Naga Cybersecurity

Naga Cybersecurity

Cyber Education

FOR ALL

From the Basics to the Next Generation. We have the Role Based Training for you

We offer classes to support your compliance

PDPL Role Officer

What tasks and functions must be performed by the Personal Data Officer for your business.

Class Duration: 1 Days

Level of Knowledge: Must have a Personal Data Processor and Personal Data Controller Certificates.

Target Audience: Must be assigned the Role in the Business as the Personal Data Officer (PDO) role.

Class Objective: Personal Data Officer is the bridge between the Personal Data Controllers and the Board of Directors/Owner in your organization.  Their primary responsibility is to be the Project Manager of the Personal Data Program as well as the Primary Responsible body for determining course of action recommendations to be given to the ACCOUNTABLE BODY of the business which is the Board of Directors or  Company Owner as the situation dictates.

PDP Role Data Processor

Understanding the impact of Personal Data Protection Law on you and your business.

Class Duration:  2 Days

Level of Knowledge: None to Limited

Target Audience: All Members of the Business performing PII data management.

Class Objective: UU PDP Law 27 of 2022 greatly changes the controls and processes that must be followed when handling PII data. Your business has a short time to redo the majority of your customer services and employee management procedures. Investments will be needed in staff and technology to protect your team from possible fines or other legal issues going forward.

PDPL Role Controller

What tasks and functions must be performed by the Personal Data Controller for your business.

Class Duration: 2 Days

Level of Knowledge: Must have a Personal Data Processor Certificate.

Target Audience: Must be assigned the Role in the Business as the Personal Data Controller (PDC)  or Personal Data Officer (PDO) roles.

Class Objective: UU PDP Law 27 of 2022 greatly changes the controls and processes that must be followed when handling PII data.  Your business has assigned you the responsibility of managing your Personal Data Protection policy, procedures and technologies on a day to day basis. This responsibility has administrative and potential criminal compliance requirements that you must meet.  This Class is to explain these requirements and how they impact your job as either the PDC or PDO.  PDO manages the PDC, the PDC manages the daily PDP operations.

Cybersecurity Awareness for Banking Management

Understanding Why Cybersecurity is Important to Banking Operations

Class Duration:  2 Days

Level of Knowledge: None to Limited

Target Audience: ALL Senior and Middle Management is invited to attend

Class Objective: Get a better understanding of the impact of Cyber Fraud of day to day banking operations.  Learn how your teams can better identify cyber fraud and prevent loss of reputation by the bank as well as prevent customer funds lost.

The steps to be compliant with POJK 11-03-2022 and Cyber Resilience SMA

What is Cyber Resilience as discussed by POJK 11-03-2022

Class Duration: 5 Days

Class Location:  Multiple / Including your location

Level of Knowledge: None to Limited (First Class in Series on topic)

Target Audience: ALL Senior to  Middle Management and Senior Technical Leads

Class Objective: Cyber Resilience is not a new term, but it may be a new way of looking at your cyber infrastructure and security implementation.  We provide an interactive classroom experience to educate persons on the concepts behind cyber resilience and the fundamentals of cybersecurity that are the foundations of cyber resilience.  

The WHY cyber resilience is being required and the benefits of implementing the controls at all levels of your organization will be interactively discussed by the class.  HOW this differs from current cybersecurity guidance will be explained and examples of implementation procedures will be reviewed with the class.  Students will be able to identify a real implementation gain versus a fake security solution or implementation going forward.

POJK 11-03-2022 cybersecurity and cyber resilience requirements are discussed in detail with the class.  How your Supply Chain management, Network Architecture and Data Center implementations impact your Security Maturity are reviewed.  Questions about how PII / PDP regulations and implementation impacts your cyber resilience will be addressed.

Different scenarios of architecture will be reviewed with a Security Maturity Assessment to allow the class to understand how ratings should be applied.  Current industry guidelines for cyber resilience, cyber security and related organizational Continued Professional Education will be discussed.   This will allow your staff to better understand how to do your Self Security Management Assessment(s) (SMA).  Plus,  what improvements will be needed to improve your score.

