On this page
- AD exploitation
- Cyber security for boards and leadership teams
- Incident response planning and exercises
- Open Source Intelligence
- Privacy fundamentals
- Security awareness training for staff
- Secure development training
- Introduction to the NZISM
We offer a wide range of training courses that can be delivered online, at your premises, or hosted in our boardrooms. Our trainers are experienced in engaging with audiences and delivering content that is technically accurate, interesting, and memorable. We can provide training on a range of topics, so get in touch with us to find out more. Subjects we regularly cover include:
AD exploitation
The Bastion Active Directory (AD) exploitation training course assists security operations / Blue Teams in bolstering their capability to detect malicious activity on their network.
Bastion has a custom, fully patched training environment with multiple computers in Amazon AWS. The environment can support multiple students at a time. By the end of the workshop, the attendees will be able to apply the techniques learned to fully compromise the lab environment.
Cyber security for boards and leadership teams
This course is tailored for Directors and those who support them in Board activities. Upon course completion, you will be able to:
- Understand the types of threats that may face your business and why they matter
- Appreciate the value to your business of being cyber secure
- Determine your risk appetite for a compromise involving your key information assets
- Make informed decisions about how to manage identified risks, based on your risk appetite, budget and capacity to treat them
- Seek and understand the right information from your Executive about information security risks that could impact your business
Incident response planning and exercises
The impact of cybersecurity incidents, most notably ransomware, can be devastating for almost any organisation. From the loss of critical business services to the disclosure of sensitive information, it has become clear that having a process to mitigate harm during an incident is something that is critical for most organisations that want to improve the security maturity.
Open Source Intelligence
Bastion is a recognised leader in the Open Source Intelligence (OSINT) space, having conducted numerous investigations, spoken at national conferences and provided training to customers across various industry sectors.
The Open Source Intelligence (OSINT) training course is delivered as either a one, two or three day-long workshop in which participants cover the techniques and tools used to conduct successful investigations on the Internet. By the end of the course, attendees will be able to produce relevant, timely and actionable intelligence.
Privacy fundamentals
This course takes you through foundational concepts including what is privacy, why it matters, potential privacy harms and how privacy and security concepts are related. We’ll look at the changes introduced in NZ’s updated legislation, review personal and sensitive information definitions and discuss how a privacy programme can prioritise quick wins that will help minimise the risks of privacy breaches, protect your key information and build a stronger organisational privacy culture through education and awareness. We use local and international case studies to demonstrate key points and explore how a positive privacy culture can be a business differentiator.
Security awareness training for staff
Courses range from one hour lunchtime sessions, to multi-day workshops covering advanced topics.
A typical course will comprise a 45-minute presentation discussing current methods used by criminals to access systems and extort money from victims, including recommendations for keeping yourself safe. 15 minutes is then reserved for questions with your team.
Secure development training
The secure development training course is aimed at raising the level of security maturity within a development team or department. In it we will review publicly released incidents on real corporations, both big and small, providing your team with a description of the different types of attackers and their motives; and in-depth look at most common modern web vulnerabilities (OWASP Top 10). This course includes hands-on exercises for your team to practice their new skills.
Introduction to the NZISM
The New Zealand Information Security Manual (NZISM) is the New Zealand Government’s security compliance handbook. It contains both a risk management framework and a number of security controls that are required for NZ government agencies, and encouraged for other NZ organisations.
By the end of this course you will understand the fundamentals of the NZISM, including its purpose, its structure and how to apply it to relevant organisations.