Information Security Awareness: An introduction for UK SMEs
4.4 (86 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
290 students enrolled

Information Security Awareness: An introduction for UK SMEs

Recognise the main UK SME cyber security breaches and learn how to protect yourself and your company from common attacks
4.4 (86 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
290 students enrolled
Last updated 4/2018
English
English
Current price: $69.99 Original price: $99.99 Discount: 30% off
5 hours left at this price!
30-Day Money-Back Guarantee
This course includes
  • 2 hours on-demand video
  • 33 downloadable resources
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
Training 5 or more people?

Get your team access to 4,000+ top Udemy courses anytime, anywhere.

Try Udemy for Business
What you'll learn
  • Recognise the main UK SME cyber security threats including viruses, malware, impersonation, hacking, identity theft and corporate identity fraud.
  • Protect yourself from social engineering attacks through cautious behaviour, call verification and email precautions.
  • Safely handle email attachments and follow hyperlinks, identify fake emails, and recognise common business scams.
  • Avoid social media dangers including identity theft, social engineering attacks and malware, and adopt sound social media practices.
  • Securely manage your passwords.
Requirements
  • An appreciation of UK small business and its environment.
  • A general familiarity with internet browsing and typical office applications.
Description

What Will I Learn?

  • The value of stolen information and how to recognise UK SME cyber security threats including viruses, spyware, malware, impersonation, denial-of-service, hacking, identity theft and corporate identity fraud,
  • How social engineering attacks operate and how to protect yourself through cautious behaviour, call verification and by applying email precautions,
  • Sound practices to safely handle email attachments and follow hyperlinks, identify fake emails, and recognise common business scams,
  • To recognise and avoid social media dangers including identity theft, social engineering attacks and malware, by adopting sound social media practices,
  • To securely manage your passwords.

 

Requirements

  • An appreciation of the small business workplace,
  • A general familiarity with internet browsing and common office applications.


Description

UK SMEs are at risk of cyber-attack.  Security awareness training helps SMEs defend themselves.  This introductory, non-technical information security awareness course, avoids (almost all) jargon to outline key SME workplace security threats and give you actionable solutions.

 

Develop a security-mindset based on a realistic, evidence-based UK SME threat awareness

  • Know who the attackers target and why,
  • Minimise your user-enabled security attacks,
  • Defend yourself and your company against phishing and other lure-based attacks,
  • Adopt safe, and avoid unsafe workplace social media practices,
  • Improve your password management.


Protect yourself and your SME

SMEs with a security-aware culture are less likely to suffer an expensive cyber-attack.  Educating yourself about workplace information security threats and adopting secure practices will help protect your company.  This course introduces end-user focused, straightforward, non-technical security awareness topics.


The course is particularly suited to micro (0-9 employees) and small (10-49 employees) SMEs.  Some medium (50-249 employees) SMEs will benefit from parts of the course.  Most examples and many references in the course are UK sourced.


Individuals, families, small businesses and large organisations share many information security threats.  How SMEs should prepare for and respond to these threats differs from the other categories of user.  Defensive techniques and tips offered in this course are UK SME oriented.


Key information security awareness topics are presented in a straightforward, accessible and practical manner.


At the end of each topic, use the workbooks to determine further security awareness actions.


Course content and overview

Actionable end-user security awareness training is structured around five key, standalone topics:

  • You are a target,
  • Social engineering,
  • Dangerous email and links,
  • Social media issues,
  • Password risks.


This course comprises of 33 lectures and around 2 hours of lecture content.  Each topic divides into several short lectures.  Lectures typically last 4-8 minutes.  Following each topic, are practice activities and resources: e.g. a downloadable lecture pdf, an online quiz providing immediate feedback, a downloadable workbook and a topic bibliography.


A course completion certificate is also available.


Course topics

 

You are a target

This topic considers the value of personal or company information and how it is sold on darknet markets.  It introduces identity theft, highlighting the type of people deliberately targeted.  Corporate identity fraud and basic protection approaches are addressed.  Common workplace information security threats, as identified by a UK government survey, are introduced.

 

Social engineering

This topic introduces social engineering is and explains its popularity amongst attackers.  Three main malicious social engineering techniques are introduced.  Mainly UK social engineering examples are given.  Defensive techniques against social engineering attacks are outlined.

