SlideShare a Scribd company logo

Security Culture and Insider Threat Training Course.ppt

E
elijahj01012

Security Culture and Insider Threat Training Course

Business
1 of 21
Download to read offline
Royalblue Executive Services Security Culture and Insider Threat Training
Training Aims: The aims of this security culture and insider threat training are: • To learn all processes and practices in order to promote, implement and embed a positive security culture. • Establish an appreciation of positive security practice amongst employees • Identify insider threats • Mitigate risk of security incidents and breaches • Actions to be taken when insider risks are identified • Multiple choice test paper
What is Security Culture? According to CAA Security Culture is: “A set of norms, beliefs, values, attitudes and assumptions that are inherent in the daily operation of an organisation and are reflected by the actions and behaviours of all entities and personnel within the organisation. Security should be everyone’s responsibility – from the ground up.”
What is Security Culture? An effective security culture is about: • Recognising that effective security is critical to business success • Establishing an appreciation of positive security practices among employees • Aligning security to core business goals • Articulating security as a core value rather than as an obligation or a burdensome expense
Why Is Security Important? Security is a very important aspect of air travel. As a DFT/CAA regulated inflight supplier, Royalblue must ensure that all security measures are undertaken and monitored The main aim of aviation security is to prevent acts of unlawful interference, above all by keeping threatening items such as arms and explosives away from aircraft. It had been high on the agenda for decades when it became a major cause for concern following the terrorist attacks of 9/11 The aviation industry is one of the most tightly-regulated industries in the world with complex standards that include food and so much more, leaving absolutely no room for error. The smallest deviation from security standards can be disastrous to our airline customers and highly dangerous for staff and passengers.
NOTE: All searches conducted at Royalblue will be non-physical which means no contact is made between the searcher and the person being searched Royalblue Security Practices • Access Control • CCTV • Control of goods in • Preparation and screening of goods in by security trained production team • Screening and packing of in flight supplies by security trained packing team • Security check of catering carts by means of a final search • Vehicle searches prior to loading of vehicles • Security paperwork (i.e.. 8.1 and 8.2) and use of security seals
NOTE: All searches conducted at Royalblue will be non-physical which means no contact is made between the searcher and the person being searched Royalblue Security Practices • Recruitment process carried out in accordance with CAA/DFT regulations • Criminal record checks undertaken for all staff • Initial and refresher In-flight Supplies Security Training must be provided to all staff • Search policy in place for both staff and visitors • Security policy and security notices • Security auditing, contingency plans and emergency procedures • Incident reporting and threat reporting
NOTE: All searches conducted at Royalblue will be non-physical which means no contact is made between the searcher and the person being searched Who is a Risk? A current or former employee, contractor, or business partner who has or had authorised access to the organisation's network, systems, or data. Examples of an insider may include: •A person given a badge or access device. •A person whom the organisation supplied a computer or network access. •A person who develops products and services. •A person who is knowledgeable about the organisation's fundamentals. •A person with access to protected information.
NOTE: All searches conducted at Royalblue will be non-physical which means no contact is made between the searcher and the person being searched Insider Threat What is Insider Threat? Any type of malicious activity against an organisation that comes from users with access to an organisations network, systems or data
