Cybercrime & Cybersecurity: the Ongoing Battle International Hellenic University

Size: px
Start display at page:

Download "Cybercrime & Cybersecurity: the Ongoing Battle International Hellenic University"

Transcription

1 Cybercrime & Cybersecurity: the Ongoing Battle International Hellenic University Andreas Athanasoulias, CISM, CISSP Information Security Officer & Security Consultant

2 Brief introduction My career path Information Security: a growing expert area Defined? Domains Indicative Skillset Career Paths Certifications & Certification Bodies 2

3 Academic Path BSc. Computer Science Informatics & Telecommunications Department University of Athens Last semester: Cryptography, Computer Security Thesis: subject of Network Security MSc. Information Security Information Security Group (ISG) Royal Holloway University of London Security Management, Cryptography, Network Security, Computer Security, Software Security, Computer Crime, Smart Cards/Tokens & Security Dissertation: Fraud in electronic cards & countermeasures 3

4 Professional Path Information Security Consultant ITSRC BU Syntax IT Group (Greece & UAE) Penetration testing IT Governance, Risk & Compliance projects Solutions Enablement (various vendors) Business Unit Manager ITSRC BU Syntax IT Group (Greece & UAE) Information Security Officer & Security Consultant Uni Systems (Greece, Western & S-eastern Europe) Information Security Frameworks ISO & Risk Assessments Security Metrics Business Continuity Frameworks 4

5 Confidentiality Integrity Availability Information Security 5

6 Preservation of confidentiality, integrity and availability of information. In addition, other properties, such as authenticity, accountability, non-repudiation, and reliability can also be involved. ~ ISO 27000:2014 Ensures that within the enterprise, information is protected against disclosure to unauthorized users (confidentiality), improper modification (integrity), and non access when required (availability) ~ ISACA Glossary of Terms "Information security is the protection of information and minimizes the risk of exposing information to unauthorized parties." ~Venter and Eloff,

7 Attributed: JohnManuel, Wikipedia 7

8 Security & Risk Management Security, Risk, Compliance, Law, Regulations, Business Continuity Asset Security Classification, Retention, Data Security Security Engineering Engineering & Management of Security Communication & Network Security Design & protection of Network Security 8

9 Identity & Access Management Controlling Access & Managing Identity Security Assessment & Testing Design, perform & analyze security testing Security Operations Foundational Concepts, Investigations, Incident Management & Disaster Recovery Software Development Security Understand, apply and enforce software security 9

10 Application Security Data Loss Prevention Ethical Hacking (web, network, systems) Digital Forensics Governance Compliance Audit (Policies, Procedures, Management Systems) Incident Detection & Response Secure Code Development PKI Identity Management Business Continuity Security Operation Center Security Information & Event Management 10

11 Information Security Consultant Information Security Analyst Information Security Manager/ Officer Security Architect Security Administrator IT Risk & Compliance Manager Data Security Specialist Cloud Security Engineer (System, Network, Web) Penetration Tester Digital Forensics Analyst Incident Responder Malware Analyst Disaster Recovery/ Business Continuity Manager Security Operation Center (SOC) Analyst 11

12 CISSP Security Professionals CCSP Cloud HCISPP Healthcare & Regulations (ISC)² - International Information Systems Security Certification Consortium CSSLP Secure sw Developments SSCP Security Engineers CCFP Digital Forensics 12

13 CISA Auditors CRISC Risk & Information Systems Control ISACA - Information Systems Audit and Control Association CISM Security Managers CGEIT Governance 13

14 Security Administration GSE (expert) Forensics Legal GIAC Global Information Assurance Certification (powered by SANS) Management Software Security Audit 14

15 Ethical Hackers CISO Digital Forensics EC Council Disaster Recovery Professionals Security Analysts Incident Handlers 15

16 Offensive Security Offensive Security Certified Professional (OSCP) CompTIA Security+ CASP ISO certifications ISMS ISO LA & I BCMS ISO LA & I Cloud Security ISO (draft) 16

17 Uni Systems Copyright

18 Andreas Athanasoulias LinkedIn: https://gr.linkedin.com/pub/andreas-athanasoulias/41/7b4/552

Course and Service Portfolio Specialized IT courses for IT professional and organizations willing to take benefit from the competitive advantages

Course and Service Portfolio Specialized IT courses for IT professional and organizations willing to take benefit from the competitive advantages Course and Service Portfolio Specialized IT courses for IT professional and organizations willing to take benefit from the competitive advantages provided by international certifications Cyber & IT Governance

More information

Security Transcends Technology

Security Transcends Technology INTERNATIONAL INFORMATION SYSTEMS SECURITY CERTIFICATION CONSORTIUM, INC. Career Enhancement and Support Strategies for Information Security Professionals Paul Wang, MSc, CISA, CISSP Paul.Wang@ch.pwc.com

