TMC concludes first program on ‘Cyber security for non-IT professionals

TMC successfully completed the first program on ‘Cyber security for non-IT professionals’ as a part of its ongoing commitment to management development. The program was held virtually due to the current pandemic but the sessions were interactive with participants given the opportunity to ask questions to clear their doubts. 

The objective of the program was to empower non-IT professionals with knowledge in cyber security required for protection from possible threats in their personal lives as well as in the digital working environment. Especially due to the pandemic and lockdowns, a threat is imminent. In the corporate world we are compelled to work from home. Both these scenarios expose us to the potential threats that come in different forms. It could be a ransomware attack encrypting your personal files or photos and asking you to pay a ransom to decrypt these files. On the other hand, attackers may gain access to your personal devices such as mobiles, tablet computers, laptops etc to make an entry to your company data when you connect to your office and work. 

In these circumstances it is important for you to be aware of the type of dangers, and how they come and how to avoid it. During the session, facilitator Ashoke Baddage explained all these in a language that a non-IT manager could understand. He stressed the importance of maintaining discipline as an individual when exploring the internet. Best practices one should follow in accessing social media, browsing and particularly when handling emails. He also discussed about the technologies that could be used to prevent such attacks. 

Participants were given the knowledge in identifying potential threats, how social engineering works and the symptoms if your device has been hacked. Participants were educated on the common attacks and what precautions they should take, especially how to avoid phishing emails which can do a greater damage to people and the corporates.   The type of hackers and their intent, type of attacks how companies prevent them were discussed at a level participants could understand. Building a cyber security strategy too were discussed. They were also told how a company could build a security framework to maintain the privacy, integrity and availability of data at all times. He also discussed how one should build a security framework raising the bar to prevent possible threats.  One of the key points he stressed was that the ownership of security should be at the highest level of a company. The impact of a breach is felt by the stakeholders and board of directors rather than the technical workforce in a company. If a breach happened for some reason, how could one reduce the impact of a breach was also discussed at length. 

Another topic was whether a company should look at implementing security as a mere compliance or whether one should look at the investment as a way to protect the company data while meeting the regulatory requirement. 

In a competitive business environment, using technology is unavoidable. All businesses irrespective of the size of the business need to use technology to provide faster and efficient customer service while improving productivity. This will increase the opportunities for the bad guys too. Hence this program is timely and valuable for non-IT professionals. The sessions were facilitated by Ashoke Baddage who is an experienced banker and worked for multinational companies in building robust and secure networks for the public and private sectors in the region. 

During the session some of the topics covered were, what is cyber security and the impact of personal and corporate data, attacks, concepts and techniques, protecting your personal identity and data, securing corporate data, building a security strategy, who owns the responsibility, importance or training at all levels, security standards, periodic reviews, etc. 

Today management need to be aware of the risks that can cripple the successful forward thrust of an organisation, and the participants of this program are now fully equipped to protect their organisation from cyberattacks. If you are interested in participating in the next program please get in touch with the team and register yourself by contacting the office on 115860000.