Description
OVERVIEW
Cyber attacks are the fastest growing crime in the world, and they continue to grow in size and sophistication. Companies like Facebook, Panera Bread, Under Armour and Uber made headlines after having customer information stolen. With each breach, administrative fears and the demand for cybersecurity certifications increase.
These fears are not unfounded. Several researches show that over 60 % in the U.S. would likely halt any interaction with a business that’s officially been hacked.
As a company, you might find yourself scrambling to hire top cybersecurity talent or equip your IT team with cybersecurity certifications. As an IT professional, the demand for cybersecurity skills presents a huge opportunity to boost your résumé, stand out among candidates and increase your earning potential.
According to a CyberSeek report, the number of cybersecurity job openings in the U.S. stands at almost 302,000, with nearly 769,000 cybersecurity professionals employed in today’s workforce. Projections continue to be robust further out: CSO expects that number to hit 500,000 by 2021, with more than 3 million cybersecurity jobs open for the rest of the world that same year.
Our Certified Cybersecurity Risk Management Professional encompasses the following other relevant certifications:
- Certified Ethical Hacker
- Certified Information Security Manager
- CompTIA Security+
- CISSP: Certified Information Systems Security Professional
- GSEC: SANS GLAC Security Essentials
To stop a hacker, you must be able to think like one. It’s an interesting balance between toeing the line of moral actions and processing the malicious thoughts the average cybercriminal would have. This kind of mentality isn’t easy to come by, which is why we offer the CCSP.
The certification covers strategies, frameworks, methodologies, and tools to manage cybersecurity risks, identify various types of common threats, design and operate secure computing and networking environments, assess and audit the organization’s security, collect, and analyze cybersecurity intelligence, and handle incidents as they occur. The certification also covers closely related information assurance topics such as auditing and forensics to provide a sound basis for a comprehensive approach to security aimed toward those on the front lines of defense.
AGENDA
Introduction to Cybersecurity
- Overview of the cyber threat landscape
- Impacts of cyber security incidents as well as tactics and strategies to aid cyber defence.
- Concepts and Definitions
- Difference between IT Security, Information Security, and Cyber Security
- Assets, Threats & Vulnerabilities
- Cyber Security Strategy
- Supporting Business Goals and Objectives
- Cyber Security Policy Framework
- Risk Management Concept Definitions
- Risk Avoidance, Mitigation, Transfer, and Acceptance
- Threats and Opportunities
- Assessing the current threat landscape
- The Internet of Things
- Insourcing and Outsourcing
Security Architecture
- The key role of security architecture
- Security Architecture Frameworks
- Security Architecture Design Principles
- Service Models
- Cryptography
- Implementing Security
- Network Security
– Routers, switches, firewalls, intrusion detection and prevention - Endpoint Security
– Servers, desktop systems, laptops, tablets, and mobile devices - Application Security
- Data Security
Social Engineering and Insider Threats
- The weakest security link in any organisation – its people
- How to help people do the right thing, and deterring or detecting malicious intent.
- What is social engineering and who or what are social engineers, what they want, how they get it, and how to stop them.
- Bring Your Own Device (BYOD) – the growing trend of BYOD, the Pros and Cons as well as policy considerations.
Internet and Social Networking
- Safe internet.
- Online and mobile banking
- Online shopping
- Social networking
- Using wireless networks
- Antivirus software and installing updates
- Introduction to PCI DSS
- Managing Home and Mobile Working Risks
- Managing and Preventing Malware
- Managing Physical security
- Basics of Removable Media
Auditing, logging and security technologies
- Security Information and Event Management System (SIEM)
- Authorization, encryption, firewalls, intrusion prevention, anti-malware
- Security events and incidents
- Legal aspects
- Incident Response Process
- Incident Management Team
- Computer Forensics
Communications and Network Security
- Network architecture
- Network controls
- Security of network and wireless services
- Segregation in networks
- Information transfer
Information Security Risk Management
- Information security risk management based on ISO/IEC 27005
- EBIOS risk assessment methodology
- MEHARI risk assessment methodology
- OCTAVE risk assessment methodology
Cybersecurity Tools
- Cybersecurity tolls-introduction
- Penetration testing tools
- Password auditing and packet sniffers cybersecurity tools
- Cybersecurity tools for network defense
- Tools for scanning web vulnerabilities
- Encryption cybersecurity tools
- Tools for monitoring network security
- Cybersecurity tools for detecting network intrusions
CYBERSECURITY FRAMEWORKS
- What Is Cybersecurity Framework?
- Why Cybersecurity Framework Is Important For Organisations
- Cybersecurity Framework Strategies
- Iso Iec 27001/Iso 27002
- Nist Cybersecurity Framework
- Iasme Governance
- Soc 2
- Cis V7
- Nist 800-53
- Cobit
- Coso
- Tc Cyber
- Hitrust Csf
- Cisq
- Ten Steps To Cybersecurity
- Fedramp
- Hipaa
- Gdpr
- Fisma
- Ny Dfs
- Ny Dfs
- Nerc Cp
- Scap
- Ansi
- Nist Sp 800-12
- Implementing Cybersecurity Frameworks
TRAINING METHODOLOGY:
A highly interactive format, where all delegates will be encouraged to engage and participate, share and gain from each other’s knowledge and experience. The lectures will rely on a bullet-based slide presentation enriched by group discussions around case studies, videos and checklists wherever applicable.
Through a multiple-instructional setting, the goal is to achieve the learning objectives by means of virtual technologies that match personal learning styles and by the inclusion of non-linear learning that aims at the development of just-in-time skills of adult learners.
At the same time and in order to allow participants maximum flexibility of scheduling, the learning will be conducted in an allochronic manner. Using a state-of-the-art training architecture, RMA will combine self-learning with assessments and online discussions.
The pedagogics – adapted explicitly to professionals in full-time work – will help train participants through several experiences: absorb (read); do (activity); intermingle (socialize); mirror (relate to one’s own reality).
DURATION: 5 days [ 5 Hours each day]
VENUE: Virtual or Onsite[RFP]
DATE[TBC]: Send enquiry to: info@theriskacademy.org or call: 08021003297;07034248767;09071941111