In the course of the year 2021, the Grant Thornton Advisory technological consulting team performed a project in internal training on Cyber Security and Business Continuity Management for the middle management of a major client. The team of manager Jakub Šebek performed training for the client, both on the theoretical and on practical level. What specific topics have we helped the client with? And what awaits us in this year?

The one-on-one training program provided participants with knowledge of management and technical controls aimed at protecting, detecting and responding to security issues, as well as insight into the development and maintenance cybersecurity programs, including business analyses, strategic planning and management tools.

The training included real-life examples, focused on both technical and managerial issues, and its main objective was to help the participant become an effective manager capable of leading a team in implementing IT security policies and ensuring cybersecurity compliance. The training was carried out in the scope of 18 teaching hours and the participant would receive a certificate after its successful completion.

In the course of the year 2021, training focusing on the following areas was provided:

• General context of cyber security – types of threats and security measures
• Related legislation, frameworks and standards (e.g. ISO/IEC 27000, NIST)
• Relationship between Cybersecurity and Business Continuity Management, i.e. the management of continuity of processes at the company
• Cybersecurity strategy – main aspects and approaches
• Description of types of cyber threats and general prevention
• Security and threats to cloud services
• Security risk management – identification, measurement and quantification
• Incident management, roles and responsibilities

We will continue the training this year based on positive feedback. With the client, we agreed to build on the previous topics and deepen them in practice.

• Context of OT (Operational Technology) and IT (Information Technology) in the context of cyber security strategy
• Practical use and processing of Business Continuity and Disaster Recovery plans
• Aligning IT services with business needs using the ITIL framework – service strategy, design, transaction, operations and continuous improvement – all in relation to cyber security
• The role of cyber security in project and programme management
• Cybersecurity in Industry 4.0

If you are looking for support in the area of internal training or in the preparation of strategic or operational documentation in the above areas, please do not hesitate to contact us.

Jakub Šebek
Manager | Advisory, Technology
T (mobile) +420 731 625 598
E jakub.sebek@cz.gt.com