Contact Us
16
Nov

Cyber Threats & ISO/IEC 27001 Policy Implementation

Who should attend

  • Staff involved in policy or digital transformation
LinkedIn
Facebook
WhatsApp

This training provides participants with a comprehensive understanding of the current cyber threat landscape and practical defensive strategies, followed by a structured deep dive into the ISO/IEC 27001 policy framework and implementation.

Participants will explore emerging cyber threats, threat actors, and attack vectors, while gaining hands-on exposure to defensive architecture, incident response, and cybersecurity governance aligned with industry frameworks.

The programme also covers ISO/IEC 27001:2022 requirements, including ISMS fundamentals, policy development, risk assessment and treatment, and audit readiness. Through practical exercises such as phishing analysis, log review, and policy drafting, participants will gain actionable knowledge and ready-to-use tools to strengthen organisational cybersecurity and compliance efforts.

Program Outline

Day 1: Cyber Threat Landscape & Defensive Strategies Training Outlines 

 

Module 1: Introduction to Cyber Threats 

  • Types of threats: malware, phishing, ransomware, insider threats 
  • Global vs. regional threat trends (ASEAN focus) 
  • Real-world case studies: breaches and lessons learned 

 

Module 2: Threat Actors & Attack Vectors 

  • Nation-state, hacktivist, cybercriminal profiles 
  • Social engineering, supply chain compromise, cloud vulnerabilities 
  • MITRE ATT&CK framework overview 

 

Module 3: Defensive Architecture & Response 

  • Endpoint protection, SIEM, EDR, and threat intelligence 
  • Incident response lifecycle and playbooks 
  • Hands-on: Simulated phishing analysis or log review exercise 

 

Module 4: Cybersecurity Governance 

  • Roles and responsibilities across departments 
  • Risk-based approach to security controls 
  • Mapping threats to ISO/IEC 27001 Annex A controls 

 

Day 2: ISO/IEC 27001 Policy Framework & Implementation 

 

Module 5: ISO/IEC 27001 Overview 

  • Purpose and scope of an ISMS 
  • Key clauses: Context, Leadership, Planning, Support 
  • ISO 27001:2022 updates and implications 

 

Module 6: Policy Development & Documentation 

  • Writing effective security policies (access control, data classification, etc.) 
  • Policy lifecycle: creation, approval, review, retirement 
  • Hands-on: Drafting a sample Acceptable Use Policy 

 

Module 7: Risk Assessment & Treatment 

  • Identifying assets, threats, vulnerabilities 
  • Risk matrix and treatment plans 
  • Mapping to ISO 27005 methodology 

 

Module 8: Audit, Compliance & Continuous Improvement 

  • Internal audit planning and execution 
  • Nonconformity handling and corrective actions 
  • Preparing for certification: Malaysian regulatory alignment (e.g., PDPA, MyCC) 

 

Training Approach/Methodology 

  • Structured modules with real-world case studies and regional relevance 
  • Interactive labs, group exercises, and policy drafting sessions 
  • Tools and templates you can take back and apply immediately 

Other Details

Benefits

  • Understand current and emerging cyber threats, especially in ASEAN contexts 
  • Map threat vectors to ISO/IEC 27001 controls and governance structures 
  • Develop and evaluate security policies aligned with ISO standards 
  • Apply practical tools for risk assessment, incident response, and audit readiness 

Methodology

Structured, progressive modules from threat landscape to ISO/IEC 27001 implementation.

Real-world case studies with global and ASEAN relevance.

Framework-based learning using MITRE ATT&CK and ISO/IEC 27001:2022.

Interactive hands-on labs (phishing analysis, log review, risk assessment, policy drafting).

Collaborative group discussions and scenario-based exercises.

Practical tools, templates, and take-home resources for immediate application.

Enrol Now

Program details:

  • Date:
16 November 2026
  • Training Period:
  • Time:
  • Closing Date:
  • Venue:
  • HRDC MyCOID:
  • Program Code:
  • One (1) day
  • 9am - 5pm

Stay Curious, Stay Informed!

Join our Inpsyful community to receive thought-provoking content, industry news, and exclusive offers tailored to enhance your professional journey.

Strategic Partners

Contact Us

  • [email protected]
  • (+603) 2783 9602
    (+6012) 568 6509
  • Suite A-29-01 Vertical Business Suite Bangsar South, No. 8, Jalan Kerinchi, 59200 Kuala Lumpur, Malaysia

© 2024 Inpsyful Learning & Solutions Sdn. Bhd. (previously known as Talent Intelligence Sdn. Bhd.) . All Rights Reserved.

Linkedin Instagram Facebook Youtube

InPsyFul Learning & Solutions Sdn. Bhd. (formerly known as Talent Intelligence Sdn. Bhd.)
200801030549 (831880-U)

Address:
Suite A-29-01 Vertical Business Suite Bangsar South,
No. 8, Jalan Kerinchi,
59200 Kuala Lumpur, Malaysia

Phone:
(+603) 2783 9602 | (+6012) 568 6509

Email:
[email protected]

Let's talk.

Have a question or need more information? Fill out the form below and we will get back to you as soon as possible.

Cyber Threats & ISO/IEC 27001 Policy Implementation

  • 9am - 5pm
  • CL IOI Damansara Mall
  • 2 November 2026
Nov
20261116