Focused on senior management in organization
  • Roles and responsibilities in the ICT risk management taking into account current regulation (e.g. DORA)
  • Relevant inputs for the ICT risk assessment
  • Identification of changes in the threat landscape and vulnerabilities that enable them
  • Assessment of the likelihood of occurrence and impact of the threat and vulnerabilities
  • Preparation and implementation of a risk treatment plan
  • Monitoring of the risk (KRI and tolerance) and risk treatment plan
  • Introduction to SOC
  • Networking Basics Re-Load
  • SIEM Tools
  • How to think like an attacker
  • Cyber Threat Intelligence
  • Security Orchestration, Automation & Response
  • Log Management
  • NET Management
  • Threat modeling, Fundamentals of Modeling
  • Properties of models
  • Information theory (syntax, semantics, pragmatics)
  • Aspects of threat modelling
  • Actors and motivation
  • Tactics, Techniques and Procedures (TTPs)
  • Observables or compromise indicators (IoCs)
  • Common threat modelling techniques and models, including
  • Attack Trees and Attack-Defense Trees
  • STRIDE and PASTA
  • Kill Chains
  • Attack Patterns and Vulnerabilities
  • Mapping of attack techniques and attack phases in the environment of IT systems (CAPEC, ATT&CK, etc.)
  • Modelling and quantification of software weak points and vulnerabilities (CVSS, CWE)
  • Visualization and creative techniques, among others:
    • Integrated threat modeling
    • Interfaces to organizational processes
    • Interaction with the operational risk analysis
  • Introduction to GRC​
  • Organizational Security Governance​
  • Risk Management​
  • Exercise: Risk Governance​
  • Security Governance Standards​
  • Security Case Studies​
  • Basics of management systems according to ISO 27001, ISO 20000, ISO Annex SL​
  • Integrated Management Systems (e.g. ISMS, DSMS)​
  • Important norms, standards and best practices: ISO 2700x, BSI GSHB, CSC, COBIT NIST SP800-53
  • Important legal fundamentals for GRC (e.g.: DSGVO, DSG, NISG, ...)​
  • Information Security Policies, Guidelines, Standards, Procedures​
  • Internal control systems​

Our Impact
Investing in the future of cyber

We all have a role to play in the wider cyber security ecosystem. Deloitte Cyber Academy is committed to promoting cyber best practices and investing in the future through cyber awareness campaigns.

Connecting people

The Deloitte Cyber Academy connects people and provides unrivalled networking experiences for cyber professionals and business leaders. Build a powerful network, make connections and optimise your cyber journey.

Collaborating to find answers

Identifying and tackling the biggest issues facing the cyber industry through collaboration with our clients.

Influencing leaders

The Deloitte Cyber Academy shapes the future of cyber through educating and inspiring business leaders to drive innovation, influence policy and promote cyber best practice at all levels.

Contact

Zoltán Szöllősi

Partner

László Tóth

Partner

Ratko Drča

Director
+385 1 2351 900