 

Dangerous email and links

This topic considers email attachment dangers.  The reasons attackers favour email are given.  Email protection steps are provided.  Hyperlinks and their dangers are explained.  How to distinguish between real and fake email is explored.  Scams targeting UK SMEs and protection advice are introduced.  A specific attack type – spear phishing – is also considered.


Social media issues

This topic introduces workplace social media.  SME social media concerns are outlined.  Key social media dangers including identity theft, social engineering attacks, malware infection, plus employee and employer risks are discussed.  Social media advice for UK SME employees and employers is provided.

 

Password risks

This topic considers key password issues including the ‘worst’ passwords, too many passwords, forgotten passwords and main types of password attack.  Technical security controls for passwords and their limitations are outlined.  The contrast between how users manage passwords and how they should manage their passwords is explored.  Poor password hygiene practice is demonstrated.  Good practice password hygiene is explained.  Two-factor authentication is outlined.  SME password security – managing multiple logins and passwords plus security tips for passwords are introduced.


Who this course is for:
  • This course is designed for:
  • UK-based SME employers and employees, especially those working with office computing or mobile applications including browsers, email, word processors and spreadsheets.
  • Computing and business students interested in UK small business.
  • This course is not designed for:
  • UK SME employees not using computers, mobile devices or accessing the internet.
  • People without a UK SME interest or awareness.
  • This is a non-technical course focussed on small business security awareness. Except for evaluation purposes, this course is not appropriate for.
  • Information security professionals.
  • Technical IT staff.
  • Government or large organisation staff.
Course content
Expand all 33 lectures 01:49:18
+ Introduction
1 lecture 03:55

This lecture introduces the Information Security Awareness: An introduction for UK SMEs course

  • Why this curriculum?
  • What’s in it for you?
  • Who is this course for?
  • Course structure and content
  • Information security awareness – topics introduced
  • Practice activities
  • Resources
Preview 03:55
+ You are a target
6 lectures 19:25

These you are a target lectures are structured as follows

  • Context – sets the scene and estimates the annual number of computer misuse incidents in England and Wales
  • Main concepts – introduces the stolen information market, outlines identity theft and presents common SME information security threats
  • Practical implications – argues that SMEs should consider the accidental harm caused by uninformed users and think about conducting security awareness training
  • Summary and conclusions – presents a summary of key points plus final comments
Preview 02:11

This lecture discusses

  • Is your personal or company information valuable?
  • Stolen information is sold on darknet markets
The stolen information market
04:42


Stolen information market quiz.  Select the answer option that best reflects your view or understanding.


Note: some questions are opinion rather than fact based.  For these questions, more than one answer is ‘acceptable’.  However, the platform requires a single ‘correct’ answer.  You may disagree with my opinions!  That’s OK.  Please focus on reviewing the answer explanation rather than attaining ‘correct’ answers.


The stolen information market
4 questions

This lecture discusses

  • What is identity theft and who is most at risk?
  • Corporate identity fraud
  • Protecting corporate identity
  • Example: corporate identity phishing email
Preview 05:05


Identity theft quiz.  Select the answer option that best reflects your view or understanding.


Note: some questions are opinion rather than fact based.  For these questions, more than one answer is ‘acceptable’.  However, the platform requires a single ‘correct’ answer.  You may disagree with my opinions!  That’s OK.  Please focus on reviewing the answer explanation rather than attaining ‘correct’ answers.


Identity theft
5 questions

This lecture discusses

  • Common workplace information security threats
  • Example: malware laced Companies House email
SME information security threats
04:54


SME information security threats quiz.  Select the answer option that best reflects your view or understanding.


Note: some questions are opinion rather than fact based.  For these questions, more than one answer is ‘acceptable’.  However, the platform requires a single ‘correct’ answer.  You may disagree with my opinions!  That’s OK.  Please focus on reviewing the answer explanation rather than attaining ‘correct’ answers.


SME information security threats
4 questions

This lecture explains

  • Why it matters

And asks

  • Where might this lead?
Practical implications
01:09

This lecture summarises the you are a target topic and draws conclusions

Summary and conclusions
01:24
+ Social engineering
6 lectures 18:26

These social engineering lectures are structured as follows

  • Context – understanding common social engineering techniques may help you to protect yourself
  • Main concepts – introduces social engineering, provides some examples and offers some defensive tips
  • Practical implications – social engineering turns our own human nature against us – technology cannot fully protect us, so please remain wary Summary and conclusions – presents a summary of key points plus final comments
Preview 01:49

This lecture discusses

  • Social engineering: definition
  • Malicious social engineering
  • Phishing
  • Vishing (voice + fishing) & Smishing (SMS + fishing)
  • Impersonation
Preview 06:26


What is social engineering quiz.  Select the answer option that best reflects your view or understanding.


