ITU-IMPACT Training and Skills Development Course Catalogue

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "ITU-IMPACT Training and Skills Development Course Catalogue"

Transcription

1 ITU-IMPACT Training and Skills Development Course Catalogue Management Track Technical Track Course Area Management Incident Response Digital Forensics Network Application Law Enforcement Foundation Management Essentials Intermediate Developing Policies and Procedures ISO Information Management System (ISMS) Concepts and Awareness ISO Information Management System (ISMS) Implementation Developing and Implementing Computer Incident Response Team (CIRT) Incident Handling and Response Advanced Incident Handling and Response Malware Analysis Introduction to Digital Forensics Network Forensics and Investigations Audit Mac and Mobile Forensics Cloud Forensics Securing Networks Vulnerability Assessment / Penetration Testing NetFlow Analysis Web Application Cybercrime Inves igation for Law Enforcement Advanced (ISC) 2 CISSP CBK Review Seminar Target Audience CIO, CISO, IT Managers, Incident Managers, Responders and Forensics Analysts, Forensics Investigators, Network Administrator, Network Support, Web Application Law Enforcement Developers, Officers, IT Executives, Analysts, Incident Handlers, Incident Handlers, Webmasters, Legal Officers, Compliance Managers, Network and System and Malware Analysts. Network Managers, and Application and Lawyers. Dept. Heads, Managers and Administrators, and IT Support, Support Executives. Executives. Malware Researchers IT Administrators, and Investigators. and CIRT Analysts.

2 ITU-IMPACT Management and Specialised Tracks - The Roadmap TECHNICAL TRACK Incident Response Developing and Implementing Computer Incident Response Team (CIRT) Incident Handling and Response Advanced Incident Handling and Response Malware Analysis Introduction to Digital Forensics Advanced Network Forensics Digital Forensics Audit Mac and Mobile Forensics Cloud Forensics Securing Networks Network Vulnerability Assessment / Penetration Testing NetFlow Analysis MANAGEMENT TRACK Application Web Application Management Essentials Developing Policies and Procedures ISO Information Management System (ISMS) Concepts and Awareness Management Law Enforcement Cybercrime Investigations for Law Enforcement ISO Information Management System (ISMS) and Implementation

3 1. Management Track This track addresses management s concerns on the overall information security management for businesses and organisations which has evolved from a technical perspective to business. Key success factors are areas such as security or corporate governance taking into account the adoption of security frameworks, information security standards, security policies, best practices, guidelines, and risk management. 1.1 Management Organisations today are exposed to more complexities and uncertainties with the increasing use of technology and the pace at which the risk environment is changing. As every business assets and processes are exposed to both internal and external threats, organisations must implement internationally accepted information security standards, best practices and controls to identify, manage and mitigate these threats. Organisation-centric approaches to security management taking into consideration the impact of risks on the organisation determines the best security activities and practices most suitable for the organisations cybersecurity resilience Management Essentials Management is a comprehensive course which provides IT professionals and practitioners with the most up-to-date developments in cybersecurity. This course covers the key concepts, definitions, principles and goals of information security taking into consideration both management and technological aspects. Key topics include firewalls, intrusion detection and prevention systems, risk management models including ISO 27001, standards, security policies, tools and techniques used in cyber threats, security risks to networks, defending against attacks through the implementation of proper security mechanisms, encryption, authentication and authorisation technologies. Participants will also see live demonstrations of the tools and techniques used by malicious individuals to attack vulnerable applications and systems. Awareness is included as part of the course targeting all audiences specifically managers and IT Administrators. This is a value added offering to ensure participants are well informed of most current security threats and issues related to their roles and respons bilities. Awareness for Managers is targeted at those with responsibility for staff and protection of assets, while Awareness for IT Administrators is targeted at those with IT and Network Systems administration, developmental, and supporting responsibilities. This course sets the core foundation of IT security knowledge. It is suitable for any member of the IT community from the newest of the team to the most experienced professional. It descr bes the core fundamentals of information security in an interesting and relevant manner, covers the close alignment of information security with the changing business requirements, enabling participants to effectively understand information security concepts in business processes and designs. Target Audience IT Managers/Executives, IT Systems Administrators, Administrators, Database Administrators, Access Control Administrators, Systems Analysts and Designers, Application Developers, Business Analysts, and user representatives. Course Duration This course can be customised according to participant s requirement. Delivery Mode Lecture with presentation slides, course materials, learning activities, case studies, and review questions Developing Policies and Procedures As business needs as well as the environment change, new risks are always on the horizon and critical systems are continually exposed to new vulnerabilities. Policy development and assessment are a continual process. This is a hands-on intensive course on writing, implementing and assessing security policies. This intensive course is suitable for IT and non-it professionals carrying out cybersecurity duties including creating and maintaining of policy and procedures. It provides hands on training on writting, implementing and assessing security policies. Participants will be assigned to write policy template. Target Audience: Managers, CISOs, CSOs and anyone responsible for developing security policies. Course Duration: 3 days

4 1.1.3 ISO Information Management System (ISMS) Concepts and Awareness ISMS is a risk management approach to maintaining the confidentiality, integrity and availability of the organisation s information. This course is designed to promote awareness of the objectives and benefits of information security, as well as the requirements of Target Audience: This is a non technical security course concerning information security management. It is suitable for executives and managers from a wide range of disciplines, and should be attended by a broad range of IT security professionals. 1. ISO for ISMS establishment, implementation, operation, monitoring, review, maintenance and improvement, and 2. ISO on information security controls. It also provides an insight into the emerging ISO series of standards. Course Duration: 3 days ISO Information Management (ISMS) Implementation Recent high-profile information security breaches and increased awareness of the value of information are highlighting the ever-increasing need for organisations to protect their information assets. An information security management system (ISMS) is a risk management approach to maintaining the confidentiality, integrity and availability of the organisation s information. This course leads participants through a series of exercises following the requirements of ISO 27001:2005 for ISMS implementation. Implementation exercises are supplemented with case studies on risk management techniques using relevant tools and solutions. Target Audience: This is a non-technical IT information security management course suitable for managers from a wide range of disciplines. Pre-requisite: Participants should have a basic knowledge of business information systems and competency productivity tools i.e. word processors, spreadsheets and presentation software. 2. Technical Track This highly specialised track focuses on designing, developing, configuring, implementing, and managing technical security solutions for organisation and constituents. Participants will be able to enhance their knowledge and skills using the current industry practices, and have access to the latest technology, methodologies, and best practices. The courses offered in this track are centred around proactive and reactive solutions required for practitioners to effectively perform their duties in managing and mitigating cyber threats against their organisations security infrastructures and information systems. 2.1 Incident Response Incident response is a structured approach in addressing and managing the aftermath of an incident. The goal is to handle the situation in a way that limits damage and reduces recovery time and costs. If not managed properly, an incident can escalate into an emergency, a crisis, or even a disaster, decreasing the organisations resilience ability Developing and Implementing a Computer Incident Response Team (CIRT) This course will provide participants who have imited knowledge, experience, or background required to formulate the policies, processes, management structure, equipment, and other requirements necessary to respond to network incidents. It provides information on refining the current structure and capabilities for a Computer Incident Response Team (CIRT) or a team with similar capabilities. Target Audience: CIRT Manager, CIRT Analyst, Incident Handler, Analyst

