CYBER SECURITY ESSENTIALS FOR BUSINESS

This event has passed

Why Attend

This course will provide participants with in-depth knowledge and practical skills to plan, deliver and monitor IT/cyber security to internal and external clients encompassing a complete, conjoined set of disciplines in the areas of IT policies, Security-Operational-Run-Book, security/penetration testing, ethical hacking, and black hat hacking.

Event Date: 27/02/2024 – 27/02/2024

Request an In-House Proposal

Download 2024 Training Calendar

More Dates

12/12/2024 – 14/12/2024

Price: $ 128.49

Overview
Course Outline

This course will cover WiFi security, Website security, human factors, cyber forensics, cyber security team management, Secure Operations Center (SOC) , and Computer Security Incident Response Team (CSIRT) infrastructures.

As part of the course, participants will conduct a risk assessment of two different deployments based on the ISO27001 to identify any direct, or indirect threats, security exposures, or potential for vulnerabilities. Participants will also respond to an example security incident and identify the best practices which could be applied to secure their organization and associated assets.  All participants will be given copies of Run Books to deal with cyber extortions, Distributed Denial of Service (DDoS/DoS) , and forensic investigations.

Adapting to evolving standards

Information security standards (e.g. PCI-DSS/ISO27001)
Documented tools:
- ISO/IEC 27001
- PAS 555
- Control Objectives for Information and Related Technology (COBIT)

Future standards

ISO/IEC 2017
EU privacy regulations
Local and international government stipulations implicating access to private data

Principles of IT security

Enterprise security
- External defenses
- Web filtering
- Intruder Prevention Systems (IPS)
- Intruder Detection Systems (IDS)
- Firewalls

Secure code
Software Development Lifecycles (SDL)
Potential insecurities within developed applications
WiFi security protocols and attributes
Voice over IP (VoIP) security
Governance Risk and Compliance (GRC)
Security Incident Event Management (SEIM) applications
Cloud security

Third-party security and compliance

Adopting cyber security measures
Employee perception of security through Neuro-Linguistic Programing (NLP)
Security education and awareness: techniques, systems, and methodologies
Penetration testing
Ethical hacking
Options to mitigate viruses, malware, active code threats, and Active Persistent Threats (APT)
The Computer Incident Response Team (CSIRT) frameworks, tools, and capabilities
Incident first response: proven methodologies, tools, and systems
The science of applying robust digital forensics: applicable law, capabilities, and methodologies
Supervisory Controls and Data Acquisition (SCADA); security requirements, processes, and methodologies
Abuse images: complying with local and international law

Building cyber security teams

Creation and management of a Secure Operations Center (SOC)
Development of the Corporate Security Organization Framework
Formulation and deployment of a Computer Security Incident Response Team (CSIRT)
Bespoke Security Incident and Event System (SIEM) for the operational deployment
Risks associated with I/O Security (e.g. USBs, CDs, other forms of media)
Risks of Active Code Injection, and mitigation techniques