More information

Certification and Training

Certification and Training Certification and Training CSE 4471: Information Security Instructor: Adam C. Champion Autumn Semester 2013 Based on slides by a former student (CSE 551) Outline Organizational information security personnel

More information

Information Security Principles and Practices

Information Security Principles and Practices Information Security Principles and Practices by Mark Merkow and Jim Breithaupt Chapter 3: Certification Programs and the Common Body of Knowledge Certification & Information Security Industry standards,

More information

State of South Carolina InfoSec and Privacy Career Path Model

State of South Carolina InfoSec and Privacy Career Path Model State of South Carolina InfoSec and Privacy Career Path Model Start Introduction This Career Path Model for the State of South Carolina (State) is designed to help define the various career options available

More information

InfoSec Academy Application & Secure Code Track

InfoSec Academy Application & Secure Code Track Fundamental Courses Foundational Courses InfoSec Academy Specialized Courses Advanced Courses Certification Preparation Courses Certified Information Systems Security Professional (CISSP) Texas Security

More information

Profil stručnjaka za informacijsku sigurnost - certificirati se ili ne? Biljana Cerin, CISA, CISM, CGEIT, CBCP, PMP www.ostendogroup.

Profil stručnjaka za informacijsku sigurnost - certificirati se ili ne? Biljana Cerin, CISA, CISM, CGEIT, CBCP, PMP www.ostendogroup. Profil stručnjaka za informacijsku sigurnost - certificirati se ili ne? Biljana Cerin, CISA, CISM, CGEIT, CBCP, PMP www.ostendogroup.com DA! (by Global knowledge & TechRepublic) Top certifications by salary:

More information

Information Security Specialist Training on the Basis of ISO/IEC 27002

Information Security Specialist Training on the Basis of ISO/IEC 27002 Information Security Specialist Training on the Basis of ISO/IEC 27002 Natalia Miloslavskaya, Alexander Tolstoy Moscow Engineering Physics Institute (State University), Russia, {milmur, ait}@mephi.edu

More information

FedVTE Training Catalog SPRING 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

FedVTE Training Catalog SPRING 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov FedVTE Training Catalog SPRING 2015 advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov If you need any assistance please contact the FedVTE Help Desk here or email the

More information

Career Survey. 1. In which country are you based? 2. What is your job title? 3. Travel budget. 1 of 28. Response Count. answered question 88

Career Survey. 1. In which country are you based? 2. What is your job title? 3. Travel budget. 1 of 28. Response Count. answered question 88 Career Survey 1. In which country are you based? 88 answered question 88 skipped question 0 2. What is your job title? 88 answered question 88 skipped question 0 3. Travel budget not at all 21.0% 17 somewhat

More information

FedVTE Training Catalog SUMMER 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

FedVTE Training Catalog SUMMER 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov FedVTE Training Catalog SUMMER 2015 advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov Access FedVTE online at: fedvte.usalearning.gov If you need any assistance please

More information

The Next Generation of Security Leaders

The Next Generation of Security Leaders The Next Generation of Security Leaders In an increasingly complex cyber world, there is a growing need for information security leaders who possess the breadth and depth of expertise necessary to establish

More information

InfoSec Academy Forensics Track

InfoSec Academy Forensics Track Fundamental Courses Foundational Courses InfoSec Academy Specialized Courses Advanced Courses Certification Preparation Courses Certified Information Systems Security Professional (CISSP) Texas Security

More information

SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Job Profiles

SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Job Profiles PNNL-24138 SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Job Profiles March 2015 LR O Neil TJ Conway DH Tobey FL Greitzer AC Dalton PK Pusey Prepared for the

More information

Forensic Certifications

Forensic Certifications Forensic Certifications Mayuri Shakamuri CS 489-02 Digital Forensics October 31, 2006 New Mexico Tech Executive Summary Digital Forensics is rapidly growing and evolving to become a scientific practice

More information

CompTIA CASP Pre-approved Training for CompTIA CASP Continuing Education Units (CEUs)

CompTIA CASP Pre-approved Training for CompTIA CASP Continuing Education Units (CEUs) CompTIA CASP Pre-approved Training for CompTIA CASP Continuing Education Units (CEUs) Note: Approved training courses in this document are subject to change without prior notification. Training submitted

More information

Social Media Security Training and Certifications. Stay Ahead. Get Certified. Ultimate Knowledge Institute. ultimateknowledge.com

Social Media Security Training and Certifications. Stay Ahead. Get Certified. Ultimate Knowledge Institute. ultimateknowledge.com Ultimate Knowledge Institute ultimateknowledge.com Social Media Security Training and Certifications Social Media Security Professional (SMSP) Social Media Engineering & Forensics Professional (SMEFP)