5 2.1.2 Incident Handling and Response The course is designed to provide insight into the work an incident handler may perform. It will provide an overview of the incident handling arena, including CIRT services, intruder threats, and the nature of incident response activities. Participants will: 1. Learn how to gather the information required to handle an incident; 2. Realize the importance of having and following pre-defined CIRT policies and procedures; 3. Understand the technical issues relating to commonly reported attack types; 4. Perform analysis and response tasks for various sample incidents; 5. Apply critical thinking skills in responding to incidents, and 6. Identify potential problems to avoid while taking part in CIRT work. Target Audience: CIRT Manager, Analyst and any technical staff; Incident Responders; and Network Administrators. Those with little or no incident handling experience are encouraged to attend. The course incorporates interactive instructions, practical exercises, and role playing. Participants will have hands-on exercises on sample incidents taken from real life scenarios Advanced Incident Handling and Response This course is designed to further enhance the knowledge and skills of incident handlers and responders involved in solving compromises and breaches by analysing events and formulating effective remedial actions and strategies. Participants will work as a team on several incident scenarios, artefacts and exercises applying industry best practices, effective methodologies and tools. They will be taken through a series of work plans and processes to identify, analyse, and then present the findings and response strategies to interested parties. This course will also include modules on artefact analysis, vulnerability handling and producing security advisories. Target Audience: Incident Managers, Responders and Analyst, Network and System Administrators, Malware Researchers and Investigators. Delivery Mode: Lectures with presentation slides, extensive hands-on group exercises, and case studies Malware Analysis Determining the functionality of malware is critical both during the incident response process and to identify where threats originate from. The course examines malware in both static and runtime environments. It will take into account the viewpoint of an incident responder attempting to determine what malicious activities the malware has conducted in order to mitigate further malicious activity and remove the malware from an infected system. The course will also consider the perspective of a Computer Incident Response Team (CIRT) or security team involved in investigating, analysing and reporting on malware related incidents. Both static and runtime malware analysis techniques and reverse engineering tools such as IDA Pro and Ollydbg will be covered. Target Audience: Incident Responders, Network and System Administrators, CIRT Personnel, Malware Researchers, Malware Investigators, Antivirus Analysts 2.2 Digital Forensics The ability to preserve and to analyse data found on digital storage media, computer systems and networks is essential for understanding and mitigating cyber attack against IT infrastructures. Forensics professional s must be highly competent in collecting, examining, analysing and reporting on digital evidence in order to preserve critical information. They are also required to know the legal aspects associated with forensics investigation particularly for representation in a court of law. The use of real-world scenarios would enable participants not only to learn the required skills, but also gain experience in their practical application Introduction to Digital Forensics Investigating what happened on a computer system after a suspected intrusion is critical to quantifying losses from a security breach. This course will teach network and system administrators on identifying the particular consequences of an intrusion. It helps administrators to identify what data has been compromised by applying host forensics techniques and conducting log analysis. The focus will be on the discovery of data hiding techniques, rootkits, malware functionality and time-based analytics. Analysis of the FAT, NTFS and EXT2 file systems will also be covered. This course serves as a good foundation for further instruction on commercial tools or to use open source forensics tools more effectively. Target Audience: Incident Responders, Network Administrators, System Administrators, and CIRT Personnel.

6 2.2.2 Network Forensics and Investigations Participants will gain real world knowledge and skills to analyse network traffic, improve network security and reliability, and protect networks from malicious and criminal attacks. In addition, they will learn the techniques to identify suspicious traffic patterns, a breached host, and signs of Bots running in a network, as well as the techniques to deal with and manage compromised machines. Target Audience: IT Practitioner, Forensic Analyst, Incident Handlers, Network Administrators, Law Enforcement Officers and Support Staff. Delivery Mode: Instructor-led, group-paced, classroom-delivery learning model Audit This is a comprehensive course designed to equip security practitioners with the technical knowledge and skills to investigate and better understand their IT environment including computers, applications, network systems, and services. This course covers topics such as technical concepts, data analysis on devices, file systems, operating systems, common threats, security best practices and the tools used to identify, analyse and mitigate cyber threats faced by users, devices and organisations. Target Audience: Network and System Administrators, CIRT Analyst, Cybercrime and Forensic Investigators. Delivery Mode: Lectures with presentation slides, case studies and extensive hands-on exercises Mac and Mobile Forensics The course emphasises solid forensic practices in mobile phone investigation as well as reporting. Stepping through the logical and physical acquisition of memory with such a variety of devices is challenging to say the least. The class addresses the strengths and weaknesses for many of the mobile forensic tools being utilised in the field. The Mac forensics training aims to form a well-rounded investigator by introducing Mac forensics into a Windows-based forensics world. The programme focuses on topics such as the HFS+ file system, Mac specific data files, tracking user activity, system configuration, analysis and correlation of Mac logs, Mac applications, and Mac exclusive technologies. Target Audience: Experienced Digital Forensics Analysts, Media Exploitation Analysts, Incident Response Team Members, Information Practitioners, technical team members, and those with national responsibilities in cybersecurity issues. Delivery Mode: Lectures with presentation slides, case studies and group exercises and hands-on forensic analysis Cloud Forensics This course provides a clear statement of the knowledge and skills required by a professional dealing with cloud forensics. The objectives of this course are: 1. To enhance knowledge and skills required by a professional dealing with cloud forensics, 2. To share with participants risk assessment and mitigation strategies for cloud adoption to be reflected adequately in cloud services contracts 3. Consideration of various legal implications of cloud investigations, and 4. Demonstrate technical competence in handling investigative cases in cloud computing environments. Target Audience: CEO, CIO, CISO, policy makers, security architects, ethical hackers, forensic practitioners, law enforcement, legal professionals and advisors, researchers and academics. Delivery Mode: Lectures with presentation slides and extensive hands-on exercises.