NOTE: All searches conducted at Royalblue will be non-physical which means no contact is made between the searcher and the person being searched Insider Threat The insider threat can be either unintentional or intentional. •Unintentional Threat • Negligence – An insider of this type exposes an organisation to a threat through carelessness. Negligent insiders are generally familiar with security policies but choose to ignore them, creating risk for the organisation. Example includes allowing someone to “tailgate” through a secure entrance point. • Accidental – An insider of this type mistakenly causes an unintended risk to an organisation.. Example includes improperly disposing of sensitive documents •Intentional Threats - Intentional threats are actions taken to harm an organisation for personal benefit or to act on a personal grievance.” The motivation is personal gain or harming the organisation. For example, many insiders are motivated to “get even” due to unmet expectations related to a lack of recognition or even termination. Their actions can include violence, espionage, theft, sabotage or cyber threats. •Other Threats • Collusive Threats – A subset of malicious insider threats is collusive threats, where one or more insiders collaborate with an external threat actor to compromise an organisation. • Third-Party Threats – Additionally, third-party threats are typically contractors or vendors who are not formal members of an organisation, but who have been granted some level of access to facilities, systems, networks, or people to complete their work.
NOTE: All searches conducted at Royalblue will be non-physical which means no contact is made between the searcher and the person being searched Insider Threat Insider threats manifest in various ways: Violence Espionage Sabotage Theft Cyber Acts
NOTE: All searches conducted at Royalblue will be non-physical which means no contact is made between the searcher and the person being searched Your Security Role: • Do not allow ‘tailgating’ of unknown persons through entry/exit doors • Ensure your ID pass is worn at all times once you enter the unit and remove it from view once you exit the unit • Follow the visitor signing-in procedures. All visitors must display a visitor pass, escorted by a company ID holder and never unattended • Sign your clock card in/out • Report a lost or stolen ID pass immediately • Stop and challenge anyone not displaying a valid ID pass
NOTE: All searches conducted at Royalblue will be non-physical which means no contact is made between the searcher and the person being searched Your Security Role: • Keep private, confidential or sensitive information stored/locked away from view • Report lost company property/equipment • Regularly check security board for any security updates or information • Help and assist in protection of our in-flight supplies by correctly following and implementing screening processes and procedures • Password lock unattended IT devices and ensure removable media storage and laptops are locked and protected when not in use • Report any suspicious emails
NOTE: All searches conducted at Royalblue will be non-physical which means no contact is made between the searcher and the person being searched Your Security Role: • Gain approval if publishing, posting or commenting on company related business online • Be careful when handling queries from customers, suppliers, partners or public (check for sensitivity before sharing information and verify identity before giving out information) • Private, confidential or sensitive company information should not be shared outside of work with family, friends or contacts. • Report unusual or suspicious behaviour in the workplace • Be vigilant and remember : SECURITY IS EVERYONE’S RESPONSIBILITY!!!
NOTE: All searches conducted at Royalblue will be non-physical which means no contact is made between the searcher and the person being searched Reporting: Insider threats are real and impose significant risk to lives. Insider threats can take days, months or even years to plot and involve one or even multiple individuals. If you identify potential insider threats, please report the incident or behaviours to your Supervisor/Line Manager or the Security Manager or even law enforcement ( If required- Threat/Incident report forms are kept with Duty Managers in the Operations Office) When reporting what you have observed please be as descriptive as possible and include the 5W ‘s: WHO WHAT WHERE WHEN WHY
Reporting: WHO – Who you saw WHAT – What you observed WHERE – Location WHEN – Date and time WHY – Why is the activity or behaviour suspicious
NOTE: All searches conducted at Royalblue will be non-physical which means no contact is made between the searcher and the person being searched Security Reminders
NOTE: All searches conducted at Royalblue will be non-physical which means no contact is made between the searcher and the person being searched Security Reminders
ANY QUESTIONS?
10 questions 80% pass mark Multiple Choice Test

