Cyber Security Operations Manager®

csom-virtual
( + )

Cyber Security Operations Manager®

5 Days, 3 Professional Certifications

This course targets Professionals who are engaged with operational aspects of live and running applications and the application ecosystems. From incident management planning to identity and access management, secure live applications, keeping out cyber attackers, to capacity planning, enhancement and upgrade management, risk mitigation and migration, HR roles and responsibilities, vendor and contract management of security service level agreements (SSLAs) are all covered and effectively outlined in the program. The CSOM® produces distinguished cybersecurity operational managers, architects, service providers and mentors and enables them to have leading roles in Cybersecurity Operations.

5 Days Classroom Session
3 Professional Certifications Available
Virtual Sessions Available
Private Organization Training Available
This is a popular course

Upcoming CSOM® Events

Sorry no post found.

Course Description

This course targets Professionals who are engaged with operational aspects of live and running applications and the application ecosystems. From incident management planning to identity and access management, secure live applications, keeping out cyber attackers, to capacity planning, enhancement and upgrade management, risk mitigation and migration, HR roles and responsibilities, vendor and contract management of security service level agreements (SSLAs) are all covered and effectively outlined in the program. The CSOM® produces distinguished cybersecurity operational managers, architects, service providers and mentors and enables them to have leading roles in Cybersecurity Operations.

Who should take this course?

  • Cyber Security Professionals including but not limited
    • Security Analyst.
    • Security Engineer.
    • Security Architect.
    • Security Administrator.
    • Security Software Developer.
    • Cryptographer.
    • Cryptanalyst.
    • Security Consultant.
  • Application Developers
  • Finance Professionals
  • Data Center Designers/Engineers
  • Data Center Planners
  • Project Managers
  • Legal & Compliance Professionals
  • College Students & Graduates
  • Business Continuity Experts

what you study

The COSM® course focuses on best practices to be applied, approaches and methodologies to enhance the long-run objectives as well as the daily cybersecurity operations.

Learning Outcomes

This course teaches how to streamline processes, increase efficiency and productivity whilst maintaining highly Cybersecure Application Ecosystem. The core concepts are based on demonstrated principles, which are optimized from lessons learned from Cybersecurity front-runners.

Prerequisites

  • None.

Course Features

  • Course Code CSOM
  • Sessions 5
  • Duraion 5 Days
  • Track Cyber Security Management
  • Language English
  • Public Yes
  • Virtual Availability Yes
  • Private Availability Yes
  • Certificate Yes
  • Assessment Yes

    Day 1

    Introduction

    Cybersecurity Overview

    • The outset of Cybersecurity
    • Governance
    • Risk Integration
    • Legislative Requirement
    • Security Requirement
    • Internal Threats
    • External Threats
    • Physical Security Threats
    • Cybercrime: Leading Business Risk Globally
    • Major Cyber Breaches
    • Cybersecurity Complexity
    • Infinity Paradigm
    • Definition of Cybersecurity
    • Cybersecurity Principles

    Cybersecurity Principles

    • The Layers
    • The Four Principles
    • Principle 1 & its key Activities
    • Principle 2 & its key Activities
    • Principle 3 & its key Activities
    • Principle 4 & its key Activities

    Cybersecurity Dimensions: Attack & Defense

    • Cybersecurity Attack
    • Security Threat to Networks
    • Two types of Attacks
    • Stages of an Attack
    • Cybersecurity Defense
    • Layered Security & Configuration of Perimeter
    • Firewall
    • Intrusion Detection & Penetration System

    Cybersecurity Risk & Consequences

    • Consequences of Attack
    • Maturity
    • Culture Shift
    • Appetite
    • Advice
    • Putting a Price on Risk

    Day 2

    Cybersecurity Trends

    • Understanding the threat landscape
    • Common Threat Agents and Vulnerabilities
    • Zero-Day Vulnerabilities
    • Attributes of Cyber Attack
    • Understanding the attributes of an Attack
    • Malware & Types of attack
    • Obfuscation and Mutations in Malware

    Weaknesses of Existing Cybersecurity Standards

    • Available standards
    • Weaknesses of existing standards
    • Why IDCA is critical to filling the gaps

    Network Access Control & Wireless Network Security

    • An Overview of Network Access Control (NAC)
    • NAC Policies
    • The Network Access Control/Network Access Protection (NAC/NAP) Client/Agent
    • The Enforcement Points
    • Enforcement Point Action
    • Authentication and Authorization
    • NIST & Cybersecurity
    • ISO 27001 For Information Security

    Cybersecurity in Cloud

    • Types of Cloud Assets
    • Compute Assets
    • Storage Assets
    • Network Assets
    • Asset Management Pipeline
    • Procurement Leaks
    • Processing Leaks
    • Finding Leaks
    • Protecting data in the cloud
    • Tokenization
    • Encryption

    Cybersecurity for IoT and Edge/or 5G Computing

    • IoT Security Challenges & Landscape
    • Why IoT Security devices are targeted
    • Edge Motivation
    • Edge Definition
    • Evolution of IT Computing Models
    • Advantages of Edge Computing
    • Edge Layered Stack
    • OWASP (Open Web Application Security Project) Top 10 Internet of Things

    Examination

    Day 1

    Cybersecurity Overview

    • Cybersecurity Complexity
    • Malware & Types of Attacks

    Governance

    • Governance Objectives
    • Governance for Cybersecurity
    • Effective Cybersecurity Programme Governance
    • Cybersecurity Governance: Meaningful Vs Meaningless
    • Cybersecurity Governance Pillars
    • Cybersecurity Organizational Structure