7 2.3. Network Network courses are designed to equip IT professionals and practitioners with the knowledge and skills required for implementing, designing, configuring, maintaining and reviewing a secure network system to prevent and manage network vulnerabilities. Participants will learn the skills needed to identify and to analyse common internal and external security threats against a network so proactive security and audit strategies can be implemented to protect the organisation's information assets and systems from weaknesses. These weaknesses are often exploited by remote users using publicly and commercially available software tools and through manual techniques. Web-based applications need to be audited to ensure that vulnerabilities are discovered, where risks mitigated promptly and effectively. Policies, processes, management structures, equipment, and other requirements are also necessary to respond to any unforeseen network incidents Securing Networks In today's network dependent business environment, organisations link their systems enterprise wide and virtual private networks, as well as connect remote users. In this course, participants learn to analyse risks to networks and steps needed to select and deploy appropriate countermeasures to reduce the exposure to these threats. Target Audience: Network Administrators, Network Support, System Support, Incident Handlers, Network Managers, IT Support. Course Duration: 3 days Vulnerability Analysis / Penetration Testing Breach of network security is a growing problem faced by many organisations worldwide and it is becoming complex as intruders resort to highly advanced methods to gain access. This course exposes participants to network vulnerabilities, the methods used by intruders to gain access into a network system and tools used to ward off such attacks. The course revolves around a series of hands-on exercises based on techniques for penetrating into a network and defending against attacks. It focuses on attack techniques, exploit techniques, vulnerability assessment and penetrating testing techniques. Participants will gain skills to perform penetration testing and countermeasures for the organisations. Target Audience: Incident Responders, Network and System Administrators, CIRT/CSIRT Personnel, IT/ Auditors Delivery Mode: Lectures with presentation slides, case studies and extensive hands-on exercises. Pre-requisite: Basic knowledge and skills in network architectures and operating systems NetFlow Analysis This course focuses on network analysis and hunting of malicious activity from a security operations centre s perspective. It provides an understanding of NetFlow data format, common netflow collection, analysis, and visualization tools. It would cover NetFlow strengths, operational limitations of NetFlow, strategic sensor placement, NetFlow tools, visualization of network data, analytic trade craft for network situational awareness, and networking hunting scenarios. Target Audience: Incident Responders, Network and System Administrators, CIRT/CSIRT Personnel, IT/ Auditors, Network Administrator, System Administrators. Course Duration: 3 days Delivery Mode: Lectures with presentation slides, case studies, and extensive hands-on exercises.

8 2.4 Application Business applications and processes increasingly moving towards the web services and adopting the software-as-a-service (SaaS) model, many organisations today are exposing data and critical business services to untested or insecure web-based applications. These applications with inadequate or non-existent security offer opportunity for malicious hackers to access your critical database containing customer information, credit card data, proprietary data or classified information. Participants will gain skills on how to assess applications from a hacker s perspective, understand application security vulnerabilities, and learn how to mitigate these security holes so they are never exploited by a hacker Web Application Understanding web application attack vectors is critical for web application developers responsible for maintaining and securing a web-based system. Web application vulnerabilities have been the cause of computer security breaches for organisations. Businesses and customer-related information are the target of web application attacks. This course covers common methods for attacking web applications, such as SQL Injection, Cross-Site Scripting, command injection, data leakage attacks, session hijacking and PHP/Javascript/ASP vulnerabilities. Basic vulnerability discovery in web applications will also be covered, as well as secure coding techniques and the OWASP. Target Audience: Web Application Developers, Penetration Testers, Web Application Testers. Pre-requisite: Some understanding of programming is required, preferably PHP, Javascript, or ASP Law Enforcement Cyber criminals today are targeting organisations with the intent of stealing confidential and financial information to commit crime. Using the internet platform, this criminal activity is highly possible due to unsecured application, systems, and networks. When these cyber criminal falls in the hand of law enforcement, the officer must be well versed in conducting investigation, analysis and reporting using relevant tools and techniques to assist and bring in the culprits to justice Cyber crime investigation for Law Enforcement This network investigations course is tailored specifically to the needs of law enforcement officers who are investigating cyber crimes. The course will begin by reviewing the common types of cyber crimes, how criminal activities are conducted on the Internet, the tools and motivations driving the Internet as a medium for criminal activity. It investigates how Internet crime is commited using tools such as Botnets, DDoS attacks, illicit file hosting, underground economy marketplaces, spam, phishing, extortion, and more. The course demonstrates common hacking activities through web application exploits, remote operating system, application exploits, social engineering and web drive-by attacks. The objective of the course is to give law enforcement officers a full set of tools and knowledge for conducting effective network investigations. Target Audience: Law Enforcement Officers and support staff.

9 Scholarship As a global, non-profit organisation, ITU-IMPACT has received generous donations from leading information security training providers. These organisations are widely acknowledged as the top information security certification bodies in the world and are renowned for providing exceptional high quality courses and certifications recognised throughout the information security community. These funds enable ITU-IMPACT to offer highly sought-after training courses to qualified security professionals from any one of our partner countries. EC-Council Information Training Sponsorship Programme (ISTP) ISTP is co-sponsored by EC-Council and is part of ITU-IMPACT s global agenda to combat cyber threats. The courses are awarded to selected recipients from ITU-IMPACT partner countries. ITU-IMPACT is seeking suitable candidates with technical background in cybersecurity, good communication and presentation skills, and have keen interest in becoming a cybersecurity trainer in support of the scholarship programme. The EC-Council programmes identified under the ISTSP are Network Administrator (E NSA), Certified Ethical Hacker (C EH), Computer Hacking Forensics Investigators (C HFI), Certified Analyst (E CSA), Licensed Penetration Tester (L PT) and Certified Disaster Recovery Professional (E DRP). About ITU-IMPACT Centre for Training and Skills Development The centre provides world-class training in cybersecurity. All training courses, specialised seminars and workshops are conducted in collaboration with the leading ICT companies and institutions that include ITU, EC-Council, (ISC) 2 and Honeynet Project. Our specialised courses bring together global expertise in a broad range of specialisations, allowing ITU-IMPACT to work with governments and individual organisations to build internal capabilities in order to secure vital infrastructure, mitigate threats and respond to unauthorised or unlawful activities. We carefully examine the needs and desires of our partner countries with an eye toward continual improvement and development. As future requirements are identified, ITU-IMPACT will strive to develop and deploy effective training courses to meet specific needs of information security practitioners and professionals. For more information or enquiries, please contact: International Multilateral Partnership Against Cyber Threats (IMPACT) Jalan IMPACT Cyberjaya Malaysia T: +60 (3) F: +60 (3) E: W:

