English

Magenta Security Awarenss Library

Successfully fend off cyber gangsters - with the IT security e-learning library of Deutschen Telekom and mybreev

Learn more - - >

Borussia E-Learning Portal

Borussia Mönchengladbach uses the entire Security Island E-Learning Library for the digital training of their employees. 

Learn more- - >

CLIENTS
ARAG
Allianz
ASFINAG
Axel Springer
Barmenia
Borussia Mönchengladbach
BSH
Bürkert Fluid Control Systems
Coca-Cola
Covestro
Daimler
Danone
Deutscher Fußballbund e. V.
DFL Deutsche Fußball Liga
Douglas
ESG Elektroniksysteme- und Logistik
Getty Images Deutschland
Hansgrohe
HELM
Henkel
Hörmann
INTERNATIONAL SOS
KfW Bankengruppe
KPMG
Logwin
MAN
N26
Rohde & Schwarz
Rolls-Royce
Schülke & Mayr
Serviceplan Group
Telekom
Teva
Wanzl
Zalando
Zurich Insurance Company

Information Security - E-Learning Kurse

Detect Vishing
Information Security

Detect Vishing

"A person's voice is his second face." - Let’s recognize the second face of hackers as well.

7 Quizzes

Seat Time: 30 Min.

Information Security Basics
Information Security

Information Security Basics

Learn the basics of information security and protect information in the company.

4 Quizzes

Seat Time: 20 Min.

Social Engineering
Information Security

Social Engineering

Exposing the perfidious tricks and manipulations of attackers and reacting correctly.

5 Quizzes

Seat Time: 25 Min.

Information Classification
Information Security

Information Classification

Create clarity and structure through information classification - the foundation of information protection.

6 Quizzes

Seat Time: 25 Min.

CEO Fraud
Information Security

CEO Fraud

"Wait, that wasn't from the boss at all??" - Get to know different methods of CEO Fraud and react confidently in case of emergency.

5 Quizzes

Seat Time: 25 Min.

Information Security When Traveling
Information Security

Information Security When Traveling

Ensuring that information security does not take a back seat even on business trips.

6 Quizzes

Seat Time: 25 Min.

Business E-Mail Compromise
Information Security

Business E-Mail Compromise

Recognizing "Business E-Mail Compromise" and protect yourself and the company against it.

5 Quizzes

Seat Time: 25 Min.

Excerpts from the courses

    • Video-based and interactive

      Using realistic case studies and interactive quiz elements, we provide e-learning that engages your employees and makes any topic tangible.

    • In multiple languages

      We localize our courses to any language you require. Subtitles and texts as well as voice over with native speakers - with us you get a fully-fledged training in any language.

    • Easy to access

      Our courses can be easily integrated into your learning management system or accessed via our Online Academy Cloud.

Lack of information security can lead to great damage for companies

Friday afternoon, 5:35 pm. Martin Schmidt is just about to call it a day. Most of his colleagues have already left the office. But then, pling, another e-mail lands in the mailbox of the head of the finance department. At the edge of the subject line, Martin Schmidt sees two red exclamation marks: Highest priority! And the CEO himself has sent the e-mail.

"Dear Mr. Schmidt, I am addressing you with an urgent request," the e-mail reads. The text then goes on to ask the head of finance to make a transfer as quickly as possible; the plant in Greifswald urgently needs 287,000 euros to pay a supplier - otherwise production will have to be stopped on the same day.

Information security: Protecting data from unauthorized access

Martin Schmidt may be a brilliant financial expert. But he has never been enthusiastic about the topic of information security. Only at the beginning of his career did he once have to attend a training course on IT security. Among other things, the seminar was about how to protect data and information from unauthorized access. "That has little to do with my work," he thought.

If Martin Schmidt had paid more attention during the "IT Security" training course back then, he would have known that he is definitely working in an area of critical infrastructure - and that he is a worthwhile target for potential fraudsters. But so he gets to work on this Friday, follows his boss's instructions in the mail and gets the 287,000 euro transfer on its way. He has no idea of the damage he has just done.

IT security is not limited to virus scanners and firewalls

The fictional Martin Schmidt has fallen victim to CEO fraud - and his company along with him. Worldwide, this scam causes total damage of 24 billion euros every year. Criminals forge e-mail messages from high-ranking executives and trick employees into transferring funds. They do this so skillfully that the victims have no doubts about the authenticity of the messages.

Even the most well-planned IT security system has its weak points. Digital data is never 100 percent secure. If online fraudsters really put their minds to it, they will also succeed in gaining access to sensitive data. Be it because they discover vulnerabilities in the technical system - or because they take advantage of people, as in the case of CEO fraud.