Recommended

SECURITY AWARENESS
SECURITY AWARENESSSECURITY AWARENESS
SECURITY AWARENESSFelix Jumamoy
 
Risk based approach
Risk based approach Risk based approach
Risk based approach Robin Patras
 
SSC Corporate Presentation
SSC Corporate PresentationSSC Corporate Presentation
SSC Corporate PresentationJim Craighead
 
Terrasol security training f
Terrasol security training fTerrasol security training f
Terrasol security training fSamuel I. Michuki
 
Piggy Backing & Tailgating (Security)
Piggy Backing & Tailgating (Security)Piggy Backing & Tailgating (Security)
Piggy Backing & Tailgating (Security)GAURAV. H .TANDON
 
Gallowglass security ltd h&s i nductionv1
Gallowglass security ltd h&s i nductionv1Gallowglass security ltd h&s i nductionv1
Gallowglass security ltd h&s i nductionv1Jaco Nieuwoudt
 
Lodge Security Service Presentation
Lodge Security Service PresentationLodge Security Service Presentation
Lodge Security Service PresentationHelen de Klerk
 
Alwinco Security Risk Assessment
Alwinco Security Risk AssessmentAlwinco Security Risk Assessment
Alwinco Security Risk AssessmentAndre Mundell
 

Recommended

SECURITY AWARENESS
SECURITY AWARENESSSECURITY AWARENESS
SECURITY AWARENESSFelix Jumamoy
 
Risk based approach
Risk based approach Risk based approach
Risk based approach Robin Patras
 
SSC Corporate Presentation
SSC Corporate PresentationSSC Corporate Presentation
SSC Corporate PresentationJim Craighead
 
Terrasol security training f
Terrasol security training fTerrasol security training f
Terrasol security training fSamuel I. Michuki
 
Piggy Backing & Tailgating (Security)
Piggy Backing & Tailgating (Security)Piggy Backing & Tailgating (Security)
Piggy Backing & Tailgating (Security)GAURAV. H .TANDON
 
Gallowglass security ltd h&s i nductionv1
Gallowglass security ltd h&s i nductionv1Gallowglass security ltd h&s i nductionv1
Gallowglass security ltd h&s i nductionv1Jaco Nieuwoudt
 
Lodge Security Service Presentation
Lodge Security Service PresentationLodge Security Service Presentation
Lodge Security Service PresentationHelen de Klerk
 
Alwinco Security Risk Assessment
Alwinco Security Risk AssessmentAlwinco Security Risk Assessment
Alwinco Security Risk AssessmentAndre Mundell
 
Security Proposal for High Profile/Government Individual
Security Proposal for High Profile/Government IndividualSecurity Proposal for High Profile/Government Individual
Security Proposal for High Profile/Government IndividualDayo Olujekun
 
Importance of workplace Security.pptx
Importance of workplace Security.pptxImportance of workplace Security.pptx
Importance of workplace Security.pptxSecurity Guards
 
WOL White Paper: Better Safety & Security
WOL White Paper: Better Safety & SecurityWOL White Paper: Better Safety & Security
WOL White Paper: Better Safety & SecurityVictoria Armstrong
 
Safety (Security) Training
Safety (Security) TrainingSafety (Security) Training
Safety (Security) Trainingworksteadc
 
SAFETY & SECURITY COURSE.pdf ..............
SAFETY & SECURITY COURSE.pdf ..............SAFETY & SECURITY COURSE.pdf ..............
SAFETY & SECURITY COURSE.pdf ..............Muhammad Saqib
 
TycoIS Business Security Tips
TycoIS Business Security TipsTycoIS Business Security Tips
TycoIS Business Security TipsRoy Kisner
 
Acol Brochure En Us
Acol Brochure En UsAcol Brochure En Us
Acol Brochure En Uscarelanda
 
Security Risk Assessment
Security Risk Assessment Security Risk Assessment
Security Risk Assessment Andre Mundell
 
security investigationsecurity investigation.pptx.pptx
security investigationsecurity investigation.pptx.pptxsecurity investigationsecurity investigation.pptx.pptx
security investigationsecurity investigation.pptx.pptxLovelyDelaCruzGanoan
 
DLE 1013-CHP 4.pptx - INTRODUCTION TO SECURITY MANAGEMENT
DLE 1013-CHP 4.pptx - INTRODUCTION TO SECURITY MANAGEMENTDLE 1013-CHP 4.pptx - INTRODUCTION TO SECURITY MANAGEMENT
DLE 1013-CHP 4.pptx - INTRODUCTION TO SECURITY MANAGEMENTMajor K. Subramaniam Kmaravehlu
 