(BDT) BDT/POL/CYB/Circular-002. +41 22 730 6057 +41 22 730 5484 cybersecurity@itu.int

(BDT) BDT/POL/CYB/Circular-002. +41 22 730 6057 +41 22 730 5484 cybersecurity@itu.int 2011 15 (BDT) BDT/POL/CYB/Circular-002 +41 22 730 6057 +41 22 730 5484 cybersecurity@itu.int 2008 2010 2010 International Telecommunication Union Place des Nations CH-1211 Geneva 20 Switzerland Tel: +41

More information

External Supplier Control Requirements

External Supplier Control Requirements External Supplier Control s Cyber Security For Suppliers Categorised as Low Cyber Risk 1. Asset Protection and System Configuration Barclays Data and the assets or systems storing or processing it must

More information

InfoSec Academy Application & Secure Code Track

InfoSec Academy Application & Secure Code Track Fundamental Courses Foundational Courses InfoSec Academy Specialized Courses Advanced Courses Certification Preparation Courses Certified Information Systems Security Professional (CISSP) Texas Security

More information

CYBER SECURITY TRAINING SAFE AND SECURE

CYBER SECURITY TRAINING SAFE AND SECURE CYBER SECURITY TRAINING KEEPING YOU SAFE AND SECURE Experts in Cyber Security training. Hardly a day goes by without a cyber attack being reported. With this ever-increasing threat there is a growing need

More information

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES www.kaspersky.com EXPERT SERVICES Expert Services from Kaspersky Lab are exactly that the services of our in-house experts, many of them global

More information

Course Descriptions November 2014

Course Descriptions November 2014 Master of Science In Information Security Management Course Descriptions November 2014 Master of Science in Information Security Management The Master of Science in Information Security Management (MSISM)

More information

The Cyber Threat Profiler

The Cyber Threat Profiler Whitepaper The Cyber Threat Profiler Good Intelligence is essential to efficient system protection INTRODUCTION As the world becomes more dependent on cyber connectivity, the volume of cyber attacks are

More information

Cybersecurity and internal audit. August 15, 2014

Cybersecurity and internal audit. August 15, 2014 Cybersecurity and internal audit August 15, 2014 arket insights: what we are seeing so far? 60% of organizations see increased risk from using social networking, cloud computing and personal mobile devices

More information

WHAT ARE THE BENEFITS OF OUTSOURCING NETWORK SECURITY?

WHAT ARE THE BENEFITS OF OUTSOURCING NETWORK SECURITY? WHAT ARE THE BENEFITS OF OUTSOURCING NETWORK SECURITY? Contents Introduction.... 3 What Types of Network Security Services are Available?... 4 Penetration Testing and Vulnerability Assessment... 4 Cyber

More information

Cyber Security. A professional qualification awarded in association with University of Manchester Business School

Cyber Security. A professional qualification awarded in association with University of Manchester Business School ICA Advanced Certificate in Cyber Security A professional qualification awarded in association with University of Manchester Business School An Introduction to the ICA Advanced Certificate In Cyber Security

More information

Auditing After a Cyber Attack JAX IIA Chapter Meeting Cybersecurity and Law Enforcement

Auditing After a Cyber Attack JAX IIA Chapter Meeting Cybersecurity and Law Enforcement Auditing After a Cyber Attack JAX IIA Chapter Meeting Cybersecurity and Law Enforcement Copyright Elevate Consult LLC. All Rights Reserved 1 Presenter Ray Guzman MBA, CISSP, CGEIT, CRISC, CISA Over 25

More information

Information Systems Security Certificate Program

Information Systems Security Certificate Program Information Technologies Programs Information Systems Security Certificate Program Accelerate Your Career extension.uci.edu/infosec University of California, Irvine Extension s professional certificate

More information

Protecting against cyber threats and security breaches

Protecting against cyber threats and security breaches Protecting against cyber threats and security breaches IBM APT Survival Kit Alberto Benavente Martínez abenaventem@es.ibm.com IBM Security Services Jun 11, 2015 (Madrid, Spain) 12015 IBM Corporation So

More information

Information Security Services

Information Security Services Information Security Services Information Security In 2013, Symantec reported a 62% increase in data breaches over 2012. These data breaches had tremendous impacts on many companies, resulting in intellectual

More information

Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015

Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015 Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence AIBA Quarterly Meeting September 10, 2015 The Answer 2 Everyone The relationship between the board, C-suite, IT, and compliance leaders

More information

EC-Council. Certified Ethical Hacker. Program Brochure

EC-Council. Certified Ethical Hacker. Program Brochure EC-Council C Certified E Ethical Hacker Program Brochure Course Description The (CEH) program is the core of the most desired information security training system any information security professional

More information

e-discovery Forensics Incident Response

e-discovery Forensics Incident Response e-discovery Forensics Incident Response NetSecurity Corporation 21351 Gentry Drive Suite 230 Dulles, VA 20166 VA DCJS # 11-5605 Phone: 703.444.9009 Toll Free: 1.866.664.6986 Web: www.netsecurity.com Email:

More information

Security Intelligence Services. Cybersecurity training. www.kaspersky.com

Security Intelligence Services. Cybersecurity training. www.kaspersky.com Kaspersky Security Intelligence Services. Cybersecurity training www.kaspersky.com CYBERSECURITY TRAINING Leverage Kaspersky Lab s cybersecurity knowledge, experience and intelligence through these innovative

