This course runs for a duration of 3 days.
The class will run daily from 8:30 am PST to 4:30 pm PST.
Class Location: Virtual LIVE Instructor Led - Virtual Live Classroom.
This three-day cybersecurity training course teaches security professionals how to identify business requirements and turn those requirements into a highly functional, cost-effective cybersecurity management system. Led by an expert instructor, you will dive into the intricacies of managed security solutions. Examination of actual security incidents and real-world scenarios are used to understand how to apply those solutions and how to discover shortcomings within existing solutions.
One of the greatest weaknesses many organizations have is their inability to identify and respond to security incidents. While learning how to avoid incidents, we will teach you how effective monitoring tools are used in concert with pre-planned security response solutions. Learn to trigger actions that minimize both immediate and long-term impacts of any security incident. Designed to teach security experts the business processes required to effectively govern a corporate security program, this course also teaches managers how to use information gathered through security technology tools such as an IPS, Firewall, or SIEM, to develop appropriate and timely responses to a security breach.
In this Practical Cybersecurity Training Course, You Will:
Part 1: Introduction to Security Management
What is security? How do you achieve it? Is security defined by compliance with PCI, SOX, HIPAA, etc.? Is it possible to be "compliant" yet still vulnerable to attack? This introduction covers what it means to create a truly secure environment. Security is more than just compliance. We constantly hear about compliant companies getting hacked. You will learn to approach security through the lens of "Availability, Integrity, and Confidentiality." Companies are often confused by how to manage diverse mandatory regulations and the plethora of security frameworks available. We'll examine popular security frameworks and how they relate to both real-world business requirements and regulatory compliance. You will learn how to discover business requirements and turn those into usable security objectives.
In-class discussion: As a group, we will discuss frameworks and how they relate to each other. You will also learn how compliance regulations like HIPAA and PCI etc. relate to the frameworks and SANS CSC. Finally, we will discuss how passing audits and "checking the box" does not translate to real security.
Part 2: Case Studies – Real-World Expert Analysis
Throughout the course, you will examine real-world case studies of companies who were compliant but not secure. You will learn from the mistakes made in the past in order to improve their security.
Part 3: Business Needs Assessment & Implementing Security into Business Processes
You must tune security practices to meet the needs of the business. There are many things organizations have in common, such as Firewall protection or protecting yourself from malicious software. However, there are many more considerations when designing protection. Assessing the business and its needs allows a security analyst/architect to uncover these needs and address them properly.
Part 4: Policy and Supporting Documents
After the specific needs of a business are uncovered it is necessary to begin crafting the businesses security posture beginning with the security policy. Your policy will drive all other aspects of security. From here, you will work your way through supporting documents and best practices.
Part 5: Controls and Configuration
You will take a deep look at common security tools, such as an IDS, IPS, Firewalls, and ACLs. More importantly, you will learn the critical security functions provided by these devices, why they are required, data produced by the devices, and how to use the information to protect, identify and respond to constantly changing security threats. Discover how information gathered from these devices can meet the business security objectives uncovered previously in the course..
Part 6: Security Monitoring
"Ninety-seven percent of Fortune 500 companies have been hacked, and likely the other 3% have too, they just don't know it," says, " says Peter W. Singer of the Brookings Institution. Threats are real, but often go unrecognized. This section teaches you how to reveal threats through monitoring, alerts, and correlation. We will also show you what to continuously monitor vs. what should be recorded for the inevitable post-incident assessment.
Part 7: Incident Response and Recovery
Effective incident response procedures are a requirement for any company who wants to avoid the reputation damage and public humiliation of being latest news story data breach. The difference between heavy damage and millions of dollars in post-incident cleanup versus a sustainable, controlled data breach is proper planning and immediate, methodical eradication of incidents.
Part 8: BCP
It is very important to protect ourselves from threats yet probably just as important, if not more so, is how do we survive outages, continuity problems or worse. Sony's PlayStation network or RIM's most recent outage are good examples of what we need to protect ourselves from. According to the Federal Emergency Management Agency, 40% of businesses do not survive a disaster which could be as small as a faulty sprinkler system. It is important to be prepared for interruptions so that a business can survive. In this section, we will explore the importance of planning for these outages.