Course Details
Duration: AEST (UTC+10:00)
SESSION 1 (4 hours)
5:00pm - 9:00pm - Tuesday, 24 June 2025
SESSION 2 (4 hours)
5:00pm - 9:00pm - Thursday, 26 June 2025
Venue:
Online
Costs:
RMIA Members $795.00 (incl GST)
Non-Members $995.00 (incl GST)
CPD Points: 8
The RMIA, in collaboration with our training partner Risk 2 Solution is pleased to launch the pilot session of Cyber Security Strategies for Risk Practitioners. This course is aimed at aligning Strategic Objectives with Tactical Operations to achieve organisational Cyber resilience in alignment with business strategy and organisational goals. This program will concentrate on the core principles of Australian Cyber Security, designed to swiftly familiarise senior leaders and risk professionals with essential knowledge. By the course's conclusion, participants will possess a foundational understanding of Cyber Security pillars, enabling them to effectively navigate and seek assistance when needed.
Learning Objectives
This short course will prepare risk practitioners responsible for cyber risk with an awareness of the tactical skills aligning to strategic objectives in the areas of:
Cyber risk assessment in our regional context.
Cyber Gap analysis.
Organising remediation work.
Risk treatment and Cyber Security vendor selection technique methodologies.
Tracking remediation and reporting over time and;
Creating a continuous Cyber compliance activity calendar.
Course Modules
Cyber Presilience
Preparing people, policy, and tools before a cyber incident in readiness for rapid response.Cyber Concepts, and the threat landscape
We explore the basics of protecting Confidentiality, Integrity and Availability and look at the key cyber phases of Govern, Identification, Protection, Detection, Response and Recovery activities.Identifying Cyber Threats, Vulnerabilities and identifying risk in a familiar way
This module looks at Cyber Threats, Vulnerabilities, Likelihood and Consequence and how it relates to traditional risk methodology. We expand on this by looking at the scoring systems used for cyber threat and resources available for further investigation.Cyber Legislation and applicable Cyber Security Governance Frameworks
This module covers an awareness of regional cyber legislation including the Security of Critical Infrastructure Act, Australian Privacy Principles and State Based Information Security Legislation. We identify common Cyber and Information Security Frameworks available such as ISO27001, the Australian Signals Directorate - Australian Cyber Security Centre's Information Security Manual (ISM) and international standards NIST-CSF v2.0, NIST-800-53r3 Framework, SOCII and the OWASP Top 10.Cyber Audit and Gap Analysis / Gap Identification
This module looks at conducting a cyber assessment against a framework, creating a statement of applicability of controls, assessment against controls and creating a gap analysis for controls in need of further remediation work.Creating a plan of actions and milestones
This module looks at creating a plan of actions and milestones to address Cyber Gaps.Risk Quantification and Selecting cyber remediation controls backed with data
This module compares Risk Quantification methodologies that map cyber risk to business impact, how risk quantification aids in the appropriate selection of mitigation techniques, tools or vendors in alignment with business objectives and in prioritising mitigation implementation based on urgency and business impact.Tracking cyber remediation and cyber maturity uplift against milestones
We explore how to track the implementation of a risk treatment plan activities over time alongside reporting techniques.Continuous cyber risk monitoring and creating an actionable cyber security compliance calendar
This module looks at the ongoing activities we need to plan and conduct on an ongoing basis to maintain compliance to existing legislation and frameworks and tracking framework and environment changes over time to conduct continuous risk re-assessment and risk treatment in a dynamic threat environment.
Format of the Course
Online run over two half-days. An interactive workshop with ample time to participate, share and network.
About the Trainer
Sean Finn - Cybersecurity Subject Matter Expert
Sean Finn is a seasoned cybersecurity professional with extensive experience in providing critical ICT (Information, Communications & Technology) services to various industries, including Mining, Defence, and Aviation. Over his two-decade career, Sean has established himself as a trusted authority in incident response and security integration, with a strong focus on preventing incidents and ensuring the resilience of software supply chains.
What sets Sean apart is his comprehensive understanding of risk psychology, evidenced by his formal qualifications in the field. This specialised knowledge enhances his ability to assess and mitigate threats effectively, making him a valuable asset in any risk management strategy.
Sean's journey in the industry has been marked by success, including the incubation and sale of multiple small ICT technology firms. His diverse skill set encompasses roles such as DevOps Software Engineer, Solutions Architect, Internet Network Engineer, and Commercial Hosting Provider, with a particular emphasis on crafting secure ICT platforms tailored for the unique challenges of the Mining and Defence sectors.
Recognised as an industry advisor to esteemed institutions like the Cyber Tech Institute of Australia, Sean Finn is dedicated to staying at the forefront of cybersecurity and risk management. With his wealth of knowledge and practical expertise, Sean is well-equipped to guide risk practitioners through the complexities of today's digital landscape.
Group Bookings: For Group Bookings, please contact us via email on pdp@rmia.org.au or by phone on 1300 775 648.
When you register for this course you agree to the RMIA passing your registration details onto our Training Partner, Risk 2 Solution.