More information

ETHICAL HACKING 010101010101APPLICATIO 00100101010WIRELESS110 00NETWORK1100011000 101001010101011APPLICATION0 1100011010MOBILE0001010 10101MOBILE0001

ETHICAL HACKING 010101010101APPLICATIO 00100101010WIRELESS110 00NETWORK1100011000 101001010101011APPLICATION0 1100011010MOBILE0001010 10101MOBILE0001 001011 1100010110 0010110001 010110001 0110001011000 011000101100 010101010101APPLICATIO 0 010WIRELESS110001 10100MOBILE00010100111010 0010NETW110001100001 10101APPLICATION00010 00100101010WIRELESS110

More information

Security-as-a-Service (Sec-aaS) Framework. Service Introduction

Security-as-a-Service (Sec-aaS) Framework. Service Introduction Security-as-a-Service (Sec-aaS) Framework Service Introduction Need of Information Security Program In current high-tech environment, we are getting more dependent on information systems. This dependency

More information

Threat Intelligence Pty Ltd info@threatintelligence.com 1300 809 437. Specialist Security Training Catalogue

Threat Intelligence Pty Ltd info@threatintelligence.com 1300 809 437. Specialist Security Training Catalogue Threat Intelligence Pty Ltd info@threatintelligence.com 1300 809 437 Specialist Security Training Catalogue Did you know that the faster you detect a security breach, the lesser the impact to the organisation?

More information

Continuous Network Monitoring

Continuous Network Monitoring Continuous Network Monitoring Eliminate periodic assessment processes that expose security and compliance programs to failure Continuous Network Monitoring Continuous network monitoring and assessment

More information

Into the cybersecurity breach

Into the cybersecurity breach Into the cybersecurity breach Tim Sanouvong State Sector Cyber Risk Services Deloitte & Touche LLP April 3, 2015 Agenda Setting the stage Cyber risks in state governments Cyber attack vectors Preparing

More information

Logical Operations CyberSec First Responder: Threat Detection and Response (CFR) Exam CFR-110

Logical Operations CyberSec First Responder: Threat Detection and Response (CFR) Exam CFR-110 Logical Operations CyberSec First Responder: Threat Detection and Response (CFR) Exam CFR-110 Exam Information Candidate Eligibility: The CyberSec First Responder: Threat Detection and Response (CFR) exam

More information

InfoSec Academy Forensics Track

InfoSec Academy Forensics Track Fundamental Courses Foundational Courses InfoSec Academy Specialized Courses Advanced Courses Certification Preparation Courses Certified Information Systems Security Professional (CISSP) Texas Security

More information

A Decision Maker s Guide to Securing an IT Infrastructure

A Decision Maker s Guide to Securing an IT Infrastructure A Decision Maker s Guide to Securing an IT Infrastructure A Rackspace White Paper Spring 2010 Summary With so many malicious attacks taking place now, securing an IT infrastructure is vital. The purpose

More information

Legislative Council Panel on Information Technology and Broadcasting. Information Security

Legislative Council Panel on Information Technology and Broadcasting. Information Security For Information on 8 July 2013 LC Paper No. CB(4)834/12-13(05) Legislative Council Panel on Information Technology and Broadcasting Information Security Purpose This paper updates Members on the latest

More information

National Cyber Security Policy -2013

National Cyber Security Policy -2013 National Cyber Security Policy -2013 Preamble 1. Cyberspace 1 is a complex environment consisting of interactions between people, software and services, supported by worldwide distribution of information

More information

SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Job Profiles

SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Job Profiles PNNL-24138 SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Job Profiles March 2015 LR O Neil TJ Conway DH Tobey FL Greitzer AC Dalton PK Pusey Prepared for the

More information

Cyber Security in Taiwan's Government Institutions: From APT To. Investigation Policies

Cyber Security in Taiwan's Government Institutions: From APT To. Investigation Policies Cyber Security in Taiwan's Government Institutions: From APT To Investigation Policies Ching-Yu, Hung Investigation Bureau, Ministry of Justice, Taiwan, R.O.C. Abstract In this article, we introduce some

More information

Web application security Executive brief Managing a growing threat: an executive s guide to Web application security.

Web application security Executive brief Managing a growing threat: an executive s guide to Web application security. Web application security Executive brief Managing a growing threat: an executive s guide to Web application security. Danny Allan, strategic research analyst, IBM Software Group Contents 2 Introduction

More information

ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES

ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES Leonard Levy PricewaterhouseCoopers LLP Session ID: SEC-W03 Session Classification: Intermediate Agenda The opportunity Assuming

More information

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available

More information

Defensible Strategy To. Cyber Incident Response

Defensible Strategy To. Cyber Incident Response Cyber Incident Response Defensible Strategy To Cyber Incident Response Cyber Incident Response Plans Every company should develop a written plan (cyber incident response plan) that identifies cyber attack

More information

CompTIA Security+ (Exam SY0-410)

CompTIA Security+ (Exam SY0-410) CompTIA Security+ (Exam SY0-410) Length: Location: Language(s): Audience(s): Level: Vendor: Type: Delivery Method: 5 Days 182, Broadway, Newmarket, Auckland English, Entry Level IT Professionals Intermediate

More information

IT Security Testing Services

IT Security Testing Services Context Information Security T +44 (0)207 537 7515 W www.contextis.com E gcloud@contextis.co.uk IT Security Testing Services Context Information Security Contents 1 Introduction to Context Information

More information

EC Council Certified Ethical Hacker V8

EC Council Certified Ethical Hacker V8 Course Code: ECCEH8 Vendor: Cyber Course Overview Duration: 5 RRP: 2,445 EC Council Certified Ethical Hacker V8 Overview This class will immerse the delegates into an interactive environment where they

More information

SECURITY. Risk & Compliance Services

SECURITY. Risk & Compliance Services SECURITY Risk & Compliance s V1 8/2010 Risk & Compliances s Risk & compliance services Summary Summary Trace3 offers a full and complete line of security assessment services designed to help you minimize

More information

Symantec Cyber Threat Analysis Program Program Overview. Symantec Cyber Threat Analysis Program Team

Symantec Cyber Threat Analysis Program Program Overview. Symantec Cyber Threat Analysis Program Team Symantec Cyber Threat Analysis Program Symantec Cyber Threat Analysis Program Team White Paper: Symantec Security Intelligence Services Symantec Cyber Threat Analysis Program Contents Overview...............................................................................................

