Cyber Security Operations Manager®
Cyber Security Operations Manager®
5 Days, 3 Professional Certifications
This course targets Professionals who are engaged with operational aspects of live and running applications and the application ecosystems. From incident management planning to identity and access management, secure live applications, keeping out cyber attackers, to capacity planning, enhancement and upgrade management, risk mitigation and migration, HR roles and responsibilities, vendor and contract management of security service level agreements (SSLAs) are all covered and effectively outlined in the program. The CSOM® produces distinguished cybersecurity operational managers, architects, service providers and mentors and enables them to have leading roles in Cybersecurity Operations.
Upcoming CSOM® Events
Sorry no post found.
Course Description
This course targets Professionals who are engaged with operational aspects of live and running applications and the application ecosystems. From incident management planning to identity and access management, secure live applications, keeping out cyber attackers, to capacity planning, enhancement and upgrade management, risk mitigation and migration, HR roles and responsibilities, vendor and contract management of security service level agreements (SSLAs) are all covered and effectively outlined in the program. The CSOM® produces distinguished cybersecurity operational managers, architects, service providers and mentors and enables them to have leading roles in Cybersecurity Operations.
Who should take this course?
- Cyber Security Professionals including but not limited
- Security Analyst.
- Security Engineer.
- Security Architect.
- Security Administrator.
- Security Software Developer.
- Cryptographer.
- Cryptanalyst.
- Security Consultant.
- Application Developers
- Finance Professionals
- Data Center Designers/Engineers
- Data Center Planners
- Project Managers
- Legal & Compliance Professionals
- College Students & Graduates
- Business Continuity Experts
what you study
The COSM® course focuses on best practices to be applied, approaches and methodologies to enhance the long-run objectives as well as the daily cybersecurity operations.
Learning Outcomes
This course teaches how to streamline processes, increase efficiency and productivity whilst maintaining highly Cybersecure Application Ecosystem. The core concepts are based on demonstrated principles, which are optimized from lessons learned from Cybersecurity front-runners.
Prerequisites
- None.
Course Features
- CSIS®
- CSOS®
Day 1
Introduction
Cybersecurity Overview
The outset of Cybersecurity
Governance
Risk Integration
Legislative Requirement
Security Requirement
Internal Threats
External Threats
Physical Security Threats
Cybercrime: Leading Business Risk Globally
Major Cyber Breaches
Cybersecurity Complexity
Infinity Paradigm
Definition of Cybersecurity
Cybersecurity Principles
Cybersecurity Principles
The Layers
The Four Principles
Principle 1 & its key Activities
Principle 2 & its key Activities
Principle 3 & its key Activities
Principle 4 & its key Activities
Cybersecurity Dimensions: Attack & Defense
Cybersecurity Attack
Security Threat to Networks
Two types of Attacks
Stages of an Attack
Cybersecurity Defense
Layered Security & Configuration of Perimeter
Firewall
Intrusion Detection & Penetration System
Cybersecurity Risk & Consequences
Consequences of Attack
Maturity
Culture Shift
Appetite
Advice
Putting a Price on Risk
Day 2
Cybersecurity Trends
Understanding the threat landscape
Common Threat Agents and Vulnerabilities
Zero-Day Vulnerabilities
Attributes of Cyber Attack
Understanding the attributes of an Attack
Malware & Types of attack
Obfuscation and Mutations in Malware
Weaknesses of Existing Cybersecurity Standards
Available standards
Weaknesses of existing standards
Why IDCA is critical to filling the gaps
Network Access Control & Wireless Network Security
An Overview of Network Access Control (NAC)
NAC Policies
The Network Access Control/Network Access Protection (NAC/NAP) Client/Agent
The Enforcement Points
Enforcement Point Action
Authentication and Authorization
NIST & Cybersecurity
ISO 27001 For Information Security
Cybersecurity in Cloud
Types of Cloud Assets
Compute Assets
Storage Assets
Network Assets
Asset Management Pipeline
Procurement Leaks
Processing Leaks
Finding Leaks
Protecting data in the cloud
Tokenization
Encryption
Cybersecurity for IoT and Edge/or 5G Computing
IoT Security Challenges & Landscape
Why IoT Security devices are targeted
Edge Motivation
Edge Definition
Evolution of IT Computing Models
Advantages of Edge Computing
Edge Layered Stack
OWASP (Open Web Application Security Project) Top 10 Internet of Things
Examination
Day 1
