Fundamentals of Information and Security Controls

This is an intensive workshop filled with tools, techniques advice and process strategies for improving the security posture of your organization. Participants will gain an understanding of how to organize and oversee a risk-based enterprise information security program, drill down to the critical building blocks of information security, explore the respective roles and responsibilities of the key players, discover industry best practice and legislation.

CONTENT

*Defining the Information Security Environment

– Attributes of an Information Security

– Threats and Vulnerability of Information Security

– Essential International Requirements

* Security Management: Strategic Components

– Organization Aspects

– The Security Management cycle

– Security Risk Assessment and Management

– Information Classification and Valuation

* Criteria for Secure Business Applications

– I.S. role in system development life cycle (SDLC)

– Cryptography: Key management and application

* Protecting the Network Perimeter

– Fireworks

– Intrusion Detection and Incident response

– Virtual private network

– Wireless and Mobile device security

* Business Continuity Planning (BCP)

– Roles and Responsibilities

– Redundancy, backup and fault Tolerance

– Plan Management and Testing

TRAINING METHODOLOGY

The training methodology combines lectures, discussions, group exercises and illustrations. Participants will gain both theoretical and practical knowledge of the topics. The emphasis is on the practical application of the topics and as a result participant will go back to the workplace with both the ability and the confidence to apply the techniques learned to their duties.