More information

Helmi Rais CERT-TCC Team Manager National Agency for Computer Security, Tunisia helmi.rais@ansi.tn helmi.rais@gmail.com

Helmi Rais CERT-TCC Team Manager National Agency for Computer Security, Tunisia helmi.rais@ansi.tn helmi.rais@gmail.com Promoting a Cybersecurity Culture: Tunisian Experience ITU Regional Cybersecurity Forum for Eastern and Southern Africa Lusaka, Zambia, 25-28 August 2008 Helmi Rais CERT-TCC Team Manager National Agency

More information

Penetration Testing Services. Demonstrate Real-World Risk

Penetration Testing Services. Demonstrate Real-World Risk Penetration Testing Services Demonstrate Real-World Risk Penetration Testing Services The best way to know how intruders will actually approach your network is to simulate a real-world attack under controlled

More information

Information Security Engineering

Information Security Engineering Master of Science In Information Security Engineering Course Descriptions November 2014 Master of Science in Information Security Engineering The program of study for the Master of Science in Information

More information

INFORMATION SECURITY TRAINING CATALOG (2015)

INFORMATION SECURITY TRAINING CATALOG (2015) INFORMATICS AND INFORMATION SECURITY RESEARCH CENTER CYBER SECURITY INSTITUTE INFORMATION SECURITY TRAINING CATALOG (2015) Revision 3.0 2015 TÜBİTAK BİLGEM SGE Siber Güvenlik Enstitüsü P.K. 74, Gebze,

More information

How Your Current IT Security System Might Be Leaving You Exposed TAKEAWAYS CHALLENGES WHITE PAPER

How Your Current IT Security System Might Be Leaving You Exposed TAKEAWAYS CHALLENGES WHITE PAPER WHITE PAPER CHALLENGES Protecting company systems and data from costly hacker intrusions Finding tools and training to affordably and effectively enhance IT security Building More Secure Companies (and

More information

Internal audit of cybersecurity. Presentation to the Atlanta IIA Chapter January 2015

Internal audit of cybersecurity. Presentation to the Atlanta IIA Chapter January 2015 Internal audit of cybersecurity Presentation to the Atlanta IIA Chapter January 2015 Agenda Executive summary Why is this topic important? Cyber attacks: increasing complexity arket insights: What are

More information

CYBERTRON NETWORK SOLUTIONS

CYBERTRON NETWORK SOLUTIONS CYBERTRON NETWORK SOLUTIONS CybertTron Certified Ethical Hacker (CT-CEH) CT-CEH a Certification offered by CyberTron @Copyright 2015 CyberTron Network Solutions All Rights Reserved CyberTron Certified

More information

Microsoft s cybersecurity commitment

Microsoft s cybersecurity commitment Microsoft s cybersecurity commitment Published January 2015 At Microsoft, we take the security and privacy of our customers data seriously. This focus has been core to our culture for more than a decade

More information

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved. Cyber Security Automation of energy systems provides attack surfaces that previously did not exist Cyber attacks have matured from teenage hackers to organized crime to nation states Centralized control

More information

Attachment A. Identification of Risks/Cybersecurity Governance

Attachment A. Identification of Risks/Cybersecurity Governance Attachment A Identification of Risks/Cybersecurity Governance 1. For each of the following practices employed by the Firm for management of information security assets, please provide the month and year

More information

Information Security. Training

Information Security. Training Information Security Training Importance of Information Security Training There is only one way to keep your product plans safe and that is by having a trained, aware and a conscientious workforce. - Kevin

More information

Threat landscape how are you getting attacked and what can you do better protect yourself and your e-commerce platform

Threat landscape how are you getting attacked and what can you do better protect yourself and your e-commerce platform Threat landscape how are you getting attacked and what can you do better protect yourself and your e-commerce platform Sebastian Zabala Senior Systems Engineer 2013 Trustwave Holdings, Inc. 1 THREAT MANAGEMENT

More information

Hackers are here. Where are you?

Hackers are here. Where are you? 1 2 What is EC-Council Certified Security Analyst Licensed Penetration Tester Program You are an ethical hacker. Your last name is Pwned. You dream about enumeration and you can scan networks in your sleep.

More information

DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER

DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND Introduction > New security threats are emerging all the time, from new forms of malware and web application exploits that target

More information

Internet Safety and Security: Strategies for Building an Internet Safety Wall

Internet Safety and Security: Strategies for Building an Internet Safety Wall Internet Safety and Security: Strategies for Building an Internet Safety Wall Sylvanus A. EHIKIOYA, PhD Director, New Media & Information Security Nigerian Communications Commission Abuja, NIGERIA Internet

More information

CESG Certification of Cyber Security Training Courses

CESG Certification of Cyber Security Training Courses CESG Certification of Cyber Security Training Courses Supporting Assessment Criteria for the CESG Certified Training (CCT) Scheme Portions of this work are copyright The Institute of Information Security

More information

COMPANY PROFILE REV 4.0

COMPANY PROFILE REV 4.0 COMPANY PROFILE REV 4.0 Company Background and Core Values Secor is a highly innovative company based in Lebanon and Dubai, focusing on the exploding market of the information security in the Middle East

More information

Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model

Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model Stéphane Hurtaud Partner Governance Risk & Compliance Deloitte Laurent De La Vaissière Director Governance Risk & Compliance

More information

What keep the CIO up at Night Managing Security Nightmares

What keep the CIO up at Night Managing Security Nightmares What keep the CIO up at Night Managing Security Nightmares Tajul Muhammad Taha and Law SC Copyright 2011 Trend Micro Inc. What is CIOs real NIGHTMARES? Security Threats Advance Persistence Threats (APT)

More information

Course 4202: Fraud Awareness and Cyber Security Workshop (3 days)

Course 4202: Fraud Awareness and Cyber Security Workshop (3 days) Course introduction It is vital to ensure that your business is protected against the threats of fraud and cyber crime and that operational risk processes are in place. This three-day course provides an

More information

Hackers are here. Where are you?

Hackers are here. Where are you? 1 2 What is EC-Council Certified Security Analyst Licensed Penetration Tester Program You are an ethical hacker. Your last name is Pwned. You dream about enumeration and you can scan networks in your sleep.

