This course covers effective strategies, techniques, systems, polices, and procedures to establish stronger cybersecurity and cybercrime controls, reduce operational risk, and improve online working whilst covering international best practices, ISO standards, compliance, audit, and industry regulations.
In today’s world and further into the digital future, all organizations face an ever-increasing number of information-related security challenges and risks against a backdrop of increasing national and global compliance, and audit standards and legislation.
Cybersecurity is the protection of data from theft and damage, business information, people’s identities, and how all businesses can be better equipped to work more safely in an increasingly online world where sensitive and personal information is stored, shared, and communicated.
This 4 day intensive training workshop addresses the latest concerns on IT infrastructure and cybersecurity. Participants will develop key skills and core competencies that will allow them to meet the ever-changing information security demands of the 21st century.
Course Participants will:
Understand today’s and tomorrow’s cybersecurity and cybercrime threats, issues, and risks; how to set up policies, train users, create strategies, and implement systems and tools to help protect data, information and people’s identities
Manage the growing volume of confidential, sensitive business information and data to protect, keep safe, and communicate securely against a backdrop of increasing cyber threats, as well as privacy, legal, and compliance regulations
Develop strategies and ways of working to improve detection of cybersecurity threats and improve information compliance
Understand the security-related international information compliance and regulations, including industry specific standards
Expand the expertise of personnel involved in developing skills and knowledge in the latest techniques, processes, and systems on cybersecurity
Who should attend:
Vice Presidents, Directors, General Managers
Chief Information Officers
Chief Security Officers
Chief Information Security Officers
Chief Technology Officers
Heads of Departments in Information Security Management Information Systems, IT Infrastructure, IT Architecture, Network Operations, IT Operations, IT Data Center, DataBase Management, IT Deployment, IT Business Enterprise, IT Risk Management, IT Quality Assurance, IT Audit, Risk Management, Internal Audit, Business Continuity Planning
Call Girls In Kengeri Satellite Town ☎ 7737669865 🥵 Book Your One night Stand
Cybersecurity Management Principles, 12 - 15 Nov 2017 Dubai, UAE
1. 1
Mark T. Edmead is a successful technology entrepreneur
with over 30 years of practical experience in computer
systems architecture, information security, and project
management.
Mark excels in managing the tight deadlines and ever
changing tasks related to mission-critical project
schedules. He has extensive knowledge in IT security, IT
and application audits, Internal Audit, IT governance,
including Sarbanes-Oxley, FDIC/FFIEC, and GLBA
compliance auditing.
Dr. Edmead understands all aspects of information
security and protection including access controls,
cryptography, security management practices, network
and Internet security, computer security law and
investigations, and physical security.
He has trained Fortune 500 and Fortune 1000 companies
in the areas of information, system, and Internet security.
He has worked with many international firms, and has the
unique ability to explain very technical concepts in
simple-to-understand terms. Mr. Edmead is a sought after
author and lecturer for information security and
information technology topics.
Mark works as an information security and regulatory
compliance consultant. He has:
• Conducted internal IT audits in the areas of critical
infrastructure/ systems and applications,
• Assessed and tested internal controls of critical
infrastructure platform systems (Windows, UNIX, IIS, SQL,
Oracle)
• Assessed and tested internal controls of various critical
financial applications.
• Prepared risk assessments and determined risks to
critical financial data systems and infrastructure
components.
• Created test plans & processes and executed test plans.
• Conducted reviews of existing systems and
applications, ensuring appropriate security, management
and data integrity via control processes.
• Prepared written reports to all levels of management
• Participated in audit review panel sessions to address
results, conclusions and follow-up actions required.
Dr Mark T. Edmead
CISSP, CISA, COBIT, Lean IT, TOGAF
IT Transformational
Consultant
MTE Advisors
YOUR INTERNATIONAL
COURSE FACILITATOR
Tel: +6016 3326360 Fax: +603 9205 7788 kris@360bsigroup.com
1. An extensive IT Security Architecture Questionnaire that will help you
evaluate your organization’s security position.
2. Online access to course materials, case studies and other related items of the
training seminar.
3. Take with you templates and worksheets to aid you in applying and putting
into practice what you have learned from this workshop.