More information

Kevin Savoy, CPA, CISA, CISSP Director of Information Technology Audits Brian Daniels, CISA, GCFA Senior IT Auditor

Kevin Savoy, CPA, CISA, CISSP Director of Information Technology Audits Brian Daniels, CISA, GCFA Senior IT Auditor IT Audit/Security Certifications Kevin Savoy, CPA, CISA, CISSP Director of Information Technology Audits Brian Daniels, CISA, GCFA Senior IT Auditor Certs Anyone? There are many certifications out there

More information

All about CPEs. David Gittens CISA CISM CISSP CRISC HISP

All about CPEs. David Gittens CISA CISM CISSP CRISC HISP All about CPEs David Gittens CISA CISM CISSP CRISC HISP The Designer David Gittens ISSA Barbados Past President Certified in ethical hacking and computer forensics Certified in security management and

More information

Auditing After a Cyber Attack JAX IIA Chapter Meeting Cybersecurity and Law Enforcement

Auditing After a Cyber Attack JAX IIA Chapter Meeting Cybersecurity and Law Enforcement Auditing After a Cyber Attack JAX IIA Chapter Meeting Cybersecurity and Law Enforcement Copyright Elevate Consult LLC. All Rights Reserved 1 Presenter Ray Guzman MBA, CISSP, CGEIT, CRISC, CISA Over 25

More information

Guide to information security certifications. SearchSecurity.com's guide to vendor-neutral security certifications

Guide to information security certifications. SearchSecurity.com's guide to vendor-neutral security certifications SearchSecurity.com's IT security certifications guide 1 of 18 Check out the other guides in this series: Guide to information security certifications SearchSecurity.com's guide to vendor-neutral security

More information

Security Certifications. Presentatie SecCert 101 Jordy Kersten MSc., ISC2 Ass., CEH, OSCP

Security Certifications. Presentatie SecCert 101 Jordy Kersten MSc., ISC2 Ass., CEH, OSCP Security Certifications Presentatie SecCert 101 Jordy Kersten MSc., ISC2 Ass., CEH, OSCP Wie ben ik? Jordy Kersten 26 jaar Communicatie Systemen HAN Arhnem Informatiekunde RU Nijmegen Security Consultant

More information

What is Management Responsible For?

What is Management Responsible For? What is Management Responsible For? Matthew J. Putvinski, CPA, CISA, CISSP MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2011 Wolf & Company, P.C. About Wolf & Company, P.C Regional

More information

CompTIA Security+ Pre-approved Training for CompTIA Security+ Continuing Education Units (CEUs)

CompTIA Security+ Pre-approved Training for CompTIA Security+ Continuing Education Units (CEUs) CompTIA Security+ Pre-approved Training for CompTIA Security+ Continuing Education Units (CEUs) Note: Approved training courses in this document are subject to change without prior notification. Training

More information

Field of Study Area of Expertise Certification Vendor Course

Field of Study Area of Expertise Certification Vendor Course Field of Study Area of Expertise Certification Vendor Course Advanced Security Certified Information Systems Security Professional (CISSP) ISC2 CISSP Advanced Security CompTIA Advanced Security Practitioner

More information

Need for Information Security, Understanding Information security trends and Improving Security

Need for Information Security, Understanding Information security trends and Improving Security Need for Information Security, Understanding Information security trends and Improving Security 10 th December, 2014 - Er. Sansar Jung Dewan At First: InfoSec Basics with the Five W s What is Information

More information

IT Security Training. Why Security Certification? A Serious Business - Fear Drives the Demand High Demand Freedom to Make and Break Rules

IT Security Training. Why Security Certification? A Serious Business - Fear Drives the Demand High Demand Freedom to Make and Break Rules IT Security Training Why Security Certification? A Serious Business - Fear Drives the Demand High Demand Freedom to Make and Break Rules Benefits of Certification Provides Assurance to Employers Certification

More information

Bellevue University Cybersecurity Programs & Courses

Bellevue University Cybersecurity Programs & Courses Undergraduate Course List Core Courses: CYBR 250 Introduction to Cyber Threats, Technologies and Security CIS 311 Network Security CIS 312 Securing Access Control CIS 411 Assessments and Audits CYBR 320

More information

Domain 1 The Process of Auditing Information Systems

Domain 1 The Process of Auditing Information Systems Certified Information Systems Auditor (CISA ) Certification Course Description Our 5-day ISACA Certified Information Systems Auditor (CISA) training course equips information professionals with the knowledge

More information

Introduction Auditing Internal Controls in an IT Environment SOx and the COSO Internal Controls Framework Roles and Responsibilities of IT Auditors

