Cyber Security Risk Assessment & Controls

The end goal of proactively defending and continuously improving the security of an organization is to ensure that resources (especially data) don’t get to be abused in its usage and/or protected for unauthorized use. This workshop offers to participants the knowledge and skills required to leverage intelligence and threat detection techniques, analyze and interpret data, identify and address vulnerabilities, suggest preventative measures and effectively respond to and recover from incidents.

CONTENT

Threat and Vulnerability Management

• Explain the importance of threat data and intelligence
• Utilize threat intelligence to support organizational security
• Perform vulnerability management activities
• Analyze the output from common vulnerability assessment tools
• Explain the threats and vulnerabilities associated with specialized technology
• Explain the threats and vulnerabilities associated with operating in the cloud
• Implement controls to mitigate attacks and software vulnerabilities

Software and Systems Security

• Apply security solutions for infrastructure management
• Explain software assurance best practices
• Explain hardware assurance best practices

Security Operations and Monitoring

• Analyze data as part of security monitoring activities
• Implement configuration changes to existing controls to improve security
• Explain the importance of proactive threat hunting
• Compare and contrast automation concepts and technologies

Incident Response

• Explain the importance of the incident response process
• Apply the appropriate incident response procedure
• Analyze potential indicators of compromise
• Utilize basic digital forensics techniques

Compliance and Assessment

• Apply security concepts in support of organizational risk mitigation
• Explain the importance of frameworks, policies, procedures, and controls

FOR WHOM: CIOs, IT Development Managers, Heads of Department, System Administrators/Engineers, IT Professionals and others who want to sharpen their knowledge in IT world.

TRAINING METHODOLOGY

The training methodology combines lectures, discussions, group exercises and illustrations. Participants will gain both theoretical and practical knowledge of the topics. The emphasis is on the practical application of the topics and as a result participant will go back to the workplace with both the ability and the confidence to apply the techniques learned to their duties.