Cyber Security Operations Specialist

Transcription

1 DigiSAFE Cyber Security Centre ST Electronics (Info-Security) Pte Ltd ST Electronics (Info-Security) Page 1

2 Cyber Security Operations Essentials: Live cyber security training to build Detection, Response & Recovery capability In today s ever-evolving security environment, organisations, enterprises and governmental institutions face new threats and the possibility of cyber-attacks every day. To counter these threats, organisations invest heavily in the Protection aspect of cyber security to safeguard their business systems. At the same time, infosecurity or cyber security teams are sent for training for more in-depth knowledge in cyber security, so that they can lay the right foundation. Yet, breaches occur. Knowledge is Important, Response is Essential Clearly, knowledge in the techniques required to secure your organisation s critical IT assets and business systems is important. Operational skills to detect genuine cyber threats, respond adequately, and recover appropriately in the event of compromise, however, is beyond important. It is critical. Operational-centric cyber security training allows trainees to hone their cyber security cognitive and analytical skillsets on real-world, live networks, with real malware and exploits. Whether you are a cyber security professional, or an IT professional tasked to manage your business s IT infrastructure, (CSOS) centres on equipping you and your team with the right skillsets and competencies to keep an organisation secure not just in head-based knowledge, but in operational proficiency. Specifically, CSOS focuses on the cognitive and analytical abilities of participants, in addition to knowledge. CSOS s emphasis is on equipping participants with cyber defence operational skillsets that will be ingrained in individuals on a day-to-day basis. Who Should Attend Cyber Security Professionals looking to upskill their level of security operations proficiency IT Professionals / Engineers looking to multi-skill themselves in cyber security operations or looking to take on a cyber security-related job role System / Network Administrators requiring a better understanding of cyber security operations Information Security Managers and Executives involved in cyber security operations Project Managers, Risk Managers and Compliance Managers who require an understanding of cyber security operations processes and outcomes ST Electronics (Info-Security) Page 2

3 Course Focus Real-World, Operations-Centric Cyber Defence Training State-of-the-Art Cyber Training Platform Emulation of real-world conditions such as network structure, network characteristics, and traffic, with real malware and exploits. True and accurate reflection of what it would be like to experience the entire kill-chain of cyberattack(s) in a controlled environment First in Singapore and the region Course Structure Day One a. Cyber Security Imperatives Cyber threats, trends, terms and terminologies CIA, AAA, standards, audit, compliance and regulations Cryptography and applications b. Network Technologies and Security Introduction to network systems, types and devices Secure network protocol (SSL/TLS, SSH) Introduction to network security devices (Firewall, IPS/IDS, SIEM, etc.) c. Server Systems and Logs Types and functions of servers (web, database, mail, AD, etc.) OS, servers and their event logs (Windows, Linux,IIS, Apache, Mssql, sendmail and etc.) Day Two d. Attack Methodology and Types Attack phases Types of vulnerabilities and attacks Web-based attack (OWASP top 10) e. Security Operations Centre and Incident Response Different types of information security incident Information security incident management framework Overview to SOC concepts and operations Threat identification, threat correlation, threat aggregation, threat filtering (through applications and server logs) Incident handling, response management, notification and reporting f. Security Products and Hands-On Checkpoint Firewall, Security Information and Event Management(SIEM) Monitoring tools such as Wireshark, Process Monitor Day Three to Five g. Security Operations Centre Cyber-Attack Scenario-based Exercises Exposure to real-world cyber-attack scenarios Developing detection, and response skills through team-based exercises ST Electronics (Info-Security) Page 3

4 About the Trainers Trainers conducting the include: Meny Har CTO and Principal Trainer Meny Har is the CTO of the DigiSAFE Cyber Security Centre, where leads the Centre s technology strategy and anchors all training curriculum and course design. He is also the Principal Trainer of DigiSAFE Cyber Security Centre. Meny possesses nearly a decade of experience in the cyber security industry. He has a rich and versatile technological background combining cyber security solution architecture and design as well as hands-on managerial cyber security experience as a Cyber Security Department Head for one of the Israeli Defense Forces (IDF) primary commands. Prior to joining the centre, Meny was the chief solution architect for Elbit System s cutting-edge Cyber Training System, where he led the design and development efforts for all aspects of the system. Additionally, Meny has spent many years of service in the IDF in the Info-Sec branch of the Intelligence Corps, most of which in commanding-managing positions. During that time, he led all security operations activities in one of IDF s primary commands and administered all of its Info-Sec strategy and policies. Meny also holds a B.Sc.in Computer and Electrical Engineering from the Hebrew University of Jerusalem, one of Israel s leading academic institutions. Chan Yue Meng Trainer Chan Yue Meng is a Cyber Security Analyst and Researcher, as well as Trainer at ST Electronics (Info- Security) Pte Ltd. A part of ST Engineering Group s Security Operations Centre (SOC) team, he oversees all the security events on all Singapore Technologies companies. Yue Meng possesses over 14 years of experience in the area of systems and networks. In his current capacity, he examines current threats and methods of deliverance used to deliver the payload especially through web. His responsibilities include being the key malware analyst, who determines and verifies rules on new threat discovered. He also manages junior analysts and guides the team in analysing raw and correlated events triggered or collected by our existing SIEM. Yue Meng, too, plays a key role in the forensic team by providing md5sum of suspected malware which is overlooked by existing security infrastructure. He is familiar with penetration testing and actively tries to understand how an attacker thinks and operates as part of his overall cyber security work. Prior to that, Yue Meng was with the Infocomm Development Authority of Singapore (IDA) and seconded to the Ministry of Home Affairs (MHA) as part of a professional technical team which manages the SIEMS infrastructure and oversees the overall site deployment of SIEMS sensors at the customer sites. In that role, he is heavily involved in SOC operations too. ST Electronics (Info-Security) Page 4