Combating Cyber Crimes Proactively.pdf
Combating Cyber Crimes Proactively.pdfCombating Cyber Crimes Proactively.pdf
Combating Cyber Crimes Proactively.pdfChinatu Uzuegbu
 
Security training manual
Security training manualSecurity training manual
Security training manualANILDEVADKAR
 
Presentation new
Presentation newPresentation new
Presentation newOxon Security
 
Lenro Company Profile 2016.1 (1)
Lenro Company Profile 2016.1 (1)Lenro Company Profile 2016.1 (1)
Lenro Company Profile 2016.1 (1)Xerxes Oosthuizen
 
Safeguarding of Assets: Concerns for Safety adn Security in Housekeeping Oper...
Safeguarding of Assets: Concerns for Safety adn Security in Housekeeping Oper...Safeguarding of Assets: Concerns for Safety adn Security in Housekeeping Oper...
Safeguarding of Assets: Concerns for Safety adn Security in Housekeeping Oper...Jack Macey
 
Rose Partners Brochure (final)
Rose Partners Brochure (final)Rose Partners Brochure (final)
Rose Partners Brochure (final)Alexei Cantacuzene-Speransky
 
People are the biggest risk
People are the biggest riskPeople are the biggest risk
People are the biggest riskEvan Francen
 
constructionsafetymanagement[1].pptx
constructionsafetymanagement[1].pptxconstructionsafetymanagement[1].pptx
constructionsafetymanagement[1].pptxSudas Duddey
 
Blackwater Protection
Blackwater ProtectionBlackwater Protection
Blackwater ProtectionAsdel Vazquez
 
403 9
403 9403 9
403 9Doing What I Do
 
GD Birla and his contribution in management
GD Birla and his contribution in managementGD Birla and his contribution in management
GD Birla and his contribution in managementchhavia330
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesDipal Arora
 

More Related Content

Similar to Security Culture and Insider Threat Training Course.ppt

Security Proposal for High Profile/Government Individual
Security Proposal for High Profile/Government IndividualSecurity Proposal for High Profile/Government Individual
Security Proposal for High Profile/Government IndividualDayo Olujekun
 
Importance of workplace Security.pptx
Importance of workplace Security.pptxImportance of workplace Security.pptx
Importance of workplace Security.pptxSecurity Guards
 
WOL White Paper: Better Safety & Security
WOL White Paper: Better Safety & SecurityWOL White Paper: Better Safety & Security
WOL White Paper: Better Safety & SecurityVictoria Armstrong
 
Safety (Security) Training
Safety (Security) TrainingSafety (Security) Training
Safety (Security) Trainingworksteadc
 
SAFETY & SECURITY COURSE.pdf ..............
SAFETY & SECURITY COURSE.pdf ..............SAFETY & SECURITY COURSE.pdf ..............
SAFETY & SECURITY COURSE.pdf ..............Muhammad Saqib
 
TycoIS Business Security Tips
TycoIS Business Security TipsTycoIS Business Security Tips
TycoIS Business Security TipsRoy Kisner
 
Acol Brochure En Us
Acol Brochure En UsAcol Brochure En Us
Acol Brochure En Uscarelanda
 
Security Risk Assessment
Security Risk Assessment Security Risk Assessment
Security Risk Assessment Andre Mundell
 
security investigationsecurity investigation.pptx.pptx
security investigationsecurity investigation.pptx.pptxsecurity investigationsecurity investigation.pptx.pptx
security investigationsecurity investigation.pptx.pptxLovelyDelaCruzGanoan
 
DLE 1013-CHP 4.pptx - INTRODUCTION TO SECURITY MANAGEMENT
DLE 1013-CHP 4.pptx - INTRODUCTION TO SECURITY MANAGEMENTDLE 1013-CHP 4.pptx - INTRODUCTION TO SECURITY MANAGEMENT
DLE 1013-CHP 4.pptx - INTRODUCTION TO SECURITY MANAGEMENTMajor K. Subramaniam Kmaravehlu
 