Students will be able to perform an accurate Self Security Maturity Assessment after the class.

The Foundation of Cybersecurity Framework (CSF) - Class 101

Roles and Responsibilities Alignment for Cybersecurity within your Business

Class Duration: 5 Days

Level of Knowledge: None to Limited (First Class in Series on topic)

Target Audience: ALL Middle Management and Senior Technical Leads

Class Objective: International and NATIONAL Cybersecurity is based on the same principles of execution.  BSSN, MoCI, and other Ministries with Indonesia base their recommendations on the NIST Cybersecurity Framework.  Based on this foundation we will:

  1. Explain the reasons why a business needs to see Cybersecurity as part of its culture and active business model. 
  2. Discuss the Laws of Indonesia as related to Information Technologies and the specific Regulations impacting the students in the class as related to Cybersecurity today to include Draft Law under development. 
  3. Define the unique roles each department in a business plays in Cybersecurity for the business and how Cybersecurity helps them in their personal lives.
  4. Defines how to remove barriers in implementing Cybersecurity across the business while REDUCING Operational Cost and enhancing the Business’s Security Posture.  In other words creating PROFIT for the company.

Cybersecurity Framework Practitioner Class 201 - Identify

Class Duration: 5 Days

Level of Knowledge: Students needs to have attended the 101 with same title first

Target Audience:  IT Management and Senior Technical Leads

Class Objective: This is part 2 of a 4 part class.  Identify is the topic based on the Cybersecurity Framework / NIST 800-53r5.

Risk Management, Continuous Monitoring, Security Validation, Supply Chain Controls, Asset and User Management what do all of these have in common.  These are the building blocks of Identify and as such the foundation of Cybersecurity Operations, DEV/SEC/OPS and your organization’s Policies and Procedures going forward.

Understanding these relationships and how to effectively manage these areas in a cost effective manner is the students primary goal.  Reducing waste in contracting and purchasing properly defined services like Pen Testing based on the formal standards will help your organization increase PROFIT while reducing costs.

Cybersecurity Framework Practitioner Class 301- Protect and Detect

Class Duration: 5 Days

Level of Knowledge: Students needs to have attended the 101 with same title first

Target Audience: IT Management and Senior Technical Leads

Class Objective:

This is part 3 of a 4 part class.  Protect and Detect are the topics based on the Cybersecurity Framework / NIST 800-53r5. 

Protect – Your staff will learn best practices for how to REALLY protect your business from Local and International Threats.  Current and up to cyber threats are discussed and each class is unique for this reason.  The process of how to be compliant with MoCI 20-2016 and other Data Protection requirements based on Industry Specific from Indonesia Ministries such as Health Care and Finance.   

Detect – Students learn about the threats to your business and how to see them as they enter your environment. Identify the protections you need to isolate and block attacks either via automation or human interaction in a timely manner (5 minutes or less).   Students will better understand current DEV/SEC/OPS requirements and understand the principles of current ATT&CK / D3FEND as applied to their environment.

Cybersecurity Framework Practitioner Class 401- Response and Recover

Class Duration: 5 Days

Level of Knowledge: Students needs to have attended the 101 with same title first

Target Audience: Corporate Planning Staff, IT Management and Senior Technical Leads

Class Objective:

This is part 4 of a 4 part class.  Response and Recover are the topics based on the Cybersecurity Framework / NIST 800-53r5. 

Response – How your business reacts to a breach or security event will define your business in both the public eye and in the future profit of the business.  The ability to correctly react is something that MUST BE preplanned and updated on a regular basis.  Practice, Practice, Practice. The process of how to create and maintain these plans will be provided to the class and practiced during the week.

Recover  – We plan for the worst case and hope for the best.  The recovery of a business is the most important step in your reaction to any cyber, breach or disaster event. Implementation of your recovery plans and the continual improvement of your plans should be a part of your active planning roadmap. Students will look at the life cycle of Response and Recover

Do you want to know more?

Have any questions about Naga Cyber Academy Custom Courses?

Email us at contactus@nagacybersecurity.com