CYBER SECURITY FOUNDATION - OUTLINE

Size: px

Start display at page:

Download "CYBER SECURITY FOUNDATION - OUTLINE"

Gary Tucker
10 years ago
Views:

1 CYBER SECURITY FOUNDATION - OUTLINE Cyber security - Foundation - Outline

2 Document Administration Copyright: QT&C Group Ltd, 2014 Document version: 0.2 Author: N R Landman (MD and Principal Consultant) Changes: Date Ref Change Summary This outline describes the content of a 2 day foundation course on cyber security. Aims The aims of the course will be to introduce delegates to: 1. The evolution of the term cyber security and the role played by the ever changing IT and information infrastructures in which modern business is conducted; 2. The interaction between traditional information security and cyber security; 3. The language and concepts of cyber security, including; a. Cybercrime, b. Cyber warfare, c. Cyber terrorism. 4. Examples of various frameworks including legal frameworks, that have and are evolving a. NIST Cyber security framework (V1.0, 2014) US Centric, b. BSC PAS 555:2013 Global, c. CREST and Cyber Security Essentials scheme UK Centric, d. Special Action Plan on Countermeasures to Cyber-terrorism for Critical Infrastructures Japan, e. ENISA and the National/European Cyber security strategies - Europe f. General Data Protection Regulation Europe, g. esignature Directive and eidentification Europe h. PCI-DSS (V3) i. Governance within a cyber-security centric world 5. The threat centric nature of cyber security and the relationship with information security risk management, a. Attack scenarios threat actors exploiting the exploitable (vulnerabilities), 6. The importance of incident response and the road to recovery, 7. Providing assurance within a cyber-security environment. This is a soft skills course that can be delivered using: Contact training elearning Blended learning Nigel Landman DRAFT 1

3 Details Ref: Module Activity (Aims and Objectives Time D1.1. Introduction Health & Safety 09:00 to 09:30 Trainer and delegates Course outline and timing D1.2. Evolution of the term Aim: 09:30 to 10:30 cyber security The evolution of the term cyber security and the role played by the ever changing IT and information infrastructures in which modern business is conducted. Explain how the term cyber security has evolved; Identify the technology changes that now affect the way in which we conduct business; Describe, briefly, some of the serious breaches that have occurred. D1.3. Break Tea/coffee 10:30 to 10:45 D1.4. Information security Aim: 10:45 to 11:30 vs. Cyber security The interaction between traditional information security and cyber security Define the term information security; Define the term cyber security; Describe the differences (if any) between the two and what assets are being protected Explain why there is now an emphasis upon cyber security. D1.5. Language of Cyber Aim: 11:30 to 12:30 security The language and concepts of cyber security using authoritative references Define the terms used within information security D1.6. Lunch 12:30 to 13:30 D1.7. Recap Aim: 13:30 to 14:00 Recap/review of the morning session Objective: Demonstrate using the language and knowledge gained to describe a cybersecurity breach D1.8. Frameworks Aim: 14:00 to 15:00 Frameworks including legal frameworks that have and are evolving. Nigel Landman DRAFT 2

4 Identify the various frameworks that have and are evolving around cyber security; Compare these frameworks with those associated with information security (ISMS family of standards and others); Describe changes to legal and industry regulations that have and must be made within a cyber-security centric business world; Explain changes to governance structures that may be required. D1.9. Break Tea/coffee 15:00 to 15:15 D1.10. Framework continue 15:15 to 16:00 D1.11. Discussion Aim: 16:00 to 16:30 Review of the day s activity. Restate, through discussion and using the language of information and cyber security, the serious challenges faced by modern business. D2.1. Risk Aim: 09:00 to 10:30 The threat centric nature of cyber security and the relationship with information security risk management; o Attack scenarios threat actors exploiting the exploitable (vulnerabilities). Define the terms used within the world of risk (ISO Guide 73); Identify the standards used within risk; Explain the relationship between enterprise risk management and information security risk management; Expand the reasons why cyber security is threat centric. D2.2. Break Tea/coffee 10:30 to 10:45 D2.3. Risk continued Objectives (continued): 10:45 to 12:30 Describe the kill chain Identify the process of a risk assessment and treatment and compare with the threat centric nature of cyber-security; Illustrate with a given set of scenarios a activities required to treat the described risks to reduce the level and exposure of risk. D2.4. Lunch 12:30 to 13:30 D2.5. Review Review of pre-lunch exercises 13:30 to 14:00 Nigel Landman DRAFT 3

5 D2.6. Incident response Aim: 14:00 to 15:00 The importance of incident response and the road to recovery. Outline the lessons learned from recent high profile breaches; Describe the importance of incident response; Demonstrate through scenario based exercise incident response actions. D2.7. Break Tea/coffee 15:00 to 15:15 D2.8. Assurance Aim: 15:15 to 16:00 Providing assurance within a cybersecurity environment. Explain the term information assurance (IA); Identify the information systems that IA must include; Describe the difference between IA and cyber security; Illustrate the relationship between IA, risk, and cyber security. D2.9. Wrap-up Discussion and feedback on the course activities; Discussion on next steps Close 16:00 to 16:30 End. Nigel Landman DRAFT 4

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown

Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available