Introduction Auditing Internal Controls in an IT Environment SOx and the COSO Internal Controls Framework Roles and Responsibilities of IT Auditors Introduction Auditing Internal Controls in an IT Environment SOx and the COSO Internal Controls Framework Roles and Responsibilities of IT Auditors Importance of Effective Internal Controls and COSO COSO

More information

Information Systems Security Certificate Program

Information Systems Security Certificate Program Information Technologies Programs Information Systems Security Certificate Program Accelerate Your Career extension.uci.edu/infosec University of California, Irvine Extension s professional certificate

More information

Programme In Information Security Management

Programme In Information Security Management Programme In Information Security Management One-year programme in Information Security (IS) MIEL Academy is pleased to announce PRISM TM (Programme in Information Security Management) a one-year Fulltime

More information

Career Analysis into Cyber Security: New & Evolving Occupations

Career Analysis into Cyber Security: New & Evolving Occupations Alderbridge Specialists in Info Security Specialist Recruitment Knowledge for e-skills UK s Cyber Security Learning Pathways Programme Career Analysis into Cyber Security: New & Evolving Occupations e-skills

More information

State of West Virginia Office of Technology Policy: Information Security Audit Program Issued by the CTO

State of West Virginia Office of Technology Policy: Information Security Audit Program Issued by the CTO Policy: Information Security Audit Program Issued by the CTO Policy No: WVOT-PO1008 Issue Date: 08.01.09 Revised: Page 1 of 12 1.0 PURPOSE The West Virginia Office of Technology (WVOT) will maintain an

More information

ICT and Information Security Resources

ICT and Information Security Resources Methods GCloud Service Definition ICT and Information Security Resources HEAD OFFICE: 125 Shaftesbury Avenue, London WC2H 8AD Scottish Office: Exchange Place 2, 5 Semple Street, Edinburgh, EH3 8BL t: +44

More information

Access FedVTE online at: fedvte.usalearning.gov

Access FedVTE online at: fedvte.usalearning.gov FALL 2015 Access FedVTE online at: fedvte.usalearning.gov If you need any assistance please contact the FedVTE Help Desk her e or email the Help Desk at support@usalearning.net. To speak with a Help Desk

More information

SECURITY CONSIDERATIONS FOR LAW FIRMS

SECURITY CONSIDERATIONS FOR LAW FIRMS SECURITY CONSIDERATIONS FOR LAW FIRMS Enterprise Risk Management Professional consulting firm that specializes in cyber security Founded in 1998 in Miami, Florida Serves more than 150 clients, locally,

More information

ITU-IMPACT Training and Skills Development Course Catalogue

ITU-IMPACT Training and Skills Development Course Catalogue ITU-IMPACT Training and Skills Development Course Catalogue Management Track Technical Track Course Area Management Incident Response Digital Forensics Network Application Law Enforcement Foundation Management

More information

Facing Information Security Challenges

Facing Information Security Challenges AKTINA Event Information Security & Cloud Challenges March 17, 2016 Facing Information Security Challenges ISACA Cyprus Chapter Paschalis Pissarides CRISC, CISM, CISA Immediate Past President (2010-2014)

More information

SCAN. Associates Berhad.

SCAN. Associates Berhad. Associates Berhad. Talking points 1. Genesis 2. Products & services 3. Support 4. Strengthsth 5. Lessons 2 Genesis 1. Originated from University s R&D group on Infosec 95 2. Government funded d 3. Very

More information

Rethinking Cyber Security Threats

Rethinking Cyber Security Threats Rethinking Cyber Security Threats (ISC)² Update U.S. Government Advisory Board Meeting February 17, 2010 Frank Chow CISSP ISSAP ISSMP CSSLP CGEIT CRISC CISM CISA Chairperson of Professional Information

More information

CFPB Readiness Series: Compliant Vendor Management Overview

CFPB Readiness Series: Compliant Vendor Management Overview CFPB Readiness Series: Compliant Vendor Management Overview Legal Disclaimer This information is not intended to be legal advice and may not be used as legal advice. Legal advice must be tailored to the

More information

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available

More information

Certified Information Security Manager (CISM)

Certified Information Security Manager (CISM) Certified Information Security Manager (CISM) Course Introduction Course Introduction Domain 01 - Information Security Governance Lesson 1: Information Security Governance Overview Information Security

More information

CONTINUING PROFESSIONAL EDUCATION (CPE) POLICIES & GUIDELINES

CONTINUING PROFESSIONAL EDUCATION (CPE) POLICIES & GUIDELINES (ISC) 2 CONTINUING PROFESSIONAL EDUCATION (CPE) POLICIES & GUIDELINES 2015 (ISC)² CPE Policies & Guidelines (Rev. 10, April 21, 2015) 2015 International Information Systems Security Certification Consortium,