11. AAnn exextetensnsivivee ITIT SSecec
evaluate your organizati
EXCLUSIVE:
ArArchchititecectuturere QQueueststioionnnnaiairere tthahatt wiwillll hhelelpp yoyouu
i ’ it iti
ccururitityy
i ti
:: PRE COURSE QUESTIONNAIRE & TAKEAWAYS
Course Participants will:
• Understand today’s and tomorrow’s cybersecurity and cybercrime threats, issues,
and risks; how to set up policies, train users, create strategies, and implement
systems and tools to help protect data, information and people’s identities – making
online working more secure
• Manage the growing volume of confidential, sensitive business information and
data to protect, keep safe, and communicate securely against a backdrop of
increasing cyber threats, as well as privacy, legal, and compliance regulations
• Develop strategies and ways of working to improve detection of cybersecurity
threats and improve information compliance
• Understand the security-related international information compliance and
regulations, including industry specific standards
• Expand the expertise of personnel involved in developing skills and knowledge in
the latest techniques, processes, and systems on cybersecurity
BENEFITS OF ATTENDING
In today’s world and further into the digital future, all organizations – small and large
and especially regulated industries – face an ever-increasing number of
information-related security challenges and risks against a backdrop of increasing
national and global compliance, and audit standards and legislation.
Cybersecurity is the protection of data from theft and damage, business information,
people’s identities, and how all businesses can be better equipped to work more
safely in an increasingly online world where sensitive and personal information is
stored, shared, and communicated.
In addition, Cybercrimes are offences that are committed against individuals or
groups with a criminal motive to intentionally harm the reputation of the victim or
cause physical or mental harm or loss using modern telecommunication networks
such as Internet (chat rooms, emails, notice boards and groups) and mobile phones.
Confidence in the digital future is essential to the growth of all organizations. It
means being aware of cybersecurity risks, and understanding industry standards and
compliance requirements while embracing opportunities for growth; and being able
to assess which threats could affect your business goals and having the agility to
deal with them as they arise.
This course covers effective strategies, techniques, systems, polices, and procedures
to establish stronger cybersecurity and cybercrime controls, reduce operational risk,
and improve online working whilst covering international best practices, ISO
standards, compliance, audit, and industry regulations.
COURSE OVERVIEW
IT
SERIES
12 - 15 NOVEMBER 2017
DUBAI
UNITED ARAB EMIRATES
CYBERSECURITY
MANAGEMENT
PRINCIPLES
2. 2
WHO SHOULD ATTEND
Vice Presidents, Directors, General Managers
Chief Information Officers
Chief Security Officers
Chief Information Security Officers
Chief Technology Officers
Heads of Departments in Information Security
Management Information Systems, IT
Infrastructure, IT Architecture, Network
Operations, IT Operations, IT Data Center,
DataBase Management, IT Deployment
IT Business Enterprise, IT Risk Management,
IT Quality Assurance, IT Audit, Risk Management,
Internal Audit, Business Continuity Planning
WHY THIS EVENT
The aim of this interactive workshop is to provide
you with the skills critical to developing your
Cyber Security Architecture & Policies.
After attending this workshop, you will leave
fully armed with the knowledge needed to
design and maintain a strong & secure IT
infrastructure.
The combination of interactive presentations,
hands-on exercises and open discussion groups
along with real case studies, ensures you will
obtain maximum value from attending.
COVERAGE
Cybersecurity Concepts & Principles
Roles & Responsibilities
Security Awareness
Layered Security approach
Security Policy Implementation
Risk & Vulnerability Assessment
Threat Identification
Penetration testing
IT Network & System Security
IT Security Architecture
Security Design & Maintenance
Security Control Frameworks
ISO 27001 Security Standard
Laws & regulations
DAY2 ESTABLISHING YOUR SECURITY POLICY
We will discusses the value of the information and what we need to do to
protect it. Effective security architecture begins with the establishment of
a security policy. Organizations should also perform a risk assessment in
order to better understand the important areas in their security
architecture.
Developing a Security Policy
- The overall“plan of attack/defense”
- Declaration of intent
- Characteristics of a good policy
- Policy examples
Objectives of Risk Management
- Benefits of performing a risk assessment
- Prioritizing vulnerabilities and threats
- Identifying the risk impact and determine acceptable risks
- Creating a risk matrix
The value of information
- Why you need to classify levels of information
- Managing data at rest and in transit
- Understanding data access controls
- The value of knowing where your data resides
Basic security threats and principles
- Vulnerabilities, threats and countermeasures
- Hacker probing and attack
- LAN, WAN, and wireless network technologies and protocols
DAY1 CYBERSECURITY - CONCEPTS &
PRINCIPLES
We will cover the main concepts, principles, structures, and standards
used to design, monitor, and secure operating systems, equipment,
networks, applications and those controls used to enforce various levels
of confidentiality, availability, and integrity.