Combating Cyber Crimes Proactively.pdf
Combating Cyber Crimes Proactively.pdfCombating Cyber Crimes Proactively.pdf
Combating Cyber Crimes Proactively.pdfChinatu Uzuegbu
 
Security training manual
Security training manualSecurity training manual
Security training manualANILDEVADKAR
 
Lenro Company Profile 2016.1 (1)
Lenro Company Profile 2016.1 (1)Lenro Company Profile 2016.1 (1)
Lenro Company Profile 2016.1 (1)Xerxes Oosthuizen
 
Safeguarding of Assets: Concerns for Safety adn Security in Housekeeping Oper...
Safeguarding of Assets: Concerns for Safety adn Security in Housekeeping Oper...Safeguarding of Assets: Concerns for Safety adn Security in Housekeeping Oper...
Safeguarding of Assets: Concerns for Safety adn Security in Housekeeping Oper...Jack Macey
 
People are the biggest risk
People are the biggest riskPeople are the biggest risk
People are the biggest riskEvan Francen
 
constructionsafetymanagement[1].pptx
constructionsafetymanagement[1].pptxconstructionsafetymanagement[1].pptx
constructionsafetymanagement[1].pptxSudas Duddey
 
Blackwater Protection
Blackwater ProtectionBlackwater Protection
Blackwater ProtectionAsdel Vazquez
 

Similar to Security Culture and Insider Threat Training Course.ppt (20)

Security Proposal for High Profile/Government Individual
Security Proposal for High Profile/Government IndividualSecurity Proposal for High Profile/Government Individual
Security Proposal for High Profile/Government Individual
 
Importance of workplace Security.pptx
Importance of workplace Security.pptxImportance of workplace Security.pptx
Importance of workplace Security.pptx
 
WOL White Paper: Better Safety & Security
WOL White Paper: Better Safety & SecurityWOL White Paper: Better Safety & Security
WOL White Paper: Better Safety & Security
 
Safety (Security) Training
Safety (Security) TrainingSafety (Security) Training
Safety (Security) Training
 
SAFETY & SECURITY COURSE.pdf ..............
SAFETY & SECURITY COURSE.pdf ..............SAFETY & SECURITY COURSE.pdf ..............
SAFETY & SECURITY COURSE.pdf ..............
 
TycoIS Business Security Tips
TycoIS Business Security TipsTycoIS Business Security Tips
TycoIS Business Security Tips
 
Acol Brochure En Us
Acol Brochure En UsAcol Brochure En Us
Acol Brochure En Us
 
Security Risk Assessment
Security Risk Assessment Security Risk Assessment
Security Risk Assessment
 
security investigationsecurity investigation.pptx.pptx
security investigationsecurity investigation.pptx.pptxsecurity investigationsecurity investigation.pptx.pptx
security investigationsecurity investigation.pptx.pptx
 
DLE 1013-CHP 4.pptx - INTRODUCTION TO SECURITY MANAGEMENT
DLE 1013-CHP 4.pptx - INTRODUCTION TO SECURITY MANAGEMENTDLE 1013-CHP 4.pptx - INTRODUCTION TO SECURITY MANAGEMENT
DLE 1013-CHP 4.pptx - INTRODUCTION TO SECURITY MANAGEMENT
 
Combating Cyber Crimes Proactively.pdf
Combating Cyber Crimes Proactively.pdfCombating Cyber Crimes Proactively.pdf
Combating Cyber Crimes Proactively.pdf
 
Security training manual
Security training manualSecurity training manual
Security training manual
 
Presentation new
Presentation newPresentation new
Presentation new
 
Lenro Company Profile 2016.1 (1)
Lenro Company Profile 2016.1 (1)Lenro Company Profile 2016.1 (1)
Lenro Company Profile 2016.1 (1)
 
Safeguarding of Assets: Concerns for Safety adn Security in Housekeeping Oper...
Safeguarding of Assets: Concerns for Safety adn Security in Housekeeping Oper...Safeguarding of Assets: Concerns for Safety adn Security in Housekeeping Oper...
Safeguarding of Assets: Concerns for Safety adn Security in Housekeeping Oper...
 
