Teachers and students of the Department of Cybersecurity have completed an online course on improving the level of protection of information systems “Cybersecurity for Organizations”, developed by specialists of the State Service for Special Communications in cooperation with the Kyiv-Mohyla Academy and the Institute of Special Communications and Information Protection of Igor Sikorsky Kyiv Polytechnic Institute with the support of the EU4PAR Project.
Leading Ukrainian cybersecurity experts will share their experience with the participants:
- Oleksandr Potii, Head of the State Service for Special Communications, Doctor of Technical Sciences, Professor
- Trokhym Babych, Deputy Dean of the Faculty of Informatics, National University of Kyiv-Mohyla Academy
- Yevheniia Nakonechna, Head of the State Center for Cyber Defense of the State Service for Special Communications
- Yevhen Bryksin, specialist at the Governmental Computer Emergency Response Team of Ukraine CERT-UA
- Alina Khorovodnikova, specialist of the Governmental Computer Emergency Response Team of Ukraine CERT-UA
- Volodymyr Styran, cybersecurity expert, CISSP CISA OSCP
The course covered the main aspects of protecting information and digital infrastructure from threats:
- who are cybercriminals, what methods of attack they use and how they collect information about organizations
- Cyber Kill Chain model explaining the stages of a cyber attack
- cyber hygiene of personnel: rules of behavior in the network, use of strong passwords, two-factor and multi-factor authentication, protection against phishing attacks
- corporate network setup, including access control, Wi-Fi, VPN and remote desktop security, and the use of VLANs for network segmentation
- physical security of devices, in particular, the policy of using corporate gadgets, mobile device management (EMM, MDM), protection of IoT devices and actions in case of their loss or theft
- software security aspects: minimizing risks through access control and software updates, selecting reliable suppliers, using antiviruses and firewalls
- responding to cyber incidents: basic steps in detecting threats, logging events, analyzing attacks and data recovery strategies after an incident
- the role of government agencies in the field of cybersecurity, including the activities of the State Special Communications Service, the Security Service of Ukraine and the National Police
- legislative regulation of information protection and requirements of international standards of the ISO/IEC 270xx series