5 Yue Meng s other roles include being the System Administrator of Nanyang Business School and MOL Ship Management, Network Administrator of Advance Network Technology Yue Meng holds a Bachelor of Science in Digital System Security from the University of Wollongong), Advanced Diploma in Networking and Communication and Specialist Diploma in Networking and Communication from Ngee Ann Polytechnic and Diploma in Computer Studies. His qualifications also include: Offensive Security Certified Professional (OSCP) GIAC Certified Incident Handler (GCIH) Red Hat Certified Technician Certified 3COM Network Administrator Cisco Certified Network Associate (CCNA) Zhang Youwei Trainer Zhang Youwei is a Cyber Security Engineer and Trainer at ST Electronics (Info-Security) Pte Ltd. He is experienced in the hardware aspects of Information Technology particularly quality assurance. More recently, Youwei redirected his focus to information security and cyber security. In his current capacity, Youwei is the Systems Lead for DigiSAFE Cyber Security Centre a Cyber Security Centre of Excellence housing a state-of-the-art Cyber Trainer Platform that delivers cyber scenarios-based experiential training, which is the first, and only-of-its-kind in Singapore and the region. He administers and operates the Cyber Trainer Platform for training, and also supports curriculum development and improvement. From a systems perspective, he is also the anchor in all customer and partner engagement. Prior to his current role, Youwei was with Advanced Micro Devices under the EDB LOT Programme. During his time in AMD, he was part of the Advanced Testing and Characterisation team with the responsibilities of formulating test scripts, analysing data and correlating subsequent results on new products. In that role, he received two awards, one individual and one as part of a group, for process improvement. Zhang Youwei holds a Bachelor of Engineering degree from National University of Singapore. He is also a Qualified Information Security Professional (AISP), and is pursuing a Certified Ethical Hacking (CEH) certification from EC Council. ST Electronics (Info-Security) Page 5

6 Course Details COURSE DETAILS Course Schedule: Time: Venue: Course Fees: Contact: Scheduled course runs for 2014: October November 1 5 December (Tentative) Day 1: Starts at 9:30am Day 2 to 5: Starts at 9:00am 5-day programme DigiSAFE Cyber Security Centre Jurong East Street 21, #04-02, Devan Nair Institute Singapore Scheduled course runs for 2015: January February March SGD$4,800 (Singaporeans and Permanent Residents) SGD$6,000 (Non-Singaporeans or Singaporean Permanent Residents) Singaporeans and PRs qualify for 70% WDA funding. Terms and Conditions apply. Ms Lai Yan Ting [email protected] Hotline: +(65) Note: (1) Not inclusive off Singapore goods and services tax (GST) (7%). (2) Course fees is inclusive of lunch. (3) ST Electronics (Info-Security) Pte Ltd reserves the right to make amendments to the course agenda without prior notice. Training Benefits Cyber Security Training based on DigiSAFE Cyber Security Centre s Cyber Trainer System benefits trainees by enhancing their ability to: 1. Appreciate the entire kill-chain of various cyber- attacks 2. Develop improved response to cyber attacks 3. Enhance decision-making in the event of cyber-attacks 4. Enhance the collaboration between team mates working together HOW? 1. Be exposed to a myriad or real-world cyber-attacks and participate in the verification of an attack Sharper Detection 2. Gain deeper insights on the actions and steps that can be taken and participate in the evaluation of the organisational and business impact of every action taken against cyber attackers Better Response 3. Sharpen the skills of the team in mitigating against attacks and participate in discussing how future attacks can be thwarted Smarter Mitigation ST Electronics (Info-Security) Page 6

7 About DigiSAFE Cyber Security Centre ST Electronics (Info-Security) set up the DigiSAFE Cyber Security Centre to offer advanced training courses in cyber security to meet increasing industry demand for such expertise. Training at the centre is supported by a Cyber Trainer System that emulates real world attacks on enterprise networks in a controlled environment. Trainees learn how to apply tools to protect, detect, respond and recover their networks from various types of cyber attacks. All training is designed to be operation-centric and experiential based. Location DigiSAFE Cyber Security Centre 80 Jurong East Street 21 #04-02 Devan Nair Institute Singapore We Are Here ST Electronics (Info-Security) Page 7

8 DigiSAFE Cyber Security Centre 80 Jurong East Street 21 #04-02 Singapore Phone : (65) / (65) Fax : (65) [email protected] No part of this publication may be reproduced or transmitted in any form or for any purpose without the express permission of ST Electronics (Info-Security) Pte Ltd. The information contained herein may be changed without prior notice. These materials are provided by ST Electronics (Info-Security) Pte Ltd for informational purposes only, without representation or warranty of any kind, and ST Electronics (Info- Security) Pte Ltd shall not be liable for errors or omissions with respect to the materials. The only warranties for ST Electronics (Info-Security) Pte Ltd products and services are those that are set forth in the express warranty statements accompanying such products and services, if any. Nothing herein should be construed as constituting an additional warranty. ST Electronics (Info-Security) Page 8