    Risk Management

    • Cybersecurity Risk oversight of the Board
    • Cybersecurity Risk management Principles
    • Cybersecurity Risk Policies & Procedures
    • Cybersecurity Risk Strategic Performance Management
    • Cybersecurity Standards & Frameworks
    • Cybersecurity Risks: Identify, Analyze and Evaluate
    • How to treat Cybersecurity Risk
    • Using Process Capabilities to Treat Cybersecurity Risks
    • Using Insurance and Finance to Treat Cybersecurity Risks

    Physical IT-Related Asset management

    • Build, Buy or Update: Embedding Cybersecurity Requirements and Establishing Best Practices
    • Governance & Planning
    • Development & Implementation
    • End of Useful Life and Disposal
    • Specific Considerations
      • Commercial Off-the-Shelf Applications
      • Cloud/SaaS Applications
    • Physical Security
      • Commit To a Plan
      • Physical Security Risk Landscape View and the Impact on Cybersecurity
      • Manage/Review the Cybersecurity Organization
      • Design/Review Integrated Security Measures
    • Data Center Scenario Reworked
      • Understanding Objectives for Security Measures
      • Understanding Controls for the Data Center Scenario
    • Calculate/Review Exposure to Adversarial Attacks
      • Simulating the Path of an Adversary
      • Calculate the Probability of Interrupting & Disrupting the Adversary
    • Optimize Return on Security Investment

    Vulnerability Identification and Management: Treating Cybersecurity Risks

    • Introduction
    • Identity & Access Management
    • Policy
    • Establish Identities
    • Create Identities
    • User ID Revocation
    • Enterprise IT Governance
    • Reduced Security Costs
    • Penetration Testing

    Day 2

    Threat Identification & Handling Management: Identify, Analyze & Evaluate

    • The Risk Landscape
    • The People Factor
    • Assessing & Managing Risk: A structured Approach
    • Cybersecurity Culture
    • Regulatory Compliance
    • Maturity Compliance
    • Protection Prioritised

    Cybersecurity Incident and Crisis Management

    • Cybersecurity Incident Management Overview
    • Cybersecurity Incident Response Overview
    • Cybersecurity Incident Response Plan & Processes
    • Cybersecurity Incident Response Team (CSIRT)
    • Technical Response Capabilities Development
    • Build and Maintain Capabilities
    • Incident Timelines

    Integrating Cybersecurity & Business Continuity Management

    • What is Business Continuity
    • ISO 22301 Overview
    • BCM Lifecycle
    • Understand/Analyze the organization and Integrate with Cybersecurity
    • Determine BCM Strategy & Integrate with Cybersecurity
    • Developing and Implementing BCM Responses, Integrate with Cybersecurity
    • Exercising/Validating BCM and integrate with Cybersecurity
    • BCM Policy & Programme Management
    • Embedding BCM in the organizational culture

    Organizational Structure

    • Having the Right People
    • Establishing the Team
    • What are the Established Performance Standards?

    Human Factors and Culture

    • Technology Investment vs Investing in People
    • Business Email Compromise (BEC)
    • Organizations as Social Systems
    • Cybersecurity More Than a Technology Problem
    • Organizational Culture
    • Cybersecurity and Human Factors
    • Insider Threats
    • Social Engineering Threats
    • Cybersecurity Training & Awareness
    • Measures Against Business Email Compromise
    • Human Factors & Technology Trends
    • Metrics

    The Application Ecosystem

    Day 3

    Application Security

    • Application Security Terminology
    • Risk Calculation Models
    • Calculation of Application Security Risk
    • Application Security Best Practices

    Application Ecosystem Management: Cybersecurity Day-to-Day Operations

    • Controls Management
      • Security Controls
      • Asset Management
    • Change Management
      • The Importance of Managing Change
      • When should Changes be Made?
      • What are the Impact Changes bring?
      • The safeguard Effect of Internal Control in Change Management
      • Organizational Change Management
    • Access Control
      • Access Control & A New Perspective
      • Organizations requirements for Access Control
      • User Access Management
      • User Registration and Deregistration
      • Access Provisioning for Users
      • Privileged Access Rights Management
      • Users Secret Authentication Information Management
      • User Access Under Review
      • User Rights: Removal & Adjustments
      • Responsibility of Users
      • Application & System Access Control
      • Access Restriction to Information
      • Procedures for Secure-Logins
      • Password Management System
      • Privileged Utility Programs Usage
      • Program Source Code & Controlled Access
    • External Context & Supply Chain
      • Overview
      • Supply Chain Support Strategy
      • Planning How to Create Supply Relationships
      • How to Identify Competent External Suppliers
      • Relationship Management
    • Maintaining Situational Awareness
      • Overview
      • Situational Awareness Plan
      • Situational Awareness Process

    Cybersecurity Service Level Agreement

    • Overview
    • Purpose
    • Attributes
    • General Parts of SLA
    • SLA Service Performance
    • SLA Constraints & Service Management
    • SLAs Dos & Don’ts

    Examination

    IDCA Courses

    Save & Share Cart
    Your Shopping Cart will be saved and you'll be given a link. You, or anyone with the link, can use it to retrieve your Cart at any time.
    Back Save & Share Cart
    Your Shopping Cart will be saved with Product pictures and information, and Cart Totals. Then send it to yourself, or a friend, with a link to retrieve it at any time.
    Your cart email sent successfully :)