Certification standard
Mobilize your teams to protect against cybersecurity risks

Competency framework

1. Identify the company's key assets and target priority actions to protect them from the consequences of cyber-malicious acts (theft, exfiltration, destruction).
2. Identify and assess ISS risks related to cyber-malicious acts that could target the company, in order to put in place the appropriate protection systems.
3. Understand the techniques used by cyber-malicious adversaries to better organize the organization's protection.
4. Deploy a strategy to ensure the adoption of good IT hygiene and vigilance practices, in order to prevent the outbreak of cyber-malicious acts.
5. Implement a business continuity strategy to minimize the financial impact and ensure the company's economic survival in the event of an attack.
6. Manage internal and external teams and stakeholders during a cyber crisis to restore operations and ensure the company's economic survival.
7. Engage teams in cyber security issues, using managerial and cultural levers to prevent cyber risks.
8. Understand the legal framework by mastering legal conventions and identifying the key players in charge of cyber security to ensure an appropriate response after an attack.

Evaluation methods

All certification tests take place at the end of the training.

Written case study (10mn)
- Individual written case study, the candidate answers an open-ended question to identify the key assets and sensitive data to be protected.

Written case study (20mn).
- Individual written case study, in which a situation is described. The candidate answers an open-ended question to identify the risks of the fictitious company and recommends solutions.

A multiple-choice knowledge questionnaire (duration 15min)
The questionnaire is accessible via a secure LMS platform. It can also be printed out and administered live. 60% correct answers are required to validate the quiz. The quiz also validates Competency 8

Written case study (20mn).
- Individual written case study, in which a situation is described. Based on the analysis of key assets and cyber risks, the candidate develops a protection and vigilance strategy for employees.

Written case study (15mn).
- Individual written case study, in which a situation is described. The candidate recommends a business continuity strategy to maintain activity in the event of a cyber-attack or the failure of a service provider.

Written case study (15mn).
- Individual written case study, in which a cyber crisis situation is described. Candidates answer open-ended questions to describe how they will react, what actions they will take, who they will contact and how they will communicate.

Oral case study.
-The participant accesses the context of the situation on the secure LMS platform, then records him/herself transmitting a motivating message. He then transmits the audio file(s) to the evaluator.

- A multiple-choice knowledge questionnaire (duration 15min)
The questionnaire is accessible via a secure LMS platform. It can also be printed out and administered live. 60% correct answers are required to validate the quiz. The quiz also validates Competency 3

Evaluation criteria

Key assets to be protected have been clearly identified
Sensitive customer and employee data have been clearly identified
The company's risks in terms of cyber-malicious acts have been clearly identified
Potential human and technical vulnerabilities have been identified
The company's technological framework and IT architecture are taken into account in the recommendations.
Techniques used by cyber criminals are clearly identified
Exchanges with cyber criminals during an attack comply with official recommendations
The protection strategy described is effective and reduces the company's cyber risks.
Best practices to be adopted by teams are clearly formulated
Communication with teams is described in detail, enabling rapid implementation
The continuity strategy proposes an alternative way of operating without digital tools or with alternative tools.
The players and stages involved in implementing the strategy are clearly identified.
The situation is analyzed and available information verified
Actions are distributed among the various internal players (technical, operational teams, etc.)
The actions recommended by the candidate reduce the spread of malware/ransomware
The actions recommended by the candidate reduce the economic impact of the attack
The candidate proposes appropriate internal and external communications
Candidate communicates cybersecurity issues and risks to the company
The candidate uses examples and stories to reinforce the message
The players in charge of cyber security and the regulators are known and defined.
In the event of a cyber-attack, the methodology for referral and declaration to the public authorities in charge of cyber-security is known and defined.
is known and defined
Each of the rights to be respected to comply with data protection legislation is known and defined

You are an expert operating in professional services and you do not feel comfortable prospecting for new clients.

In this book, with a preface by Bertrand Dumazy, CEO of the Edenred group, you will find numerous illustrations and practical information sheets drawn from the concrete experience of specialists who have successfully developed their prospect portfolio.

You will also learn how to make yourself happy by developing new contacts at all levels in organizations.

How to target key contacts in your prospects? How to approach them? Through which channel? How do you stand out? What creative solutions should you use? How to interest your interlocutors in your subjects ? Which marketing to set up on the web ?

Here you will find answers to all these key questions to develop your business or practice as well as methodological elements for immediate implementation.

Kindle price: €9.99
Paperback price: €19.50

No. of pages: 188
Author: Olivier Jacob
Preface: Bertrand Dumazy