Course Methodology
The course will include practical sessions, presentations, group work and demonstrations in order to enhance the learning experience.
Course Objectives
By the end of the course, participants will be able to:
- Apply skills for identifying, assessing, analyzing, responding to, and monitoring risks and threats within the organization, facilitating informed decision-making and proactive risk mitigation
- Master principles of asset security, including endpoint security, resilient architectures, secure design, SDLC practices, configuration management, and cryptography
- Implement a holistic security approach by deploying and managing technical, physical, and managerial controls to ensure a robust and comprehensive security posture
- Utilize knowledge and skills in leveraging cyber threat intelligence and Open-Source Intelligence (OSINT) for proactive identification, response, and mitigation of potential cyber threats
- Conduct business impact analyses, create business continuity plans, and craft disaster recovery plans to ensure effective organizational sustainability and recovery from disruptive incidents
Target Audience
This course is suitable for anyone already familiar and involved with IT / Cyber / Digital Security, and seeking to build on their fundamental principles of security. This includes, but is not limited to, IT professionals, security professionals, auditors, system administrators, general management, and anyone who is tasked with managing and protecting the integrity of the network/organizational infrastructure.
Target Competencies
- Information security management
- Development of IT policies and procedures
- Applications of cyber security solutions
- Threat Intelligence
- Incident management and response
Fundamentals of Cyber Security
- Definitions
- Security concepts and definitions
- Cyber security standards
Risk Management
- Risk and threat landscape
- Risk assessment, evaluation and analysis
- Risk response
- Risk monitoring and reporting
Asset Management
- Endpoint security
- Creating a secure architecture
- Secure by design
- System development lifecycle
- Device configuration
- Overview of cryptography
Security Controls
- Technical controls
- Physical controls
- Administrative controls
Security Education, Training, and Awareness (SETA)
- Developing a security education, training and awareness program
- Developing and measuring against SETA metrics
Threat Management
- Cyber Threat Intelligence
- Open-Source Intelligence overview
Business Continuity and Disaster Recovery
- Business impact analysis
- Business continuity planning
- Disaster recovery planning
Incident Management
- Incident management and incident response overview
- Incident handling life cycle
- Digital forensics principles