Laying the foundation
- The relationship between people, process and technology
- The information security triad: confidentiality, integrity and availability
- Concepts of security management
- Creating policies, standards, guidelines and procedures
- Promoting security awareness
Protecting our assets
- Where attacks come from
- Protecting from internal attacks
- Protecting from external attacks
- Threats and vulnerabilities overview
Security Architecture Basics
- Security as a design goal
- Security models
- Authentication methods
- Authorization
- Models for access control
The Objectives of Security
- The active defense approach to security
- Using the Defense in Depth concept
- Layered approach including perimeter security, network security, host
based security, and human awareness
COURSE
CONTENT
3. 3
COURSE SCHEDULE
8.00
8.30
10.10 - 10.30
12.00 - 13.00
14.40 - 15.00
16.00
Registration & Coffee/Tea
Workshop commences
Morning coffee/tea
Lunch
Afternoon coffee/tea
End of day
“Session well organized. The trainer is very
conversant with the subject matter. Well delivered
and would definitely recommend to anyone else.”
- Habil Mutende, Manager Information Security & Change
Management, Central Bank of Kenya
“Excellent presentation, excellent attitude to
answer our questions & to share his experience.”
- Senior Manager, IT Department, Deloitte
“The programme is good for IT professionals...
[who] would like to setup ISO function or improve
ISO.”- G. Ramgopal, Head IT Security, Bank Muscat Oman
“I have used Mark in key roles with high visibility
clients. Without hesitation I would highly
recommend Mark for any and all IT audit
engagements. His professionalism, deep
knowledge, and results oriented work style are
deeply valued by not only myself, but more
importantly by the all those who are lucky enough
to use his services.”- Russ Aebig, Director at Artesient
“We have used Mark Edmead on several projects in
the past few years including SOX readiness for
publicly traded companies and IT vulnerability
assessments for major financial institutions. He
always delivers professional and detail-oriented
workpapers on-time and within budget. Mark is
highly recommended and we will continue to use
him on other projects.”- Brenda Piazza, Director at CBIZ MHM
1
3
2
4
5
Latest TESTIMONIALS
DAY4 DESIGNING & MAINTAINING YOUR
SECURITY ARCHITECTURE
Day Four wraps up the course by providing a guideline on how to design,
create, and maintain a strong security architecture. This includes a
discussion on best IT Governance practices. We will also discuss how to
make sure your technology infrastructure aligns with your security (and
business) objectives.
Implementing a proactive security management system
- Justifying the cost of security
- Aligning your technology infrastructure to business objectives
- How to continually strengthen your security posture
Understanding the various security control frameworks
- COBIT 5 – Governance and Management of IT Enterprise
- ISO 270xx Security Standards
- The NIST Standards
Developing and implementing a successful governance strategy
- The Balanced Scorecard and IT Governance
- Governance of outsourcing
- Managing risks and IT Governance
- Best practices for implementing continuous improvement concepts and
principles
Understanding Strategic Alignment
- Enterprise mission, objectives, and values
- Drivers and trigger points
- Benefits realization, risk optimization, and resource optimization
- Business objectives and goals alignment to facilitate IT governance
DAY3 THREAT, RISK & VULNERABILITY
ASSESSMENT
We will discuss the vulnerabilities, threats, and risks to the system and
network environment. We will also discuss practical application of risk
assessment to an organization, how to conduct an assessment, and how
to use this information to improve the security posture.
Vulnerability and Penetration testing
- Why performing vulnerability and penetration testing is important
- Tools and techniques used in penetration testing
- Review of sample penetration testing report
- How to correct problems identified in the vulnerability and penetration
testing report
Protecting the network
- Firewalls and other perimeter security devices
- Intrusion detection systems
- Using a scanner to discover vulnerabilities
- Understanding network management tools
Hardening Operating Systems
- Unused user accounts
- Excessive rights and permissions
- Service packs and hotfixes
The importance of the Business Continuity and Disaster Recover Plans
- Introduction to BCP/DRP
- Conducting the Business Impact Assessment (BIA)
- Review of the BCP/DRP process
- Establishing data recover options