Keep your Media Organization Safe by Addressing Cybersecurity at Management Level

Keep your Media Organization Safe by Addressing Cybersecurity at Management Level

Overview

Cybersecurity is a major issue for media organizations in an environment where most of their business and employee interactions are conducted digitally.

Cyber risks no longer concern IT only, they exist in production, where networks, equipment and journalists can all be subject to malevolent attacks, as well as in distribution where content is published on an increasing number of potentially vulnerable platforms. 

Media organizations need to realize that cyber risks constitute critical business threats that need to be identified, mitigated and communicated upon broadly within the company. With a shared sense of urgency at the executive level, the question is not whether the attack is going to happen and how to prevent it, but rather when it will come and whether the organization is ready. 

Cybersecurity managers in media organizations often find it difficult to get top level support on their cybersecurity policies and strategies and to raise awareness among staff. They need to position the threat at the business, not at the IT or technology level.

This Master Class will give media cybersecurity managers the tools and skills to: 

  1. Describe the critical cyber risks framework for your media organization
  2. Formulate the right messages to the management at the right level 
  3. Design a cybersecurity strategy that is both efficient and actionable and set up the relevant processes and KPIs 
  4. Design staff training plans to address day-to-day cybersecurity challenges 
  5. Help your organization reach a higher cybersecurity maturity level. 

Teaching will be based on practical cases and exercises supported by actionable methodologies.

Who it's for

  • IT Managers (involved or interested in cybersecurity topics and governance)
  • Cybersecurity Managers
  • Chief Security Information Officers

Guest Speaker

Alvaro Martin Santos, Head of Cybersecurity Processes, Cybersecurity, RTVE
RTVE has just decided to upgrade their security teams and the CISO is now part of the governing body at RTVE. Alvaro Martin Santos will explain how this was made possible.
At the start, RTVE had no risk assessment, no IT policies in place and its management was only marginally committed to cybersecurity. Alvaro Martin will detail the process which led RTVE to a higher level of cybersecurity maturity highlighting the outcomes, the key learning points and the challenges.

Skills learnt

Business: Learn how to associate business risks to cyber threats and ensure your media organization is fully prepared. 
Strategy: Learn how to design an efficient and actionable cybersecurity strategy 
Leadership: Learn how to develop the tools and the right narrative to get your executives buy-in to your proposed cybersecurity strategy and raise your organization cybersecurity maturity.  
Safety and Security: Acquire a method and tools to better manage cybersecurity risks and incidents.

Exercises:

  • You will prepare for the board a presentation on the main business cybersecurity risks 
  • You will prepare a draft strategy to support the cybersecurity maturity increase.

Schedule

Day 1: 13:00 to 17:30 CEST
Day 2: 09:00 to 13:00  CEST

Course Outline

Monday 30 May 2022, 13:00 to 17:30

  • Introduction on why cybersecurity is seen as a blocker and how to deal with it
  • Business risks identification and management
  • Visibility: how to protect what is unknown?
  • Presenting cybersecurity to a board of director; KPIs, messages and presentation
  • Food for thought: How to develop a top-down strategy with priority to increase your maturity level. 

Tuesday 31 May 2022, 9:00 to 13:00

  • Debrief of the Top-Down strategy reflexion.
  • Incident response from the preparation to the reaction
  • Training plans: employees, IT staff, experts. How to train and maintain the expected skillset level.
  • Key takeaways and wrap up.