Note: some questions are opinion rather than fact based.  For these questions, more than one answer is ‘acceptable’.  However, the platform requires a single ‘correct’ answer.  You may disagree with my opinions!  That’s OK.  Please focus on reviewing the answer explanation rather than attaining ‘correct’ answers.


What is social engineering?
4 questions

This lecture discusses

  • Phishing examples: UK HMRC
  • Vishing example: Businesswoman Emma Watson
  • Impersonation example: fake LinkedIn profiles
Social engineering examples
04:24

This lecture discusses

  • Being generally cautious
  • Verify calls made to you
  • Email precautions
Defending yourself
02:51


Defending yourself quiz.  Select the answer option that best reflects your view or understanding.


Note: some questions are opinion rather than fact based.  For these questions, more than one answer is ‘acceptable’.  However, the platform requires a single ‘correct’ answer.  You may disagree with my opinions!  That’s OK.  Please focus on reviewing the answer explanation rather than attaining ‘correct’ answers.


Defending yourself
3 questions

This lecture explains

  • Why it matters

And asks

  • Where might this lead?
Practical implications
01:31

This lecture summarises the social engineering topic and draws conclusions

Summary and conclusions
01:25
+ Dangerous email and links
7 lectures 26:23

These dangerous email and links lectures are structured as follows

  • Context – many UK SMEs are cybercrime victims with estimated costs running into billions
  • Main concepts – considers the dangers of email attachments and hyperlinks, introduces some common scams targeting small business and outlines spear phishing
  • Practical implications – SMEs are especially vulnerable to email borne threats and staff need to be aware of them
  • Summary and conclusions – presents a summary of key points plus final comments
Preview 02:00

This lecture discusses

  • Why are email attachments dangerous?
  • Email attachment dangers
  • US-CERT email attachment protection steps
Email attachments
04:34


Email attachments quiz.  Select the answer option that best reflects your view or understanding.


Note: some questions are opinion rather than fact based.  For these questions, more than one answer is ‘acceptable’.  However, the platform requires a single ‘correct’ answer.  You may disagree with my opinions!  That’s OK.  Please focus on reviewing the answer explanation rather than attaining ‘correct’ answers.


Email attachments
3 questions

This lecture discusses

  • What are hyperlinks?
  • The dangers of clicking email links
  • Real vs. fake emails
  • Example: phishing email ‘from’ NatWest bank
  • Safe vs. unsafe email links: general advice
Hyperlinks
05:37


Hyperlinks quiz.  Select the answer option that best reflects your view or understanding.


Note: some questions are opinion rather than fact based.  For these questions, more than one answer is ‘acceptable’.  However, the platform requires a single ‘correct’ answer.  You may disagree with my opinions!  That’s OK.  Please focus on reviewing the answer explanation rather than attaining ‘correct’ answers.


Hyperlinks
3 questions

This lecture discusses

  • Fake invoice fraud
  • Ransomware demand
  • Example: UK company ransomware victim
  • Data theft
  • Protecting a small business from attacks
Preview 07:17


Common scams quiz.  Select the answer option that best reflects your view or understanding.


Note: some questions are opinion rather than fact based.  For these questions, more than one answer is ‘acceptable’.  However, the platform requires a single ‘correct’ answer.  You may disagree with my opinions!  That’s OK.  Please focus on reviewing the answer explanation rather than attaining ‘correct’ answers.


Common scams
3 questions

This lecture discusses

  • Spear phishing characteristics
  • Detecting spear phishing attempts
Spear phishing
03:41


Spear phishing quiz.  Select the answer option that best reflects your view or understanding.


Note: some questions are opinion rather than fact based.  For these questions, more than one answer is ‘acceptable’.  However, the platform requires a single ‘correct’ answer.  You may disagree with my opinions!  That’s OK.  Please focus on reviewing the answer explanation rather than attaining ‘correct’ answers.


Spear phishing
3 questions

This lecture explains

  • Why it matters
  • Where might this lead?