More information

Cyber Security and Information Assurance Controls Prevention and Reaction NOVEMBER 2013

Cyber Security and Information Assurance Controls Prevention and Reaction NOVEMBER 2013 Cyber Security and Information Assurance Controls Prevention and Reaction 1 About Enterprise Risk Management Capabilities Cyber Security Risk Management Information Assurance Strategic Governance Regulatory

More information

www.pwc.com/mt Internal Audit Takes On Emerging Technologies

www.pwc.com/mt Internal Audit Takes On Emerging Technologies www.pwc.com/mt In Internal Audit Takes On Emerging Technologies Contents Introduction 2 Cloud Computing & Internal Audit 3 Smart Devices/ Technology & Internal Audit 6 Social Media & Internal Audit 8 Cyber

More information

Security Certifications. A Short Survey. Welcome. Stan Reichardt stan2007@sluug.org

Security Certifications. A Short Survey. Welcome. Stan Reichardt stan2007@sluug.org Security Certifications A Short Survey Welcome Stan Reichardt stan2007@sluug.org Disclaimer This is just a cursory look at what is out there. I believe certifications are good training tools, but not necessarily

More information

About the Presenter About the Cloud Security Alliance Guidance 1.0 Getting Involved Call to Action

About the Presenter About the Cloud Security Alliance Guidance 1.0 Getting Involved Call to Action Governance, Risk Management, Compliance, & Audit An Overview of Cloud Security Alliance s Security Guidance for Critical Areas of Focus in Cloud Computing July 23, 2009 Agenda About the Presenter About

More information

Individual Certification of Security Proficiency for Software Professionals: Where Are We? Where Are We Going?

Individual Certification of Security Proficiency for Software Professionals: Where Are We? Where Are We Going? Individual Certification of Security Proficiency for Software Professionals: Where Are We? Where Are We Going? Dan Shoemaker January 2009 ABSTRACT: The software industry needs a universally acknowledged

More information

(Instructor-led; 3 Days)

(Instructor-led; 3 Days) Information Security Manager: Architecture, Planning, and Governance (Instructor-led; 3 Days) Module I. Information Security Governance A. Introduction to Information Security Governance B. Overview of

More information

Journal Online. Building Information Security Professionals. Hybrid. The Journey, Not the Destination. The Destination, Not the Journey

Journal Online. Building Information Security Professionals. Hybrid. The Journey, Not the Destination. The Destination, Not the Journey Journal Online Jason Andress, Ph.D., CISM, CISSP, GPEN, ISSAP, is a seasoned security professional with experience in the academic and business worlds. In his present and previous roles, he has provided

More information

Hands-On Ethical Hacking and Network Defense - Second Edition Chapter 1. After reading this chapter and completing the exercises, you will be able to:

Hands-On Ethical Hacking and Network Defense - Second Edition Chapter 1. After reading this chapter and completing the exercises, you will be able to: Objectives After reading this chapter and completing the exercises, you will be able to: Describe the role of an ethical hacker Describe what you can do legally as an ethical hacker Describe what you can

More information

Security Risk Management Strategy in a Mobile and Consumerised World

Security Risk Management Strategy in a Mobile and Consumerised World Security Risk Management Strategy in a Mobile and Consumerised World RYAN RUBIN (Msc, CISSP, CISM, QSA, CHFI) PROTIVITI Session ID: GRC-308 Session Classification: Intermediate AGENDA Current State Key

More information

Information Security Management Systems

Information Security Management Systems Information Security Management Systems Øivind Høiem CISA, CRISC, ISO27001 Lead Implementer Senior Advisor Information Security UNINETT, the Norwegian NREN About Øivind Senior Adviser at the HE sector

More information

Stepping Through the Info Security Program. Jennifer Bayuk, CISA, CISM

Stepping Through the Info Security Program. Jennifer Bayuk, CISA, CISM Stepping Through the Info Security Program Jennifer Bayuk, CISA, CISM Infosec Program How to: compose an InfoSec Program cement a relationship between InfoSec program and IT Governance design roles and

More information

Education for the Future.

Education for the Future. Education for the Future. The six schools of study at the ITT Technical Institutes 2 (School of Information Technology, School of Electronics Technology, School of Drafting and Design, School of Business,

More information

Principle of Information Security. Asst. Prof. Kemathat Vibhatavanij Ph.D.

Principle of Information Security. Asst. Prof. Kemathat Vibhatavanij Ph.D. Principle of Information Security Asst. Prof. Kemathat Vibhatavanij Ph.D. Security Challenges Evolution of technology focused on ease of use Compliance to government laws and regulations Direct impact

More information

Social Networking and its Implications on your Data Security

Social Networking and its Implications on your Data Security Social Networking and its Implications on your Data Security Canadian Chamber of Commerce of the Philippines June 8, 2011 Warren R Bituin Partner -SGV & Co. About the Speaker Warren R. Bituin SGV & Co./Ernst

More information

This article describes how these seven enablers have contributed towards better information security management at HDFC Bank.

