Cyber Security: Information Security Management Best Practice

Objectives

By the end of the course, participants will be able to:

  • Apply information security standards to their organization and its critical assets
  • Identify the threats presented by viruses, malware, active code, and Active Persistent Threats (APT) and consider the different mitigating options
  • Formulate and manage effective cyber security teams, and apply the Computer Security Incident Response Team (CSIRT) framework, tools and capabilities to deliver cost effective and robust solutions to protect the organization
  • Use Neuro Linguistic Programing (NLP) to deliver messages that will change the way employees work and think about security
  • Examine the area of wireless security protocols, their security attributes, and their potential insecurities within the organization, and in public spaces
  • Illustrate how penetration testing and ethical hacking enhance organizational security
  • Evaluate and apply two of the most important aspects in the modern day of cyber-adversity: Open Source Intelligence (OSINT) and cyber threat intelligence

Who should attend

IT professionals, security professionals, auditors, site administrators, general management and anyone tasked with managing and protecting the integrity of the network infrastructure. This also includes anyone already familiar and involved with IT/cyber/digital security and seeking to build on their fundamental principles of security.

Outline

  • Adapting to evolving standards
    • Information security standards (e.g. PCI-DSS/ISO27001)
    • Documented tools:
      • ISO/IEC 27001
      • PAS 555
      • Control Objectives for Information and Related Technology (COBIT)
    • Future standards
      • ISO/IEC 2017
      • EU privacy regulations
      • Local and international government stipulations implicating access to private data
    • Principles of IT security
      • Enterprise security
        • External defenses
        • Web filtering
        • Intruder Prevention Systems (IPS)
        • Intruder Detection Systems (IDS)
        • Firewalls
      • Secure code
      • Software Development Lifecycles (SDL)
      • Potential insecurities within developed applications
      • WiFi security protocols and attributes
      • Voice over IP (VoIP) security
      • Governance Risk and Compliance (GRC)
      • Security Incident Event Management (SEIM) applications
      • Cloud security
      • Third party security and compliance
    • Adopting cyber security measures
      • Employee perception on security through Neuro Linguistic Programing (NLP)
      • Security education and awareness: techniques, systems, and methodologies
      • Penetration testing
      • Ethical hacking
      • Options to mitigate viruses, malware, active code threats and Active Persistent Threats (APT)
      • The Computer Incident Response Team (CSIRT) frameworks, tools and capabilities
      • Incident first response: proven methodologies, tools, and systems
      • The science of applying robust digital forensics: applicable law, capabilities, and methodologies
      • Supervisory Controls and Data Acquisition (SCADA); security requirements, processes and methodologies
      • Abuse images: complying with local and international law

 

Training Methodology:
This interactive training course includes the following training methodologies as a percentage of the total
tuition hours:-
• 30% Lectures, Concepts, Role Play
• 30% Workshops & Work Presentations, Techniques
• 20% Based on Case Studies & Practical Exercises
• 20% Videos, Software & General Discussions

Certificates

A Certificate of Completion will be issued to those who attend & successfully complete the programme.

Schedule

  08:30 – 10:15 First Session

 10:15 – 10:30 Coffee Break

10:30 – 12:15 Second Session

 12:15 – 12:30 Coffee Break

12:30 – 14:00 Third Session

 14:00 – 15:00 Lunch

 Fees

 The Fee for the seminar, including instruction materials, documentation, lunch, coffee/tea breaks & snack is:

  • Last updated on .