Rose Partners Brochure (final)
Rose Partners Brochure (final)Rose Partners Brochure (final)
Rose Partners Brochure (final)
 
People are the biggest risk
People are the biggest riskPeople are the biggest risk
People are the biggest risk
 
constructionsafetymanagement[1].pptx
constructionsafetymanagement[1].pptxconstructionsafetymanagement[1].pptx
constructionsafetymanagement[1].pptx
 
Blackwater Protection
Blackwater ProtectionBlackwater Protection
Blackwater Protection
 
403 9
403 9403 9
403 9
 

Recently uploaded

GD Birla and his contribution in management
GD Birla and his contribution in managementGD Birla and his contribution in management
GD Birla and his contribution in managementchhavia330
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesDipal Arora
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdfRenandantas16
 
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779Delhi Call girls
 
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999Tina Ji
 
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With RoomVIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Roomdivyansh0kumar0
 
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature SetCreating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature SetDenis Gagné
 
Catalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdf
Catalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdfCatalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdf
Catalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdfOrient Homes
 
DEPED Work From Home WORKWEEK-PLAN.docx
DEPED Work From Home WORKWEEK-PLAN.docxDEPED Work From Home WORKWEEK-PLAN.docx
DEPED Work From Home WORKWEEK-PLAN.docxRodelinaLaud
 
Socio-economic-Impact-of-business-consumers-suppliers-and.pptx
Socio-economic-Impact-of-business-consumers-suppliers-and.pptxSocio-economic-Impact-of-business-consumers-suppliers-and.pptx
Socio-economic-Impact-of-business-consumers-suppliers-and.pptxtrishalcan8
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Dipal Arora
 
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒anilsa9823
 
Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Roland Driesen
 
VIP Call Girls Pune Kirti 8617697112 Independent Escort Service Pune
VIP Call Girls Pune Kirti 8617697112 Independent Escort Service PuneVIP Call Girls Pune Kirti 8617697112 Independent Escort Service Pune
VIP Call Girls Pune Kirti 8617697112 Independent Escort Service PuneCall girls in Ahmedabad High profile
 
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyThe Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyEthan lee
 
7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...Paul Menig
 
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Dave Litwiller
 

Recently uploaded (20)

GD Birla and his contribution in management
GD Birla and his contribution in managementGD Birla and his contribution in management
GD Birla and his contribution in management
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
 
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
 
Nepali Escort Girl Kakori \ 9548273370 Indian Call Girls Service Lucknow ₹,9517
Nepali Escort Girl Kakori \ 9548273370 Indian Call Girls Service Lucknow ₹,9517Nepali Escort Girl Kakori \ 9548273370 Indian Call Girls Service Lucknow ₹,9517
Nepali Escort Girl Kakori \ 9548273370 Indian Call Girls Service Lucknow ₹,9517
 
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
 
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With RoomVIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
 
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature SetCreating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
 
Catalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdf
Catalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdfCatalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdf
Catalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdf
 
KestrelPro Flyer Japan IT Week 2024 (English)
KestrelPro Flyer Japan IT Week 2024 (English)KestrelPro Flyer Japan IT Week 2024 (English)
KestrelPro Flyer Japan IT Week 2024 (English)
 
DEPED Work From Home WORKWEEK-PLAN.docx
DEPED Work From Home WORKWEEK-PLAN.docxDEPED Work From Home WORKWEEK-PLAN.docx
DEPED Work From Home WORKWEEK-PLAN.docx
 
Socio-economic-Impact-of-business-consumers-suppliers-and.pptx
Socio-economic-Impact-of-business-consumers-suppliers-and.pptxSocio-economic-Impact-of-business-consumers-suppliers-and.pptx
Socio-economic-Impact-of-business-consumers-suppliers-and.pptx
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
 
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
 
Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...
 
