Cybercrime & Cybersecurity: the Ongoing Battle International Hellenic University

Similar documents
Course and Service Portfolio Specialized IT courses for IT professional and organizations willing to take benefit from the competitive advantages

Security Transcends Technology

Certification and Training

State of South Carolina InfoSec and Privacy Career Path Model

Information Security Principles and Practices

Profil stručnjaka za informacijsku sigurnost - certificirati se ili ne? Biljana Cerin, CISA, CISM, CGEIT, CBCP, PMP

InfoSec Academy Application & Secure Code Track

Information Security Specialist Training on the Basis of ISO/IEC 27002

FedVTE Training Catalog SPRING advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

Career Survey. 1. In which country are you based? 2. What is your job title? 3. Travel budget. 1 of 28. Response Count. answered question 88

FedVTE Training Catalog SUMMER advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

The Next Generation of Security Leaders

SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Job Profiles

InfoSec Academy Forensics Track

Social Media Security Training and Certifications. Stay Ahead. Get Certified. Ultimate Knowledge Institute. ultimateknowledge.com

CompTIA CASP Pre-approved Training for CompTIA CASP Continuing Education Units (CEUs)

Forensic Certifications

All about CPEs. David Gittens CISA CISM CISSP CRISC HISP

Kevin Savoy, CPA, CISA, CISSP Director of Information Technology Audits Brian Daniels, CISA, GCFA Senior IT Auditor

Security Certifications. Presentatie SecCert 101 Jordy Kersten MSc., ISC2 Ass., CEH, OSCP

Auditing After a Cyber Attack JAX IIA Chapter Meeting Cybersecurity and Law Enforcement

CompTIA Security+ Pre-approved Training for CompTIA Security+ Continuing Education Units (CEUs)

Field of Study Area of Expertise Certification Vendor Course

Guide to information security certifications. SearchSecurity.com's guide to vendor-neutral security certifications

IT Security Training. Why Security Certification? A Serious Business - Fear Drives the Demand High Demand Freedom to Make and Break Rules

Bellevue University Cybersecurity Programs & Courses

What is Management Responsible For?

Domain 1 The Process of Auditing Information Systems

ITU-IMPACT Training and Skills Development Course Catalogue

Introduction Auditing Internal Controls in an IT Environment SOx and the COSO Internal Controls Framework Roles and Responsibilities of IT Auditors

State of West Virginia Office of Technology Policy: Information Security Audit Program Issued by the CTO

SCAN. Associates Berhad.

Career Analysis into Cyber Security: New & Evolving Occupations

Information Systems Security Certificate Program

Programme In Information Security Management

Access FedVTE online at: fedvte.usalearning.gov

CONTINUING PROFESSIONAL EDUCATION (CPE) POLICIES & GUIDELINES

ICT and Information Security Resources

SECURITY CONSIDERATIONS FOR LAW FIRMS

Rethinking Cyber Security Threats

Internal Audit Takes On Emerging Technologies

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist,

CFPB Readiness Series: Compliant Vendor Management Overview

Education for the Future.

Cyber Security and Information Assurance Controls Prevention and Reaction NOVEMBER 2013

Security Certifications. A Short Survey. Welcome. Stan Reichardt stan2007@sluug.org

Individual Certification of Security Proficiency for Software Professionals: Where Are We? Where Are We Going?

How To Become A Security Professional

About the Presenter About the Cloud Security Alliance Guidance 1.0 Getting Involved Call to Action

Certified Cyber Security Analyst VS-1160

Career Paths in Information Security v6.0

Hands-On Ethical Hacking and Network Defense - Second Edition Chapter 1. After reading this chapter and completing the exercises, you will be able to:

Education for the Future.

This article describes how these seven enablers have contributed towards better information security management at HDFC Bank.

INFORMATION SECURITY & GOVERNANCE SYSTEMS AND IT INFRASTRUCTURE INFOSEC & TECHNOLOGY TRAINING. forebrook

(Instructor-led; 3 Days)

Information Security Management Systems

Security Risk Management Strategy in a Mobile and Consumerised World

LINUX / INFORMATION SECURITY

New-Age Undergraduate Programme

By: Gerald Gagne. Community Bank Auditors Group Cybersecurity What you need to do now. June 9, 2015

Stepping Through the Info Security Program. Jennifer Bayuk, CISA, CISM

Certified Information Security Manager (CISM)

Social Networking and its Implications on your Data Security

Principle of Information Security. Asst. Prof. Kemathat Vibhatavanij Ph.D.

Protecting Energy s Infrastructure and Beyond: Cybersecurity for the Smart Grid

THE SANS INFORMATION SECURITY SALARY & CAREER ADVANCEMENT SURVEY

Instructor Introduction

CSIS Academy Be Better

INF3510 Information Security. Lecture 01: - Course info - Basic concepts in information security

Into the Breach Transitioning info an infosec career. Ray Pompon, CISSP

Terms of Reference for an IT Audit of

CLASSIFICATION SPECIFICATION FORM

Governance and Management of Information Security

Val-EdTM. Valiant Technologies Education & Training Services. 2-day Workshop on Business Continuity & Disaster Recovery Planning

How Security Testing can ensure Your Mobile Application Security. Yohannes, CEHv8, ECSAv8, ISE, OSCP(PWK) Information Security Consultant

Information Security Certifications

Executive Cyber Security Training. One Day Training Course

Maintaining Herd Communication - Standards Used In IT And Cyber Security. Laura Kuiper

Software Development

The Hungarian digital security and data protection specialist.

