PROGRAM DETAILS

Introduction

Cybercrime is in itself a very demanding topic for public services. Today not all have reached a level of knowhow required to start an effective fight against cybercrime, but everyone has started using Cyber.

Cyber units sometimes do not have the hardware and the software they need to perform simple forensic extractions. With so much of our everyday communication and commercial activity now taking place via the Internet, the threat from cybercrime is increasing, targeting citizens, businesses and governments at a rapidly growing rate.

The scale of cybercriminal activity represents a considerable challenge to law enforcement agencies and the total cost of cybercrime to society is significant.

Learning Objectives:

The benefits of this program would be:

• Apply basic security measures and safeguard precious data in our systems.
• To enable Secure computing
• To understand the fundamentals of cybercrime and safeguard individual selves
• To protect the vulnerabilities of the Internet
• To be aware of cybercrime and to proactively perform IT Audit.

 Target Audience

The program is designed for:

• Everyone using Internet
• IT Auditors

Training Methodology

This practical and result-oriented program is based on adult learning concept. It incorporates:

• Short inspiring lectures with structured lessons from the learning manual;
• Captivating PowerPoint slides with case studies to enhance learning;
• Ongoing discussions with action planning;
• Ample time for Q&A;
• Sharing of global experiences
• Group discussion and presentations;
• Quiz;
• Summary and recaps to reinforce key concepts within a fun learning environment.

Program Content

Day 1 – Introduction to Cybercrime

• Introduction
• Cyber Crimes

• • Meaning and definition of cybercrimes
  • Definition of conventional crimes and offences – Different types of crimes –
    • What makes a crime, a cybercrime
    • Essential ingredients of cybercrimes
    • Other terms associated – electronic offences, cyber frauds, white collar crimes, electronic crimes, network frauds, Internet crimes, social networking crimes etc.

• Summary

Day 2 – Categorization of Cybercrimes

• Recap
• Categorization of cybercrimes
  • Against individual,
  • Against property,
  • Against nations
  • Offences involving financial transactions and non-financial like harassment, cyber stalking, cyber terrorism, Some of the most common cybercrimes and their modus operandi: Electronic forgery, Social Engineering, Personation, Pornography, Child pornography, Data Theft, Data Diddling, Data Manipulation, Scavenging, Dumpster Diving, Shoulder Surfing, Tail gating, Access Privilege Misuse, Unauthorized access to data, Database management and back end access to data, Internet Access, Network Access to computer resources, Port Analyzers, Hacking and Cracking
• Case Studies
• Summary

Day 3 – Ecommerce Related Cybercrimes

• Recap
• E-commerce related cybercrimes
  • Electronic commerce Channels like ATMs, Internet Banking, Credit/ Debit Cards and Mobile Banking – Crimes involving all these four – Modus operandi in these – Card Cloning and skimming – Id theft – Social Engineering – Hidden camera and spy devises in the ATM cabin – Theft of ATM cards – Interception of ATM related communication like PIN while in transit – Internet Banking Frauds like phishing, pharming, shoulder-surfing, Vishing, DoS attack, DDoS attacks – Technology based acts like Tab nabbing, Screen Capturing, key-stroke logging, Zeus, GameOver Zeus – Credit/Debit Card Frauds like card skimming, card data theft, fake cards, PoS faking,
• Case Studies
• Summary

Day 4 – Cyber Crime

• Recap
• Controls to guard against Cyber Crimes
  • Best Practices, Standards and Frameworks
  • Organizational controls in the form of IT and IS Policies
  • Individual controls to guard against cybercrimes like using Anti-Virus, use of licensed software, using strong password, awareness initiatives
  • Controls to be initiated by the state like stronger legislative measures, stronger punitive measures, regulatory aspects, regulatory and mandatory guidelines
  • Controls to be put in place by the stake holders and intermediaries like payment gateways, Mail Service providers, Internet Service Providers, Network Service Providers etc.
  • Roles and responsibilities of such intermediaries and the concept of due diligence – Digital Signatures and Electronic Signatures to ensure information security
• Digital Evidence and Cyber Forensics
  • Meaning and definition of digital evidence –Where lies the evidence in a cybercrime – Seizure of evidences in cybercrimes – Tools used in cyber forensics like Encase etc. – Tools used in Mobile handsets – Disparate operating systems in mobile handsets – Data Storage and evidence management in a mobile handset – Taking out evidences from a mobile – CDR as evidence in cybercrime – CDR contents and analysis of CDR data – Use of IMIE and IMSE and other mobile hardware evidences
• Case Studies
• Summary

Day 5 – IT Law – A Global Perspective

• Recap
• Cyber Laws
  • Meaning and need for cyber law
  • Recognition of electronic records
  • I.T. Act  and Amendments
  • Salient features of IT Acts and the significance of various cybercrimes dealt with
  • Legislations in other nations like HIPAA, SoX and other compliance issues in the US – Data Privacy legislations in the US and other nations like UK, France etc.

• Team Presentation
• Summary
• Quiz