And asks

Practical implications
01:34

This lecture summarises the dangerous emails and links topic and draws conclusions

Summary and conclusions
01:40
+ Social media security issues
5 lectures 13:38

These social media security issues lectures are structured as follows

  • Context – social media is increasingly used by SMEs, despite legitimate workplace concerns
  • Main concepts – introduces workplace social media dangers and discusses protecting SMEs and their staff
  • Practical implications – social media is here to stay, employees and customers demand it, so SMEs need to embrace it Summary and conclusions – presents a summary of key points plus final comments
Preview 02:34

This lecture discusses

  • Social media dangers: identity theft
  • Social media dangers: social engineering attacks
  • Social media dangers: malware
  • Social media dangers: personal
  • Employer’s social media risks
Social media dangers
05:22


Social media dangers quiz.  Select the answer option that best reflects your view or understanding.


Note: some questions are opinion rather than fact based.  For these questions, more than one answer is ‘acceptable’.  However, the platform requires a single ‘correct’ answer.  You may disagree with my opinions!  That’s OK.  Please focus on reviewing the answer explanation rather than attaining ‘correct’ answers.


Social media dangers
3 questions

This lecture discusses

  • Advice for employees
  • Advice for employers
Preview 03:18


Workplace social media protection quiz.  Select the answer option that best reflects your view or understanding.


Note: some questions are opinion rather than fact based.  For these questions, more than one answer is ‘acceptable’.  However, the platform requires a single ‘correct’ answer.  You may disagree with my opinions!  That’s OK.  Please focus on reviewing the answer explanation rather than attaining ‘correct’ answers.


Workplace social media protection
3 questions

This lecture explains

  • Why it matters
  • Where might this lead?


Practical implications
01:07

This lecture summarises the social media security issues topic and draws conclusions

Summary and conclusions
01:17
+ Password risks
7 lectures 21:18

These password risks lectures are structured as follows

  • Context – people are fed up with passwords and their associated problems
  • Main concepts – introduces password issues, discusses password management, demonstrates poor and good password hygiene, and offers tips to improve SME password security
  • Practical implications –  SME employees may unknowingly be putting their organisations at risk
  • Summary and conclusions – presents a summary of key points plus final comments
Preview 01:37

This lecture discusses

  • Common password problems
  • Convenience vs. security
  • The worst passwords
  • Too many passwords
  • Forgotten passwords
  • Password attacks
  • Password attacks: brute-force
Preview 05:26


Password issues quiz.  Select the answer option that best reflects your view or understanding.


Note: some questions are opinion rather than fact based.  For these questions, more than one answer is ‘acceptable’.  However, the platform requires a single ‘correct’ answer.  You may disagree with my opinions!  That’s OK.  Please focus on reviewing the answer explanation rather than attaining ‘correct’ answers.


Password issues
3 questions

This lecture discusses

  • Technical security controls: password strength
  • User password management issues Password strength
Managing passwords
03:58


Managing passwords quiz.  Select the answer option that best reflects your view or understanding.


Note: some questions are opinion rather than fact based.  For these questions, more than one answer is ‘acceptable’.  However, the platform requires a single ‘correct’ answer.  You may disagree with my opinions!  That’s OK.  Please focus on reviewing the answer explanation rather than attaining ‘correct’ answers.


Managing passwords
3 questions

This lecture discusses

  • Password hygiene: what is it?
  • Example: poor password hygiene
  • Good password hygiene practice
  • Two-factor authentication
Password hygiene
04:33


Password hygiene quiz.  Select the answer option that best reflects your view or understanding.


Note: some questions are opinion rather than fact based.  For these questions, more than one answer is ‘acceptable’.  However, the platform requires a single ‘correct’ answer.  You may disagree with my opinions!  That’s OK.  Please focus on reviewing the answer explanation rather than attaining ‘correct’ answers.


Password hygiene
3 questions

This lecture discusses

  • Keeping track of multiple logins and passwords
  • Password managers
  • SME password tips
SME password security
03:03

SME password security quiz.  Select the answer option that best reflects your view or understanding.


Note: some questions are opinion rather than fact based.  For these questions, more than one answer is ‘acceptable’.  However, the platform requires a single ‘correct’ answer.  You may disagree with my opinions!  That’s OK.  Please focus on reviewing the answer explanation rather than attaining ‘correct’ answers.


SME password security
3 questions

This lecture explains

  • Why it matters
  • Where might this lead?

And asks

Practical implications
01:12

This lecture summarises the password risks topic and draws conclusions

Summary and conclusions
01:29
+ Course summary and conclusions
1 lecture 06:13
Course summary and conclusions
06:13