This article describes how these seven enablers have contributed towards better information security management at HDFC Bank. Information Security Management at HDFC Bank: Contribution of Seven Enablers By Vishal Salvi, CISM, and Avinash W. Kadam, CISA, CISM, CGEIT, CRISC, CBCP, CISSP, CSSLP HDFC Bank was incorporated in August

More information

Dr. Vilius Benetis, CISA, CRISC NRD CS, Mon. 10:30-11:45

Dr. Vilius Benetis, CISA, CRISC NRD CS, Mon. 10:30-11:45 Dr. Vilius Benetis, CISA, CRISC NRD CS, vb@nrd.no Mon. 10:30-11:45 Problem Cybersecurity controls are failing to protect organizations. Controls consist of skills, process, and technology. Audit of technology

More information

Protecting Energy s Infrastructure and Beyond: Cybersecurity for the Smart Grid

Protecting Energy s Infrastructure and Beyond: Cybersecurity for the Smart Grid Protecting Energy s Infrastructure and Beyond: Cybersecurity for the Smart Grid Which is it? Cyber Security ~or~ Cybersecurity? Dr. Ernie Lara President Presenters Estrella Mountain Community College Dr.

More information

Into the Breach Transitioning info an infosec career. Ray Pompon, CISSP

Into the Breach Transitioning info an infosec career. Ray Pompon, CISSP Into the Breach Transitioning info an infosec career Ray Pompon, CISSP My journey High school -> Trash-80 s, Apple2 and cracking Computer Science - Info Tech degree PDP-11/44 and this Novell thing LAN

More information

Certified Cyber Security Analyst VS-1160

Certified Cyber Security Analyst VS-1160 VS-1160 Certified Cyber Security Analyst Certification Code VS-1160 Vskills certification for Cyber Security Analyst assesses the candidate as per the company s need for cyber security and forensics. The

More information

Instructor Introduction

Instructor Introduction Securing Big Data Instructor Introduction Leighton R. Johnson, III CISA, CISSP, CISM, MBCI, CSSLP, CIFI, CFCP, CAP, CRISC SC-ISACA Chapter Instructor Member: IEEE, ACM, ASIS, ISSA, IISFA, ISACA, ISC2,

More information

Governance and Management of Information Security

Governance and Management of Information Security Governance and Management of Information Security Øivind Høiem, CISA CRISC Senior Advisor Information Security UNINETT, the Norwegian NREN About Øivind Senior Adviser at the HE sector secretary for information

More information

Education for the Future.

Education for the Future. Education for the Future. The six schools of study at the ITT Technical Institutes* (School of Information Technology, School of Electronics Technology, School of Drafting and Design, School of Business,

More information

Career Paths in Information Security v6.0

Career Paths in Information Security v6.0 Career Paths in Information Security v6.0 Have you ever considered a career in computer security but didn t know how to get started? The Information Security industry is an exciting and diverse place to

More information

Maintaining Herd Communication - Standards Used In IT And Cyber Security. Laura Kuiper

Maintaining Herd Communication - Standards Used In IT And Cyber Security. Laura Kuiper Maintaining Herd Communication - Standards Used In IT And Cyber Security Laura Kuiper So what is Cyber Security? According to ITU-T X.1205 Cybersecurity is the collection of tools, policies, security concepts,

More information

INFORMATION SECURITY & GOVERNANCE SYSTEMS AND IT INFRASTRUCTURE INFOSEC & TECHNOLOGY TRAINING. forebrook

INFORMATION SECURITY & GOVERNANCE SYSTEMS AND IT INFRASTRUCTURE INFOSEC & TECHNOLOGY TRAINING. forebrook INFORMATION SECURITY & GOVERNANCE SYSTEMS AND IT INFRASTRUCTURE INFOSEC & TECHNOLOGY TRAINING forebrook Forebrook offers a range of information security, governance, IT systems and infrastructure related

More information

INF3510 Information Security. Lecture 01: - Course info - Basic concepts in information security

INF3510 Information Security. Lecture 01: - Course info - Basic concepts in information security INF3510 Information Security Lecture 01: - Course info - Basic concepts in information security University of Oslo, spring 2015 Course information Course organization Prerequisites Syllabus and text book

More information

Val-EdTM. Valiant Technologies Education & Training Services. 2-day Workshop on Business Continuity & Disaster Recovery Planning

Val-EdTM. Valiant Technologies Education & Training Services. 2-day Workshop on Business Continuity & Disaster Recovery Planning Val-EdTM Valiant Technologies Education & Training Services 2-day Workshop on Business Continuity & Disaster Recovery Planning All Trademarks and Copyrights recognized Page 1 of 8 Welcome to Valiant Technologies.

