Cybersecurity for Beginners using agentic AI and n8n Automation

Organisations implementing cybersecurity must not only define governance documents such as cybersecurity policies, asset registers, and risk registers, but also implement security controls and continuously monitor organisational systems and activities to ensure these controls are working effectively. As workplace systems, applications, and infrastructure change, organisations must constantly assess whether these changes introduce new cybersecurity risks or require updates to security controls and governance processes. Manually monitoring systems, analysing events, and updating governance records can be time-consuming and often leads to delayed risk detection or outdated security documentation. This training demonstrates how Agentic AI combined with Retrieval-Augmented Generation (RAG) can support organisations in implementing and monitoring cybersecurity controls, as well as maintaining governance documentation. Participants first explore the foundations of cybersecurity and how organisations manage security risks using frameworks such as ISO 27001. ISO 27001-related documentation is transformed into a searchable AI knowledge base using sentence-based chunking, embeddings, and vector databases. AI agents built using tools such as Flowise or CrewAI retrieve relevant ISO 27001 guidance and analyse organisational events collected via n8n integrations. To demonstrate live cybersecurity monitoring in a simple and accessible way, participants connect a GitHub repository to n8n. Repository events such as collaborator access changes or repository visibility updates are analysed by AI agents to detect potential security issues related to access control, application security, and data exposure. Based on these events and ISO 27001 guidance, the agents assess potential risks, recommend security actions, and update governance records such as asset registers and risk registers when required. By the end of the training, participants build a working prototype of an AI-driven Cybersecurity Monitoring and Governance Assistant capable of analysing organisational events, retrieving ISO 27001 guidance, supporting security decision-making, and maintaining key governance documentation.

Day 1 Foundations of Cybersecurity 
• Introduction to Information Security - Cybersecurity - Physical Security - Personnel Security - Policy & Governance 
• Understanding the relationship between information security and cybersecurity. Overview of cybersecurity domains: - Network Security - Endpoint Security - Identity & Access Management - Application Security - Cloud Security - Data Security - Security Monitoring (SOC) - Vulnerability Management - Email Security 
• Introduction to ISO 27001 and Information Security Management Systems (ISMS) 
• Understanding key governance documentation: - cybersecurity policies - asset register - risk register - security controls 
• Introduction to how AI can support cybersecurity implementation and monitoring 
Industry Case Studies 
• Organisations using AI to support security monitoring and governance • AI analysing organisational events to identify cybersecurity risks.

Hands-on 
Participants will: 
• create sample ISO 27001 governance documents Examples include: 
• cybersecurity policy template 
• asset register template 
• risk register template These documents will be stored in Markdown format and used later to build the RAG knowledge base.

Day 2 - Building Knowledge Base for Cybersecurity
• Introduction to Retrieval-Augmented Generation (RAG) 
• Understanding how ISO 27001 documentation becomes an AI knowledge base 
• Transforming ISO 27001-related documents into a searchable knowledge base (using already created documents stored in Markdown format on Day 1)

Hands-on 
Participants will: 
• load ISO 27001 documentation into a RAG pipeline 
• apply sentence-based chunking 
• generate embeddings and store them in a vector database 
• build an ISO 27001 based Knowledge base for an AI Agent  

Day 3 - Building AI Agent for Cybersecurity 
• Introduction to Agentic AI - reasoning - knowledge retrieval - monitoring events - generating recommendations • Designing agents that support: - cybersecurity control monitoring - risk assessment - governance updates 

Hands-on 
Participants will build AI agents capable of : 
• analysing cybersecurity events 
• recommending security controls 
• updating asset register entries 
• identifying risks and updating the risk register

Day 4 - Integrating Workplace Systems with Cybersecurity Monitoring Agents 
• Introduction to event-driven cybersecurity monitoring 
• Using n8n as the integration layer - Participants connect GitHub to n8n to generate live organisational events. GitHub events will represent activities across several cybersecurity domains: Identity & Access Management, Application Security, Data Security, Security Monitoring etc. 

Hands-on 
Participants will : 
• collect repository events from GitHub using n8n 
• send events to AI agents 
• retrieve ISO 27001 guidance from the RAG knowledge base 
• analyse potential security implications
• recommend security actions 
• update governance documentation when necessary

By the end of the training participants will be able to: 
• understand the relationship between cybersecurity implementation and ISO 27001 governance 
• build a RAG knowledge system using ISO 27001 documentation 
• apply sentence-based chunking to structure cybersecurity documentation 
• create AI agents capable of monitoring cybersecurity events 
• integrate organisational systems using n8n to collect live security-related events 
• analyse cybersecurity risks using AI agents and ISO 27001 guidance 
• design an AI-powered cybersecurity monitoring assistant

• Simple explanations suitable for beginners 
• Hands-on exercises using visual tools such as n8n and Flowise 
• Step-by-step development of a cybersecurity knowledge base using Retrieval-Augmented Generation (RAG) systems and the creation of related AI agents. 
• Practical cybersecurity monitoring scenarios where AI agents analyse workplace systems (e.g. GitHub) to detect security-relevant activities and generate alerts or insights. 
• Interactive demonstrations and exercises
• Live Q&A and personalised support during the training