The “CyberSecurity for Managers” program was developed in a partnership between CATÓLICA-LISBON and TÉCNICO+. Its goal is to promote a perspective regarding the current risks associated with Information Technologies and Management practices, which intend to protect organizations. The program aims to address the technological and human components of information systems, with a special focus on their vulnerabilities. Risks are also identified, and so are the resources required to manage them, accompanied by an integrated perspective of the governance of all these resources, with a particular focus on people. The program ends with the necessary activities in order to create a plan to protect information systems regarding CyberSecurity and with an exercise about decision making under pressure during a cyber-attack.

The importance of CyberSecurity in Organizations

CyberSecurity is more important than ever, taking into account the recent social and labor paradigm shift. Organizations and individuals are ever more dependent on digital devices, with the internet being the main channel for working, for networking, and for information sharing between teams, friends and families. This context inevitably leads to increased exposure to cyber-attacks. Some examples include: in April 2020, the WHO reported that, since the beginning of the COVID-19 pandemic, there has been a large increase in the number of cyber-attacks targeted at its employees and in fraudulent emails aimed at the general public; Honda and Life Healthcare were also hit by cyber-attacks in June 2020. These attacks do serious damage, ranging from lost revenue to ransom demands by hackers, which could amount to millions of euros.

In association with:

Objectives

• To understand the current information systems and their main vulnerabilities;
• To understand the importance of the human factor in the defense of the IT infrastructure;
• To get in touch with the culture of attacking information systems;
• To understand the architecture of the information system infrastructure that needs to be protected;
• To get to know the main techniques, approaches, and technologies used to protect systems;
• To know how to manage risk and how to access sources of information and which organizations are available to participate in the joint defense of technological infrastructure;
• To be prepared to react to attacks on information systems, namely in decision making in a crisis environment;
• To know the most appropriate governance solutions and the required roles for managing CyberSecurity;
• To know how to design and manage a CyberSecurity plan.