All Training Courses

GT-100-IN

Shock & Awe: Cybersecurity Awareness for Insurance Professionals – Level 1

Description

Become a human firewall in this interactive and fun cybersecurity awareness training course designed for insurance professionals! Experience live demos and workshops revealing how attackers exploit vulnerabilities and showcasing a Hacker’s Toolkit: including evil devices that spy on you, phishing scams, ransomware, Wi-Fi poisoning, Evil Twins, and poison phone hacking. Investigate how hackers exploit social engineering and social media to infiltrate protected systems. Participants will learn to recognize threats, understand the most common methods attackers use to target insurance companies.

Objectives

By the end of this course, participants will be able to:

  • Promote a culture of security within insurance teams and organizations.
  • Observe Hacker Toolkit (NDA/ethics contract must be signed, no photos).
  • Understand the security risks unique to insurance institutions and services.
  • Recognize threats to client data, transactions, and internal systems.
  • Learn how to identify and mitigate social engineering and cyberattack tactics.
  • Apply best practices in information security, regulatory compliance, and incident response.

Key Takeaways

  • How to build a human firewall and key traits
  • Deepened awareness of the evolving threat landscape in insurance
  • Practical knowledge to secure sensitive insurance and client data
  • Promote a team-oriented culture of cybersecurity within their workplace.
  • Respond appropriately to potential cyber incidents and suspicious activity.

Certificate of Completion

  • Certificate of Completion issued after successful completion of all chapters, hands-on exercises, and course evaluation.
  • Certificate is downloadable from the Ghost Team Academy Education Portal.

Training Outline

Module 1: Welcome

  • Topics:
    • Introductions and Expectations
    • Sign NDA
    • Pre-course Exam, 30 minutes on your laptop or phone, debrief 30 minutes
    • Course Overview

Module 2: Introduction to Security in the Insurance Industry

  • Topics:
    • Why Insurance Companies Are Prime Targets
    • The Cost and Impact of Breaches On Clients and The Organization
    • Are You a High-Value Target?
    • The Current Threat Landscape and Most Common Cyber Attacks
    • Hacker Toolkit: No Photos Allowed
    • Overview Of Security Risks
    • Regulatory Landscape
  • Instructor Demo: Surprise Shock& Awe

Module 3: Client Information, PII, & Encryption

  • Topics:
    • Protecting Client Information
    • Data Classification and Access Control
    • Encryption Basics and Usage
    • Data In Use, In Transit and At Rest
    • Secure Data Handling and Transmission
  • Workshop: Surprise Shock & Awe
  • Student Hands-On

Module 4: Authentication: Are You Who You Say You Are?

  • Topics:
    • Authentication Basics
    • Something You Know, Have, Are
    • Multi-Factor Authentication (MFA)
    • Password Management
    • Digital Certificates and Signatures
    • How Authentication Gets Hacked
    • Best Practices
  • Workshop: Surprise Shock & Awe

Module 5: Cybersecurity Risks & Defense

  • Topics:
    • Most Common Attack Vectors: Phishing, Ransomware, Business Email Compromise (Bec)
    • Malware And Ransomware
    • Insider Threat
    • Weak Access Control
    • Supply Chain and Third-Party Risks
    • Firewall And Cloud
    • Software Updates
    • Safe Use of Email, Browsers, And Online Tools
    • Identifying Suspicious Digital Activity

Module 6: Social Engineering & Insider Threats

  • Topics:
    • Recognizing Manipulation Tactics Used in Social Engineering
    • Social Media: You’re Bleeding Information
    • Real-Life Case Studies from The Insurance Sector
    • Insider Threat Detection and Prevention
    • Secure Communication with Clients and Vendors
  • Labs/Exercises: Surprise Shock & Awe Workshop

Module 7: Physical & Remote Security Practices

  • Topics:
    • Securing Devices and Documents in The Office and At Home
    • Clean Desk Policies
    • Security Considerations for Remote and Hybrid Workforces
    • Safe Use of Mobile Devices and Public Networks
    • Setting Up a Personal VPN

Module 8: Incident Response & Compliance

  • Topics:
    • What To Do in Case of a Breach or Suspected Attack
    • Internal Reporting Channels and Protocol
    • How To Document Potential Security Issues
    • Working With IT, Legal, And Compliance Teams
    • Regulatory Breach Notification Requirements
  • Labs/Exercises: Student Workshop

Module 9: Conclusion

  • Topics:
    • Course Summary
    • Key Takeaways
    • Q&A
    • Post-course exam, 30 minutes on your laptop or phone, debrief 30 minutes
    • Course evaluation online form

Quick Info
  • Type: Hands-On, Workshop, Lecture, Demo
  • Delivery: In Person, Virtual, Hybrid
  • Level: Foundation
  • Duration: 1 day (8 hours total)
  • CEU Hours: 8
Go to All Trainings