Personnel Training

While cyber awareness provides foundational knowledge, personnel training equips individuals with the practical skills and deeper understanding necessary to effectively identify, respond to, and mitigate cyber threats. We offer specialized personnel trainings and advisory sessions tailored for executive leadership and board members, IT and security professionals, and employees at all levels. Our approach grants clients a real-world experience by leveraging intelligence to customize training based on the organization's specific cyber threat exposure.

ICT risk management

Focused on senior management in organization

Roles and responsibilities in the ICT risk management taking into account current regulation (e.g. DORA)

Relevant inputs for the ICT risk assessment

Identification of changes in the threat landscape and vulnerabilities that enable them

Assessment of the likelihood of occurrence and impact of the threat and vulnerabilities

Preparation and implementation of a risk treatment plan

Monitoring of the risk (KRI and tolerance) and risk treatment plan

SOC Analyst Basics including Lab Exercises

Introduction to SOC

Networking Basics Re-Load

SIEM Tools

How to think like an attacker

Cyber Threat Intelligence

Security Orchestration, Automation & Response

Log Management

NET Management

Threat Modeling and Cyber Threat Intelligence including Lab Exercises

Threat modeling, Fundamentals of Modeling

Properties of models

Information theory (syntax, semantics, pragmatics)

Aspects of threat modelling

Actors and motivation

Tactics, Techniques and Procedures (TTPs)

Observables or compromise indicators (IoCs)

Common threat modelling techniques and models, including

Attack Trees and Attack-Defense Trees

STRIDE and PASTA

Kill Chains

Attack Patterns and Vulnerabilities

Mapping of attack techniques and attack phases in the environment of IT systems (CAPEC, ATT&CK, etc.)

Modelling and quantification of software weak points and vulnerabilities (CVSS, CWE)

Visualization and creative techniques, among others:
- Integrated threat modeling
- Interfaces to organizational processes
- Interaction with the operational risk analysis

Governance Risk & Compliance (GRC)

Introduction to GRC
Organizational Security Governance
Risk Management
Exercise: Risk Governance
Security Governance Standards
Security Case Studies
Basics of management systems according to ISO 27001, ISO 20000, ISO Annex SL
Integrated Management Systems (e.g. ISMS, DSMS)
Important norms, standards and best practices: ISO 2700x, BSI GSHB, CSC, COBIT NIST SP800-53
Important legal fundamentals for GRC (e.g.: DSGVO, DSG, NISG, ...)
Information Security Policies, Guidelines, Standards, Procedures
Internal control systems

Our Impact

Investing in the future of cyber

We all have a role to play in the wider cyber security ecosystem. Deloitte Cyber Academy is committed to promoting cyber best practices and investing in the future through cyber awareness campaigns.

Connecting people

The Deloitte Cyber Academy connects people and provides unrivalled networking experiences for cyber professionals and business leaders. Build a powerful network, make connections and optimise your cyber journey.

Collaborating to find answers

Identifying and tackling the biggest issues facing the cyber industry through collaboration with our clients.

Influencing leaders

The Deloitte Cyber Academy shapes the future of cyber through educating and inspiring business leaders to drive innovation, influence policy and promote cyber best practice at all levels.