Bridging the Gap: Your Input Needed for an Engaging IT and Cybersecurity Training

Greetings to all fellow auditors and soon-to-be tech enthusiasts! As someone who’s been entrenched in the world of internal auditing, I’ve decided to pivot my career towards something I’ve become immensely passionate about—offering “IT 101” and cybersecurity training. This leap from my full-time auditing role to entrepreneurship aims at demystifying technology and cyber concepts for professionals who might not wear an IT hat.

As I stood amidst the bustling energy of the IIA’s GAM 2024 conference in Las Vegas, a compelling realization hit home. There is a glaring gap—a lack of foundational “IT+Cyber 101” presentations. The atmosphere at the event was charged with discussions around technology and artificial intelligence, but I noticed a troubling trend. Misinformation and apprehension were rampant, perpetuated by sessions that often veered into the territory of sales pitches. The complexities of IT, cybersecurity, and AI seemed to loom large, overshadowing the basics.

So here I am, reaching out to you—my fellow auditors, particularly those without deep IT backgrounds. What topics or concepts would you love to see unraveled at a conference presentation or a concise 50-minute training session?

Reflecting on the scarcity of accessible tech terminology like “firewall” or “Internet of Things,” the goal is to truncate anxiety and cultivate a comfortable familiarity with these terms. Whether it be through in-depth presentations or digestible Shorts, what aspects of cyber and tech would you find beneficial to explore?

Your feedback is invaluable as it will shape a training that not only enhances knowledge but empowers you to confidently navigate through the digital landscape. Please share your thoughts and let’s make technology an accessible ally for everyone!

Congratulations on your decision to branch out and start a business in IT and cybersecurity training. Your background as an internal auditor gives you a unique perspective on bridging the knowledge gap between IT professionals and those in non-IT roles. Here are some recommendations for topics and approaches you might consider incorporating into your presentations or training sessions:

Demystifying Jargon: Non-IT professionals often feel overwhelmed by the technical jargon common in cybersecurity and IT discussions. Start with a glossary session that clearly and simply explains fundamental terms like “firewall,” “encryption,” “phishing,” “malware,” “two-factor authentication,” and “Internet of Things.” Use analogies that relate to everyday experiences to make these concepts more relatable.
Understanding Cyber Threats and Protective Measures: Provide an overview of typical cyber threats, including phishing attacks, ransomware, and social engineering, and discuss proactive measures to prevent these threats. For instance, practical demonstrations on recognizing phishing emails or creating strong passwords can enhance engagement and learning retention.
AI in Everyday Business: Given the rising concerns and misunderstandings regarding AI, a session that explains how AI is used in businesses today can be invaluable. Discuss its applications (like chatbots or fraud detection systems), potential risks, ethical considerations, and the necessity of human oversight.
Data Privacy and Compliance: Dive into data privacy laws like GDPR and CCPA, emphasizing their importance and implications for businesses. Explain how non-compliance can impact a company and introduce best practices for maintaining data privacy.
Building a Cybersecurity Culture: Highlight the importance of fostering a cybersecurity-first mindset within organizations. Discuss how every employee, regardless of their technical expertise, plays a role in protecting the company’s digital assets. You might also include case studies showcasing organizations that successfully implemented a cybersecurity culture.
Hands-On Workshops: Include interactive components where attendees can engage in activities like setting up a firewall through a simple interface, helping them understand its basic functions. Hands-on experience often reinforces theoretical knowledge and makes it easier to grasp complex subjects.
Trends and Future Outlook: Offer insights into emerging trends in IT and cybersecurity, including cloud computing, blockchain, and the evolving landscape of remote work security challenges. By understanding where the industry is headed, attendees can better prepare for upcoming changes in technology.
Q&A and Discussion Forums: Conclude with a Q&A session where participants can voice their questions and concerns in

One response

APAdmin

4 March 2025 at 11:50 AM
Congratulations on your decision to branch out and start a business in IT and cybersecurity training. Your background as an internal auditor gives you a unique perspective on bridging the knowledge gap between IT professionals and those in non-IT roles. Here are some recommendations for topics and approaches you might consider incorporating into your presentations or training sessions:
1. Demystifying Jargon: Non-IT professionals often feel overwhelmed by the technical jargon common in cybersecurity and IT discussions. Start with a glossary session that clearly and simply explains fundamental terms like “firewall,” “encryption,” “phishing,” “malware,” “two-factor authentication,” and “Internet of Things.” Use analogies that relate to everyday experiences to make these concepts more relatable.
2. Understanding Cyber Threats and Protective Measures: Provide an overview of typical cyber threats, including phishing attacks, ransomware, and social engineering, and discuss proactive measures to prevent these threats. For instance, practical demonstrations on recognizing phishing emails or creating strong passwords can enhance engagement and learning retention.
3. AI in Everyday Business: Given the rising concerns and misunderstandings regarding AI, a session that explains how AI is used in businesses today can be invaluable. Discuss its applications (like chatbots or fraud detection systems), potential risks, ethical considerations, and the necessity of human oversight.
4. Data Privacy and Compliance: Dive into data privacy laws like GDPR and CCPA, emphasizing their importance and implications for businesses. Explain how non-compliance can impact a company and introduce best practices for maintaining data privacy.
5. Building a Cybersecurity Culture: Highlight the importance of fostering a cybersecurity-first mindset within organizations. Discuss how every employee, regardless of their technical expertise, plays a role in protecting the company’s digital assets. You might also include case studies showcasing organizations that successfully implemented a cybersecurity culture.
6. Hands-On Workshops: Include interactive components where attendees can engage in activities like setting up a firewall through a simple interface, helping them understand its basic functions. Hands-on experience often reinforces theoretical knowledge and makes it easier to grasp complex subjects.
7. Trends and Future Outlook: Offer insights into emerging trends in IT and cybersecurity, including cloud computing, blockchain, and the evolving landscape of remote work security challenges. By understanding where the industry is headed, attendees can better prepare for upcoming changes in technology.
8. Q&A and Discussion Forums: Conclude with a Q&A session where participants can voice their questions and concerns in
Log in to Reply

Internal Auditor here: about to leave my full-time work to start a business doing ‘IT 101’ and cybersecurity training. For my non-IT audit people, what would you like to see in a conference presentation and/or 50 minute training about IT and cyber?

Latest Comments

Bridging the Gap: Your Input Needed for an Engaging IT and Cybersecurity Training

One response

Leave a Reply Cancel reply