More information

How small and medium-sized enterprises can formulate an information security management system

How small and medium-sized enterprises can formulate an information security management system How small and medium-sized enterprises can formulate an information security management system Royal Holloway Information Security Thesis Series Information security for SMEs Vadim Gordas, MSc (RHUL) and

More information

The Next Generation of Security Leaders

The Next Generation of Security Leaders The Next Generation of Security Leaders In an increasingly complex cyber world, there is a growing need for information security leaders who possess the breadth and depth of expertise necessary to establish

More information

Defending against modern threats Kruger National Park ICCWS 2015

Defending against modern threats Kruger National Park ICCWS 2015 Defending against modern threats Kruger National Park ICCWS 2015 Herman Opperman (CISSP, ncse, MCSE-Sec) - Architect, Cybersecurity Global Practice Microsoft Corporation Trends from the field Perimeter

More information

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,

More information

05.0 Application Development

05.0 Application Development Number 5.0 Policy Owner Information Security and Technology Policy Application Development Effective 01/01/2014 Last Revision 12/30/2013 Department of Innovation and Technology 5. Application Development

More information

Where every interaction matters.

Where every interaction matters. Where every interaction matters. Peer 1 Vigilant Web Application Firewall Powered by Alert Logic The Open Web Application Security Project (OWASP) Top Ten Web Security Risks and Countermeasures White Paper

More information

Session 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness

Session 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness Session 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness Wayne A. Wheeler The Aerospace Corporation GSAW 2015, Los Angeles, CA, March 2015 Agenda Emerging cyber

More information

Compliance. Review. Our Compliance Review is based on an in-depth analysis and evaluation of your organization's:

Compliance. Review. Our Compliance Review is based on an in-depth analysis and evaluation of your organization's: Security.01 Penetration Testing.02 Compliance Review.03 Application Security Audit.04 Social Engineering.05 Security Outsourcing.06 Security Consulting.07 Security Policy and Program.08 Training Services

More information

AUSTRALIAN GOVERNMENT INFORMATION MANAGEMENT OFFICE CYBER SECURITY CAPABILITY FRAMEWORK & MAPPING OF ISM ROLES

AUSTRALIAN GOVERNMENT INFORMATION MANAGEMENT OFFICE CYBER SECURITY CAPABILITY FRAMEWORK & MAPPING OF ISM ROLES AUSTRALIAN GOVERNMENT INFORMATION MANAGEMENT OFFICE CYBER SECURITY CAPABILITY FRAMEWORK & MAPPING OF ISM ROLES Final Report Prepared by Dr Janet Tweedie & Dr Julie West June 2010 Produced for AGIMO by

More information

Master of Science in Information Systems & Security Management. Courses Descriptions

Master of Science in Information Systems & Security Management. Courses Descriptions Master of Science in Information Systems & Security Management Security Related Courses Courses Descriptions ISSM 530. Information Security. 1 st Semester. Lect. 3, 3 credits. This is an introductory course

More information

I D C A N A L Y S T C O N N E C T I O N

I D C A N A L Y S T C O N N E C T I O N I D C A N A L Y S T C O N N E C T I O N Robert Westervelt Research Manager, Security Products T h e R o l e a nd Value of Continuous Security M o nitoring August 2015 Continuous security monitoring (CSM)

More information

Cisco Security Optimization Service

Cisco Security Optimization Service Cisco Security Optimization Service Proactively strengthen your network to better respond to evolving security threats and planned and unplanned events. Service Overview Optimize Your Network for Borderless

More information

Complete Web Application Security. Phase1-Building Web Application Security into Your Development Process

Complete Web Application Security. Phase1-Building Web Application Security into Your Development Process Complete Web Application Security Phase1-Building Web Application Security into Your Development Process Table of Contents Introduction 3 Thinking of security as a process 4 The Development Life Cycle

More information

CYBERSECURITY BEST PRACTICES FOR SMALL AND MEDIUM PENNSYLVANIA UTILITIES

CYBERSECURITY BEST PRACTICES FOR SMALL AND MEDIUM PENNSYLVANIA UTILITIES CYBERSECURITY BEST PRACTICES FOR SMALL AND MEDIUM PENNSYLVANIA UTILITIES The information provided in this document is presented as a courtesy to be used for informational purposes only. This information

More information

The Business Case for Security Information Management

The Business Case for Security Information Management The Essentials Series: Security Information Management The Business Case for Security Information Management sponsored by by Dan Sullivan Th e Business Case for Security Information Management... 1 Un

More information

HOSTING. Managed Security Solutions. Managed Security. ECSC Solutions

HOSTING. Managed Security Solutions. Managed Security. ECSC Solutions Managed Security Managed Security MANAGED SECURITY SOLUTIONS I would highly recommend for your company s network review... were by far the best company IT Manager, Credit Management Agency Presenting IT

More information

FedVTE Training Catalog SUMMER 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

FedVTE Training Catalog SUMMER 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov FedVTE Training Catalog SUMMER 2015 advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov Access FedVTE online at: fedvte.usalearning.gov If you need any assistance please

More information

Course Title: Penetration Testing: Network & Perimeter Testing

Course Title: Penetration Testing: Network & Perimeter Testing Course Title: Penetration Testing: Network & Perimeter Testing Page 1 of 7 Course Description: The Security Analyst Series from EC-Council Press is comprised of five books covering a broad base of topics

More information

CFIR - Finance IT 2015 Cyber security September 2015

CFIR - Finance IT 2015 Cyber security September 2015 www.pwc.dk Cyber security Audit. Tax. Consulting. Our global team and credentials Our team helps organisations understand dynamic cyber challenges, adapt and respond to risks inherent to their business

More information

KEY STEPS FOLLOWING A DATA BREACH

KEY STEPS FOLLOWING A DATA BREACH KEY STEPS FOLLOWING A DATA BREACH Introduction This document provides key recommended steps to be taken following the discovery of a data breach. The document does not constitute an exhaustive guideline,

More information

defense through discovery

defense through discovery defense through discovery about krypton krypton is an advisory and consulting services firm, specialized in the domain of information technology (it) and it-related security krypton is a partnership amongst

More information

Information Technology Security Review April 16, 2012

Information Technology Security Review April 16, 2012 Information Technology Security Review April 16, 2012 The Office of the City Auditor conducted this project in accordance with the International Standards for the Professional Practice of Internal Auditing