Certification for Information System Security Professional (CISSP)

Information Security Program CHARTER

Aalborg Universitet. Cyber Assurance - what should the IT auditor focus on? Berthing, Hans Henrik Aabenhus. Publication date: 2014

Cybersecurity Audit Why are we still Vulnerable? November 30, 2015

New-Age Undergraduate Programme

ANGIE SINGER KEATING CHIEF EXECUTIVE OFFICER, CO-FOUNDER

Athens, 2 December 2011 Hellenic American Union Conference Center

Information Security Management System (ISMS) Overview. Arhnel Klyde S. Terroza

CYBER SECURITY. ADVISORY SERVICES Governance Risk & Compliance. Shemrick Rodney IT Specialist Consultant Antigua & St. Kitts

INF3510 Information Security University of Oslo Spring Lecture 1 Course Information Background and Basic Concepts

A Wake-Up Call? Fight Back Against Cybercrime. Prepared for: Ricky Link Managing Director, Southwest Region May 15, 2014

TURNING THE RISING TIDE OF CYBERSECURITY THREATS

Building The Human Firewall. Andy Sawyer, CISM, C CISO Director of Security Locke Lord

CYBER SECURITY TRAINING SAFE AND SECURE

Executive Management of Information Security

Information Security Training & Awareness

Standard: Information Security Incident Management

Cyber Security Education, Qualifications and Training

Transcription:

Cybercrime & Cybersecurity: the Ongoing Battle International Hellenic University Andreas Athanasoulias, CISM, CISSP Information Security Officer & Security Consultant

Brief introduction My career path Information Security: a growing expert area Defined? Domains Indicative Skillset Career Paths Certifications & Certification Bodies 2

Academic Path BSc. Computer Science Informatics & Telecommunications Department University of Athens Last semester: Cryptography, Computer Security Thesis: subject of Network Security MSc. Information Security Information Security Group (ISG) Royal Holloway University of London Security Management, Cryptography, Network Security, Computer Security, Software Security, Computer Crime, Smart Cards/Tokens & Security Dissertation: Fraud in electronic cards & countermeasures 3

Professional Path Information Security Consultant ITSRC BU Syntax IT Group (Greece & UAE) Penetration testing IT Governance, Risk & Compliance projects Solutions Enablement (various vendors) Business Unit Manager ITSRC BU Syntax IT Group (Greece & UAE) Information Security Officer & Security Consultant Uni Systems (Greece, Western & S-eastern Europe) Information Security Frameworks ISO 27001 & 22301 Risk Assessments Security Metrics Business Continuity Frameworks 4

Confidentiality Integrity Availability Information Security 5

Preservation of confidentiality, integrity and availability of information. In addition, other properties, such as authenticity, accountability, non-repudiation, and reliability can also be involved. ~ ISO 27000:2014 Ensures that within the enterprise, information is protected against disclosure to unauthorized users (confidentiality), improper modification (integrity), and non access when required (availability) ~ ISACA Glossary of Terms "Information security is the protection of information and minimizes the risk of exposing information to unauthorized parties." ~Venter and Eloff, 2003 6

Attributed: JohnManuel, Wikipedia 7

Security & Risk Management Security, Risk, Compliance, Law, Regulations, Business Continuity Asset Security Classification, Retention, Data Security Security Engineering Engineering & Management of Security Communication & Network Security Design & protection of Network Security 8

Identity & Access Management Controlling Access & Managing Identity Security Assessment & Testing Design, perform & analyze security testing Security Operations Foundational Concepts, Investigations, Incident Management & Disaster Recovery Software Development Security Understand, apply and enforce software security 9

Application Security Data Loss Prevention Ethical Hacking (web, network, systems) Digital Forensics Governance Compliance Audit (Policies, Procedures, Management Systems) Incident Detection & Response Secure Code Development PKI Identity Management Business Continuity Security Operation Center Security Information & Event Management 10

Information Security Consultant Information Security Analyst Information Security Manager/ Officer Security Architect Security Administrator IT Risk & Compliance Manager Data Security Specialist Cloud Security Engineer (System, Network, Web) Penetration Tester Digital Forensics Analyst Incident Responder Malware Analyst Disaster Recovery/ Business Continuity Manager Security Operation Center (SOC) Analyst 11

CISSP Security Professionals CCSP Cloud HCISPP Healthcare & Regulations (ISC)² - International Information Systems Security Certification Consortium CSSLP Secure sw Developments SSCP Security Engineers CCFP Digital Forensics 12

CISA Auditors CRISC Risk & Information Systems Control ISACA - Information Systems Audit and Control Association CISM Security Managers CGEIT Governance 13

Security Administration GSE (expert) Forensics Legal GIAC Global Information Assurance Certification (powered by SANS) Management Software Security Audit 14

Ethical Hackers CISO Digital Forensics EC Council Disaster Recovery Professionals Security Analysts Incident Handlers 15

Offensive Security Offensive Security Certified Professional (OSCP) CompTIA Security+ CASP ISO certifications ISMS ISO 27001 LA & I BCMS ISO 22301 LA & I Cloud Security ISO 27017 (draft) 16

Uni Systems Copyright 2015 17

Andreas Athanasoulias AthanasouliasA@unisystems.gr Twitter: @andresitoath LinkedIn: https://gr.linkedin.com/pub/andreas-athanasoulias/41/7b4/552

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information