More information

How Security Testing can ensure Your Mobile Application Security. Yohannes, CEHv8, ECSAv8, ISE, OSCP(PWK) Information Security Consultant

How Security Testing can ensure Your Mobile Application Security. Yohannes, CEHv8, ECSAv8, ISE, OSCP(PWK) Information Security Consultant How Security Testing can ensure Your Mobile Application Security Yohannes, CEHv8, ECSAv8, ISE, OSCP(PWK) Information Security Consultant Once More Consulting & Advisory Services IT Governance IT Strategic

More information

The Hungarian digital security and data protection specialist. www.quadron.hu

The Hungarian digital security and data protection specialist. www.quadron.hu The Hungarian digital security and data protection specialist www.quadron.hu WHY IS IT SECURITY IMPORTANT? The abuse of computers is an increasingly common phenomenon of both the business and the public

More information

New-Age Undergraduate Programme

New-Age Undergraduate Programme New-Age Undergraduate Programme B. Tech Cloud Technology & Information Security (4 Year Full Time Programme) Academic Year 2015 Page 1 Course Objective This unique B. Tech course provides dual career options

More information

Information Security Program CHARTER

Information Security Program CHARTER State of Louisiana Information Security Program CHARTER Date Published: 12, 09, 2015 Contents Executive Sponsors... 3 Program Owner... 3 Introduction... 4 Statewide Information Security Strategy... 4 Information

More information

LINUX / INFORMATION SECURITY

LINUX / INFORMATION SECURITY LINUX / INFORMATION SECURITY CERTIFICATE IN LINUX SYSTEM ADMINISTRATION The Linux open source operating system offers a wide range of graphical and command line tools that can be used to implement a high-performance,

More information

By: Gerald Gagne. Community Bank Auditors Group Cybersecurity What you need to do now. June 9, 2015

By: Gerald Gagne. Community Bank Auditors Group Cybersecurity What you need to do now. June 9, 2015 Community Bank Auditors Group Cybersecurity What you need to do now June 9, 2015 By: Gerald Gagne MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2015 Wolf & Company, P.C. Cybersecurity

More information

CYBER SECURITY. ADVISORY SERVICES Governance Risk & Compliance. Shemrick Rodney IT Specialist Consultant Antigua & St. Kitts

CYBER SECURITY. ADVISORY SERVICES Governance Risk & Compliance. Shemrick Rodney IT Specialist Consultant Antigua & St. Kitts CYBER SECURITY ADVISORY SERVICES Governance Risk & Compliance Shemrick Rodney IT Specialist Consultant Antigua & St. Kitts The Financial Services Industry at Crossroads: Where to From Here? WELCOME What

More information

Information Security Management System (ISMS) Overview. Arhnel Klyde S. Terroza

Information Security Management System (ISMS) Overview. Arhnel Klyde S. Terroza Information Security Management System (ISMS) Overview Arhnel Klyde S. Terroza May 12, 2015 1 Arhnel Klyde S. Terroza CPA, CISA, CISM, CRISC, ISO 27001 Provisional Auditor Internal Auditor at Clarien Bank

More information

Cybersecurity Audit Why are we still Vulnerable? November 30, 2015

Cybersecurity Audit Why are we still Vulnerable? November 30, 2015 Cybersecurity Audit Why are we still Vulnerable? November 30, 2015 John R. Robles, CISA, CISM, CRISC www.johnrrobles.com jrobles@coqui.net 787-647-3961 John R. Robles- 787-647-3961 1 9/11-2001 The event

More information

ISO 27001:2005 & ISO 9001:2008

ISO 27001:2005 & ISO 9001:2008 ISO 27001:2005 & ISO 9001:2008 September 2011 1 Main Topics SFA ISO Certificates ISO 27000 Series used in the organization ISO 27001:2005 - Benefits for the organization ISO 9001:2008 - Benefits for the

More information

CSIS Academy Be Better

CSIS Academy Be Better CSIS Academy Be Better CSIS Security Officer March 2014 Copyright 2014 - CSIS Security Group A/S. All rights reserved Page 2 / 7 Content 1 About CSIS... 3 2 The Course: CSIS Security Officer... 3 2.1.1

More information

Athens, 2 December 2011 Hellenic American Union Conference Center

Athens, 2 December 2011 Hellenic American Union Conference Center Athens, 2 December 2011 Hellenic American Union Conference Center ISACA Athens Chapter and the Hellenic American Union are organizing the 1 st ISACA Athens Chapter Conference on December 2 nd, 2011. The

