CFRBP-YN: Cybersecurity First Responder For Business Professionals

By the end of this course, participants will:

• Understand fundamental cybersecurity concepts and risks.
• Identify phishing, malware, and social engineering attacks.
• Respond effectively to cybersecurity incidents.
• Implement best practices for password security and data protection.
• Use cybersecurity tools to assess and prevent threats.

Day 1
Introduction to Cybersecurity & Threat Recognition

Module 1: Introduction to Cybersecurity

• What is cybersecurity?
• Importance of cybersecurity for non-IT professionals.
• Common cybersecurity terms (malware, phishing, ransomware, etc.)
• Real-world examples of cyberattacks.

Activity 1: Interactive Discussion

• Participants share their experiences with cyber incidents (e.g., phishing emails, suspicious links).

Activity 2: Animation

• Title: "How Cyberattacks Happen"

Module 2: Common Cyber Threats

• Phishing attacks.
  • Definition and tactics used
  • Common phishing attack vectors (Email, Phone, SMS)
• Malware and ransomware
• Social Engineering.
• Password Attacks.

Activity 3: Hands-on Labs & Exercise

• Lab 1: Phishing Simulation: Participants receive a mock phishing email and identify red flags.
• Tools: Phishing simulation tool like GoPhish
• Demo: Using PhishTank for phishing verification

Activity 4: Animation

• Title: “How Phishing works”

Module 3: Malware & Ransomware Basics

• What is malware? Types: Trojans, Worms, Spyware
• How ransomware attacks work

Activity 5: Hands-on Labs & Exercise

• Running a Safe Malware Analysis
• Demo: Using Hybrid-Analysis for file scanning.
• Exercise: Identifying malicious files.

Module 4: Securing Personal and Organizational Data

• Password hygiene and multi-factor authentication (MFA).
• Data encryption basics
• Secure browsing practices

Activity 5: Hands-on Labs & Exercise

• Password Strength Checker: Participants create and test passwords using tools like How Secure Is My Password?
• Enable MFA: Walkthrough of enabling MFA on a Google account.
• Hands-on: Cracking weak passwords (Hashcat Simulation)

Activity 6: Animation

• Title: "How Multi-Factor Authentication Works"

Module 5: Study and Discussion

• Participants analyse a real-life cyberattack case and discuss response strategies.

Activity 7: Real-life

• Colonial Pipeline
• WannaCry
• Recap with Q and A session

 

Day 2
Incident Response & Prevention Strategies

Module 6: Incident Response Fundamentals

• What is Incident Response (IR)?
• Steps of IR: Detect, Contain, Eradicate, Recover, Lessons Learned.

Activity 8: Animation: How Incident Response Works
Activity 9: Hands-on Lab - Building an IR Plan

• Group exercise: Creating an Incident Response Plan
• Demo: Using NIST IR Framework

Module 7: Email Security & Safe Browsing

• Recognizing malicious URLs & email spoofing.
• Hands-on: VirusTotal analysis of suspicious links

Activity 10: Hands-on Labs & Exercise

• Use VirusTotal.

Module 8: Wi-Fi Security and Network Security

• Common threats to wireless networks
• Securing a Wi-Fi Network

Activity 11: Hands-on Labs & Exercise

• Hands-on: Securing a Wi-Fi Network.
• Demo: MITM Attack Simulation & Prevention.

Module 9: Respond and How to Prevent the attacks

• Participants work in teams to respond to a simulated cyberattack
• Regular software updates.
• Backing up data
• Best practices

Activity 11: Team exercise: Simulating a cyberattack response

• Scenario: A fake ransomware pop-up appears on their screen, and they must follow the steps to mitigate it.

Activity 12: Animation: Backing up Data and Software Updates

Recap with Q and A session
Included labs: Lab 1: Identifying Phishing Emails

• Lab 2: Running a Safe Malware Analysis
• Lab 3: Password Security & Cracking Weak Passwords
• Lab 4: Network Security - Securing Wi-Fi
• Lab 5: Final Cyberattack Response Simulation