Companies should take information security seriously

Companies are well advised to keep information security in mind. The term information security is complex - but the goal is always the same: information security serves to protect against dangers and threats, to avoid economic damage and to reduce risks.

In German-speaking countries, the IT-Grundschutz approach to information security is widespread. This is an approach to IT security developed by the German Federal Office for Information Security (BSI). Basic protection is intended to provide companies with medium, adequate and sufficient protection for their IT systems. Recommended measures cover the areas of infrastructure, organization and personnel.

Paying attention to information security for reasons of self-protection alone

Information security is a challenge for every company, but one that it must inevitably face. To understand why, it is important to remember that information is one of a company's greatest assets. Since information in many cases determines the economic success of a company, data and information are particularly worthy of protection. At the same time, companies are required by law to ensure information security. Data protection, for example, regulates the handling of personal data.

Three so-called protection goals show how well a company is positioned with regard to information security. If they are met, a company is comparatively well protected against attacks. Would you now like to know what specific protection goals information security should achieve? The answer involves three key words: confidentiality, integrity and availability. And now we need to take a closer look at them.

Information security protection goals: confidentiality, integrity, availability

In the context of information security, data confidentiality describes the fact that data and information can only be processed by people who are authorized to do so.

In the context of information security, the protection goal of integrity describes that digital data in the technical system cannot be changed without being detected. However, since it is practically impossible to prevent data changes in everyday business, the main focus is on the traceability of changes.

Availability describes that in the context of information security, access to all IT systems should be guaranteed at all times. Logical, actually - because the opposite of availability is system failure. And this is rightly regarded as a horror scenario because of the economic damage it causes.

Lack of information security leads to major damage for the company

Let us now recall the CFO Martin Schmidt mentioned at the beginning of this article. When he fell for the CEO fraud, his company lost a lot of money. The fact that the fraudsters chose CEO Fraud as their attack method was a coincidence. They could also have targeted Martin Schmidt with a spear phishing email. Or with other methods of so-called social engineering. Or perhaps they would simply have sent well-faked invoices, which Martin Schmidt would have paid without further ado. Neither a firewall nor a virus scanner can help against all these techniques - they rely solely on people making mistakes.

For this reason, it is important to sensitize the people who work in a company to the topic of information security. Anyone who has not yet dealt with the subject, or only superficially, will be amazed at the creativity and precision with which fraudsters go about their work. They often spend months planning their attack down to the last detail. Then they strike - and wreak havoc within a very short time.

Refresh and deepen knowledge of information security through e-learning

Only those who stay up to date with the latest threats and scams can protect themselves and their company. Employees should be fully educated about potential threats. Internal information security policies and procedures must also be established. In Security Island's e-learning, participants learn how this can be done and how CEO fraud can be detected and prevented in good time, using many practical examples.

OTHER E - LEARNING CHANNELS

Compliance
E-learning Channel

Compliance

Make compliance accessible to employees in all its facets.

View channel
Cyber Security
E-learning Channel

Cyber Security

Learn methods of hackers and respond safely.

View channel
Sustainability in the company
E-learning Channel

Sustainability in the company

So that everyone can make their own contribution.

View channel
Fairness First
E-learning Channel

Fairness First

For more fairness: diversity, inclusion and much more.

View channel
Labour Law
E-learning Channel

Labour Law

Employees and managers on the (legally) safe side.

View channel
Occupational Health and Safety
E-learning Channel

Occupational Health and Safety

Gesetzliche Vorgaben erfüllen & sicheres Arbeitsumfeld schaffen.

View channel
Mental Health at Work
E-learning Channel

Mental Health at Work

Taking mental health seriously - especially at work.

View channel
Travel Security
E-learning Channel

Travel Security

Provide protection and safety even in unfamiliar territory.

View channel
Change Management
E-learning Channel

Change Management

Facing the changing times with confidence.

View channel
Data Protection (GDPR) E
E-learning Channel

Data Protection (GDPR) E

Training data protection in a practical way and averting penalties.

View channel
Digital Skills
E-learning Channel

Digital Skills

Mit der Zeit gehen - digitale Kompetenzen aufbauen

View channel
Information Security
E-learning Channel

Information Security

Understanding and successfully protecting information.

View channel
Communication at work
E-learning Channel

Communication at work

Communicate with respect, expression and effectiveness.

View channel
Crisis Management
E-learning Channel

Crisis Management

Understand crises, act and communicate accurately.

View channel
Physical Health at Work
E-learning Channel

Physical Health at Work

Prevent physical illness - raise awareness among the workforce.

View channel
Leadership
E-learning Channel

Leadership

Good leadership is reflected in the workforce.

View channel
Personal Security
E-learning Channel

Personal Security

Act preventively and prepare for specific risks.

View channel