Forklift Operations: Safety through Cartoons
Forklift Operations: Safety through CartoonsForklift Operations: Safety through Cartoons
Forklift Operations: Safety through Cartoons
 
VIP Call Girls Pune Kirti 8617697112 Independent Escort Service Pune
VIP Call Girls Pune Kirti 8617697112 Independent Escort Service PuneVIP Call Girls Pune Kirti 8617697112 Independent Escort Service Pune
VIP Call Girls Pune Kirti 8617697112 Independent Escort Service Pune
 
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyThe Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
 
7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...
 
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
 

Security Culture and Insider Threat Training Course.ppt

  • 1. Royalblue Executive Services Security Culture and Insider Threat Training
  • 2. Training Aims: The aims of this security culture and insider threat training are: • To learn all processes and practices in order to promote, implement and embed a positive security culture. • Establish an appreciation of positive security practice amongst employees • Identify insider threats • Mitigate risk of security incidents and breaches • Actions to be taken when insider risks are identified • Multiple choice test paper
  • 3. What is Security Culture? According to CAA Security Culture is: “A set of norms, beliefs, values, attitudes and assumptions that are inherent in the daily operation of an organisation and are reflected by the actions and behaviours of all entities and personnel within the organisation. Security should be everyone’s responsibility – from the ground up.”
  • 4. What is Security Culture? An effective security culture is about: • Recognising that effective security is critical to business success • Establishing an appreciation of positive security practices among employees • Aligning security to core business goals • Articulating security as a core value rather than as an obligation or a burdensome expense
  • 5. Why Is Security Important? Security is a very important aspect of air travel. As a DFT/CAA regulated inflight supplier, Royalblue must ensure that all security measures are undertaken and monitored The main aim of aviation security is to prevent acts of unlawful interference, above all by keeping threatening items such as arms and explosives away from aircraft. It had been high on the agenda for decades when it became a major cause for concern following the terrorist attacks of 9/11 The aviation industry is one of the most tightly-regulated industries in the world with complex standards that include food and so much more, leaving absolutely no room for error. The smallest deviation from security standards can be disastrous to our airline customers and highly dangerous for staff and passengers.
  • 6. NOTE: All searches conducted at Royalblue will be non-physical which means no contact is made between the searcher and the person being searched Royalblue Security Practices • Access Control • CCTV • Control of goods in • Preparation and screening of goods in by security trained production team • Screening and packing of in flight supplies by security trained packing team • Security check of catering carts by means of a final search • Vehicle searches prior to loading of vehicles • Security paperwork (i.e.. 8.1 and 8.2) and use of security seals
  • 7. NOTE: All searches conducted at Royalblue will be non-physical which means no contact is made between the searcher and the person being searched Royalblue Security Practices • Recruitment process carried out in accordance with CAA/DFT regulations • Criminal record checks undertaken for all staff • Initial and refresher In-flight Supplies Security Training must be provided to all staff • Search policy in place for both staff and visitors • Security policy and security notices • Security auditing, contingency plans and emergency procedures • Incident reporting and threat reporting
  • 8. NOTE: All searches conducted at Royalblue will be non-physical which means no contact is made between the searcher and the person being searched Who is a Risk? A current or former employee, contractor, or business partner who has or had authorised access to the organisation's network, systems, or data. Examples of an insider may include: •A person given a badge or access device. •A person whom the organisation supplied a computer or network access. •A person who develops products and services. •A person who is knowledgeable about the organisation's fundamentals. •A person with access to protected information.
  • 9. NOTE: All searches conducted at Royalblue will be non-physical which means no contact is made between the searcher and the person being searched Insider Threat What is Insider Threat? Any type of malicious activity against an organisation that comes from users with access to an organisations network, systems or data