More information

defending against advanced persistent threats: strategies for a new era of attacks agility made possible

defending against advanced persistent threats: strategies for a new era of attacks agility made possible defending against advanced persistent threats: strategies for a new era of attacks agility made possible security threats as we know them are changing The traditional dangers IT security teams have been

More information

Protecting critical infrastructure from Cyber-attack

Protecting critical infrastructure from Cyber-attack Protecting critical infrastructure from Cyber-attack ACI-NA BIT Workshop, Session 6 (Cybersecurity) Long Beach, California October 4, 2015 Ben Trethowan Aviation Systems & Security Architect The scale

More information

Emerging Network Security Threats and what they mean for internal auditors. December 11, 2013 John Gagne, CISSP, CISA

Emerging Network Security Threats and what they mean for internal auditors. December 11, 2013 John Gagne, CISSP, CISA Emerging Network Security Threats and what they mean for internal auditors December 11, 2013 John Gagne, CISSP, CISA 0 Objectives Emerging Risks Distributed Denial of Service (DDoS) Attacks Social Engineering

More information

Protecting Your Organisation from Targeted Cyber Intrusion

Protecting Your Organisation from Targeted Cyber Intrusion Protecting Your Organisation from Targeted Cyber Intrusion How the 35 mitigations against targeted cyber intrusion published by Defence Signals Directorate can be implemented on the Microsoft technology

More information

CAST CENTER FOR ADVANCED SECURITY TRAINING. CAST618 Designing and Implementing Cloud Security CAST

CAST CENTER FOR ADVANCED SECURITY TRAINING. CAST618 Designing and Implementing Cloud Security CAST CENTER FOR ADVANCED SECURITY TRAINING 618 Designing and Implementing Cloud Security About EC-Council Center of Advanced Security Training () The rapidly evolving information security landscape now requires

More information

How to start a software security initiative within your organization: a maturity based and metrics driven approach OWASP

How to start a software security initiative within your organization: a maturity based and metrics driven approach OWASP How to start a software security initiative within your organization: a maturity based and metrics driven approach Marco Morana OWASP Lead/ TISO Citigroup OWASP Application Security For E-Government Copyright

More information

Rational AppScan & Ounce Products

Rational AppScan & Ounce Products IBM Software Group Rational AppScan & Ounce Products Presenters Tony Sisson and Frank Sassano 2007 IBM Corporation IBM Software Group The Alarming Truth CheckFree warns 5 million customers after hack http://infosecurity.us/?p=5168

More information

Defense-in-Depth Strategies for Secure, Open Remote Access to Control System Networks

Defense-in-Depth Strategies for Secure, Open Remote Access to Control System Networks Defense-in-Depth Strategies for Secure, Open Remote Access to Control System Networks A look at multi-vendor access strategies Joel Langill TÜV FSEng ID-1772/09, CEH, CPT, CCNA Security Consultant / Staff

More information

Cyber Security Metrics Dashboards & Analytics

Cyber Security Metrics Dashboards & Analytics Cyber Security Metrics Dashboards & Analytics Feb, 2014 Robert J. Michalsky Principal, Cyber Security NJVC, LLC Proprietary Data UNCLASSIFIED Agenda Healthcare Sector Threats Recent History Security Metrics

More information

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS CONTENTS PAGE RECONNAISSANCE STAGE 4 INCURSION STAGE 5 DISCOVERY STAGE 6 CAPTURE STAGE 7 EXFILTRATION STAGE

More information

Evolving Threats and Attacks: A Cloud Service Provider s viewpoint. John Howie Senior Director Online Services Security and Compliance

Evolving Threats and Attacks: A Cloud Service Provider s viewpoint. John Howie Senior Director Online Services Security and Compliance Evolving Threats and Attacks: A Cloud Service Provider s viewpoint John Howie Senior Director Online Services Security and Compliance Introduction Microsoft s Cloud Infrastructure Evolution of Threats

More information

FedVTE Training Catalog SPRING 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

FedVTE Training Catalog SPRING 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov FedVTE Training Catalog SPRING 2015 advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov If you need any assistance please contact the FedVTE Help Desk here or email the

More information

EC-Council Ethical Hacking and Countermeasures

EC-Council Ethical Hacking and Countermeasures EC-Council Ethical Hacking and Countermeasures Description This class will immerse the students into an interactive environment where they will be shown how to scan, test, hack and secure their own systems.

More information

Secure by design: taking a strategic approach to cybersecurity

Secure by design: taking a strategic approach to cybersecurity Secure by design: taking a strategic approach to cybersecurity The cybersecurity market is overly focused on auditing policy compliance and performing vulnerability testing when the level of business risk

More information

Cybercrime & Cybersecurity: the Ongoing Battle International Hellenic University

Cybercrime & Cybersecurity: the Ongoing Battle International Hellenic University Cybercrime & Cybersecurity: the Ongoing Battle International Hellenic University Andreas Athanasoulias, CISM, CISSP Information Security Officer & Security Consultant Brief introduction My career path

More information

Practical Steps To Securing Process Control Networks

Practical Steps To Securing Process Control Networks Practical Steps To Securing Process Control Networks Villanova University Seminar Rich Mahler Director, Commercial Cyber Solutions Lockheed Martin Lockheed Martin Corporation 2014. All Rights Reserved.

More information

CYBERSTRAT IS PART OF GMTL LLP, 26 YORK STREET, LONDON, W1U 6PZ, UNITED KINGDOM WWW.CYBERSTRAT.CO INFO@CYBERSTRAT.CO

CYBERSTRAT IS PART OF GMTL LLP, 26 YORK STREET, LONDON, W1U 6PZ, UNITED KINGDOM WWW.CYBERSTRAT.CO INFO@CYBERSTRAT.CO CYBERSTRAT IS PART OF GMTL LLP, 26 YORK STREET, LONDON, W1U 6PZ, UNITED KINGDOM WWW.CYBERSTRAT.CO INFO@CYBERSTRAT.CO CYBER, INFORMATION SECURITY - OVERVIEW A cyber security breach is no longer just an

More information

CGI Cyber Risk Advisory and Management Services for Insurers

CGI Cyber Risk Advisory and Management Services for Insurers CGI Cyber Risk Advisory and Management Services for Insurers Minimizing Cyber Risks cgi.com 3 As organizations seek to create value in today s highly interconnected world, they inherently increase their

More information