More information

THE SANS 2005-2007 INFORMATION SECURITY SALARY & CAREER ADVANCEMENT SURVEY

THE SANS 2005-2007 INFORMATION SECURITY SALARY & CAREER ADVANCEMENT SURVEY THE SANS 2005-2007 INFORMATION SECURITY SALARY & CAREER ADVANCEMENT SURVEY What factors impact compensation? Which security certifications matter? What makes security people mad? What matters for career

More information

CYBER SECURITY TRAINING SAFE AND SECURE

CYBER SECURITY TRAINING SAFE AND SECURE CYBER SECURITY TRAINING KEEPING YOU SAFE AND SECURE Experts in Cyber Security training. Hardly a day goes by without a cyber attack being reported. With this ever-increasing threat there is a growing need

More information

INF3510 Information Security University of Oslo Spring 2011. Lecture 1 Course Information Background and Basic Concepts

INF3510 Information Security University of Oslo Spring 2011. Lecture 1 Course Information Background and Basic Concepts INF3510 Information Security University of Oslo Spring 2011 Lecture 1 Course Information Background and Basic Concepts Course information Scope of information security Syllabus and text book Lecture plan

More information

MEETING THE NATION S INFORMATION SECURITY CHALLENGES

MEETING THE NATION S INFORMATION SECURITY CHALLENGES MEETING THE NATION S INFORMATION SECURITY CHALLENGES TO ADDRESS SKILLS AND WORKFORCE SHORTAGES IN THE INFORMATION SECURITY INDUSTRY, THE NATIONAL SECURITY AGENCY AND THE DEPARTMENT OF HOMELAND SECURITY

More information

Terms of Reference for an IT Audit of

Terms of Reference for an IT Audit of National Maritime Safety Authority (NMSA) TASK DESCRIPTION PROJECT/TASK TITLE: EXECUTING AGENT: IMPLEMENTING AGENT: PROJECT SPONSOR: PROJECT LOCATION: To engage a professional and qualified IT Auditor

More information

Executive Cyber Security Training. One Day Training Course

Executive Cyber Security Training. One Day Training Course Executive Cyber Security Training One Day Training Course INTRODUCING EXECUTIVE CYBER SECURITY TRAINING So what is all this we hear in the media about cyber threats? How can an organization understand

More information

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft Cyber Security and Privacy Services Working in partnership with you to protect your organisation from cyber security threats and data theft 2 Cyber Security and Privacy Services What drives your security

More information

Information Security Governance:

Information Security Governance: Information Security Governance: Designing and Implementing Security Effectively 2 nd Athens International Forum on Security 15 16 Jan 2009 Anestis Demopoulos, CISA, CISSP, CIA President of ISACA Athens

More information

Information Security Certifications

Information Security Certifications HERVÉ SCHAUER CONSULTANTS Cabinet de Consultants en Sécurité Informatique depuis 1989 Spécialisé sur Unix, Windows, TCP/IP et Internet Information Security Certifications Persons / Organizations ENISA

More information

Cyber Security Education, Qualifications and Training

Cyber Security Education, Qualifications and Training Cyber Security Education, Qualifications and Training Prof. Keith M. Martin Information Security Group, Royal Holloway, University of London, Egham, Surrey TW20 0EX, UK This paper is a postprint of a paper

More information

CLASSIFICATION SPECIFICATION FORM

CLASSIFICATION SPECIFICATION FORM www.mpi.mb.ca CLASSIFICATION SPECIFICATION FORM Human Resources CLASSIFICATION TITLE: POSITION TITLE: (If different from above) DEPARTMENT: DIVISION: LOCATION: Executive Director Executive Director, Information

More information

What Directors need to know about Cybersecurity?

What Directors need to know about Cybersecurity? What Directors need to know about Cybersecurity? W HAT I S C YBERSECURITY? PRESENTED BY: UTAH BANKERS ASSOCIATION AND JON WALDMAN PARTNER, SENIOR IS CONSULTANT - SBS 1 Contact Information Jon Waldman Partner,

More information

Software Development

Software Development Software Development Associate s Degree The ITT Technical Institutes offer a variety of career-focused curricula. This sheet helps describe the associate s degree program in Software Development 1 offered

More information

Logical Operations CyberSec First Responder: Threat Detection and Response (CFR) Exam CFR-110

Logical Operations CyberSec First Responder: Threat Detection and Response (CFR) Exam CFR-110 Logical Operations CyberSec First Responder: Threat Detection and Response (CFR) Exam CFR-110 Exam Information Candidate Eligibility: The CyberSec First Responder: Threat Detection and Response (CFR) exam

More information

Developing a Mature Security Operations Center

Developing a Mature Security Operations Center Developing a Mature Security Operations Center Introduction Cybersecurity in the federal government is at a crossroads. Each month, there are more than 1.8 billion attacks on federal agency networks, and

More information