  • 10. NOTE: All searches conducted at Royalblue will be non-physical which means no contact is made between the searcher and the person being searched Insider Threat The insider threat can be either unintentional or intentional. •Unintentional Threat • Negligence – An insider of this type exposes an organisation to a threat through carelessness. Negligent insiders are generally familiar with security policies but choose to ignore them, creating risk for the organisation. Example includes allowing someone to “tailgate” through a secure entrance point. • Accidental – An insider of this type mistakenly causes an unintended risk to an organisation.. Example includes improperly disposing of sensitive documents •Intentional Threats - Intentional threats are actions taken to harm an organisation for personal benefit or to act on a personal grievance.” The motivation is personal gain or harming the organisation. For example, many insiders are motivated to “get even” due to unmet expectations related to a lack of recognition or even termination. Their actions can include violence, espionage, theft, sabotage or cyber threats. •Other Threats • Collusive Threats – A subset of malicious insider threats is collusive threats, where one or more insiders collaborate with an external threat actor to compromise an organisation. • Third-Party Threats – Additionally, third-party threats are typically contractors or vendors who are not formal members of an organisation, but who have been granted some level of access to facilities, systems, networks, or people to complete their work.
  • 11. NOTE: All searches conducted at Royalblue will be non-physical which means no contact is made between the searcher and the person being searched Insider Threat Insider threats manifest in various ways: Violence Espionage Sabotage Theft Cyber Acts
  • 12. NOTE: All searches conducted at Royalblue will be non-physical which means no contact is made between the searcher and the person being searched Your Security Role: • Do not allow ‘tailgating’ of unknown persons through entry/exit doors • Ensure your ID pass is worn at all times once you enter the unit and remove it from view once you exit the unit • Follow the visitor signing-in procedures. All visitors must display a visitor pass, escorted by a company ID holder and never unattended • Sign your clock card in/out • Report a lost or stolen ID pass immediately • Stop and challenge anyone not displaying a valid ID pass
  • 13. NOTE: All searches conducted at Royalblue will be non-physical which means no contact is made between the searcher and the person being searched Your Security Role: • Keep private, confidential or sensitive information stored/locked away from view • Report lost company property/equipment • Regularly check security board for any security updates or information • Help and assist in protection of our in-flight supplies by correctly following and implementing screening processes and procedures • Password lock unattended IT devices and ensure removable media storage and laptops are locked and protected when not in use • Report any suspicious emails
  • 14. NOTE: All searches conducted at Royalblue will be non-physical which means no contact is made between the searcher and the person being searched Your Security Role: • Gain approval if publishing, posting or commenting on company related business online • Be careful when handling queries from customers, suppliers, partners or public (check for sensitivity before sharing information and verify identity before giving out information) • Private, confidential or sensitive company information should not be shared outside of work with family, friends or contacts. • Report unusual or suspicious behaviour in the workplace • Be vigilant and remember : SECURITY IS EVERYONE’S RESPONSIBILITY!!!
  • 15. NOTE: All searches conducted at Royalblue will be non-physical which means no contact is made between the searcher and the person being searched Reporting: Insider threats are real and impose significant risk to lives. Insider threats can take days, months or even years to plot and involve one or even multiple individuals. If you identify potential insider threats, please report the incident or behaviours to your Supervisor/Line Manager or the Security Manager or even law enforcement ( If required- Threat/Incident report forms are kept with Duty Managers in the Operations Office) When reporting what you have observed please be as descriptive as possible and include the 5W ‘s: WHO WHAT WHERE WHEN WHY
  • 16. Reporting: WHO – Who you saw WHAT – What you observed WHERE – Location WHEN – Date and time WHY – Why is the activity or behaviour suspicious
  • 17.
  • 18. NOTE: All searches conducted at Royalblue will be non-physical which means no contact is made between the searcher and the person being searched Security Reminders
  • 19. NOTE: All searches conducted at Royalblue will be non-physical which means no contact is made between the searcher and the person being searched Security Reminders
  • 21. 10 questions 80% pass mark Multiple Choice Test