Duration: 3 days – 21 hrs
Overview
Cybersecurity risk management takes the idea of real-world risk management and applies it to the cyberworld. This course aims to provide the trainees the fundamentals of identifying and managing threat and risks in their organization/workplace.
It involves identifying your risks and vulnerabilities and applying administrative actions and comprehensive solutions to make sure your organization is adequately protected. Some organizations such as financial services firms and healthcare organizations have regulatory concerns in addition to business concerns that need to be addressed in a cybersecurity risk management system.
Objectives
- Understand and apply the concepts defense-in-depth
- Identify threat vectors, threat models, and possible attack vectors relevant to their environment
- Understand and apply risk management concepts
- Understand the purpose and components of policy
- Identify, analyze, and prioritize Business Continuity (BC) requirements
Audience
- Cybersecurity professionals, network engineers, security analysts, policy analysts.
- Security operation personnel, network administrators, system integrators and security consultants.
- Computer engineers working on cybersecurity technology.
- Test engineers who need to learn the security issues in networks.
- Security traders to understand the cybersecurity systems.
- Investors and contractors who plan to make investments in security system industry.
- Technicians, operators, and maintenance personnel who are or will be working on cybersecurity projects.
- Managers, accountants, and executives of the cybersecurity industry.
Prerequisites
Any graduate of Engineering, Science, or any BS degree courses that has Information Technology units or anyone with experience on handling ICT equipment.
Course Content
- Security Principles and Fundamentals
- Threats, Vulnerabilities, and Risks
- Types of attacks and exploits
- Introduction to Risk Management
- Types of Risk Analysis
- Asset Controls
- Threat Modeling, Threat Identification, Vulnerability Identification
- Introduction to Access Controls
- Access Control Process
- Information Security Roles and Responsibilities
- Access Control Types
- Password Management
- Business case for risk management
- Policy Framework
- Creating the Policy
- Issue-specific policy examples and Introduction NDA’s and copyrights
- Contingency planning: Introduction to BCP and DRP
- Difference of BCP and DRP
- BCP Key Components
- BCP Phases
- Top BCP/DRP Planning Mistakes