Cybersecurity Overview
Cybersecurity Complexity
Malware & Types of Attacks
Governance
Governance Objectives
Governance for Cybersecurity
Effective Cybersecurity Programme Governance
Cybersecurity Governance: Meaningful Vs Meaningless
Cybersecurity Governance Pillars
Cybersecurity Organizational Structure
Risk Management
Cybersecurity Risk oversight of the Board
Cybersecurity Risk management Principles
Cybersecurity Risk Policies & Procedures
Cybersecurity Risk Strategic Performance Management
Cybersecurity Standards & Frameworks
Cybersecurity Risks: Identify, Analyze and Evaluate
How to treat Cybersecurity Risk
Using Process Capabilities to Treat Cybersecurity Risks
Using Insurance and Finance to Treat Cybersecurity Risks
Physical IT-Related Asset management
Build, Buy or Update: Embedding Cybersecurity Requirements and Establishing Best Practices
Governance & Planning
Development & Implementation
End of Useful Life and Disposal
Specific Considerations
Commercial Off-the-Shelf Applications
Cloud/SaaS Applications
Physical Security
Commit To a Plan
Physical Security Risk Landscape View and the Impact on Cybersecurity
Manage/Review the Cybersecurity Organization
Design/Review Integrated Security Measures
Data Center Scenario Reworked
Understanding Objectives for Security Measures
Understanding Controls for the Data Center Scenario
Calculate/Review Exposure to Adversarial Attacks
Simulating the Path of an Adversary
Calculate the Probability of Interrupting & Disrupting the Adversary
Optimize Return on Security Investment
Vulnerability Identification and Management: Treating Cybersecurity Risks
Introduction
Identity & Access Management
Policy
Establish Identities
Create Identities
User ID Revocation
Enterprise IT Governance
Reduced Security Costs
Penetration Testing
Day 2
Threat Identification & Handling Management: Identify, Analyze & Evaluate
The Risk Landscape
The People Factor
Assessing & Managing Risk: A structured Approach
Cybersecurity Culture
Regulatory Compliance
Maturity Compliance
Protection Prioritised
Cybersecurity Incident and Crisis Management
Cybersecurity Incident Management Overview
Cybersecurity Incident Response Overview
Cybersecurity Incident Response Plan & Processes
Cybersecurity Incident Response Team (CSIRT)
Technical Response Capabilities Development
Build and Maintain Capabilities
Incident Timelines
Integrating Cybersecurity & Business Continuity Management
What is Business Continuity
ISO 22301 Overview
BCM Lifecycle
Understand/Analyze the organization and Integrate with Cybersecurity
Determine BCM Strategy & Integrate with Cybersecurity
Developing and Implementing BCM Responses, Integrate with Cybersecurity
Exercising/Validating BCM and integrate with Cybersecurity
BCM Policy & Programme Management
Embedding BCM in the organizational culture
Organizational Structure
Having the Right People
Establishing the Team
What are the Established Performance Standards?
Human Factors and Culture
Technology Investment vs Investing in People
Business Email Compromise (BEC)
Organizations as Social Systems
Cybersecurity More Than a Technology Problem
Organizational Culture
Cybersecurity and Human Factors
Insider Threats
Social Engineering Threats
Cybersecurity Training & Awareness
Measures Against Business Email Compromise
Human Factors & Technology Trends
Metrics
The Application Ecosystem
Day 3
Application Security
Application Security Terminology
Risk Calculation Models
Calculation of Application Security Risk
Application Security Best Practices
Application Ecosystem Management: Cybersecurity Day-to-Day Operations
Controls Management
Security Controls
Asset Management
Change Management
The Importance of Managing Change
When should Changes be Made?
What are the Impact Changes bring?
The safeguard Effect of Internal Control in Change Management
Organizational Change Management
Access Control
Access Control & A New Perspective
Organizations requirements for Access Control
User Access Management
User Registration and Deregistration
Access Provisioning for Users
Privileged Access Rights Management
Users Secret Authentication Information Management
User Access Under Review
User Rights: Removal & Adjustments
Responsibility of Users
Application & System Access Control
Access Restriction to Information
Procedures for Secure-Logins
Password Management System
Privileged Utility Programs Usage
Program Source Code & Controlled Access
External Context & Supply Chain
Overview
Supply Chain Support Strategy
Planning How to Create Supply Relationships
How to Identify Competent External Suppliers
Relationship Management
Maintaining Situational Awareness
Overview
Situational Awareness Plan
Situational Awareness Process
Cybersecurity Service Level Agreement
Overview
Purpose
Attributes
General Parts of SLA
SLA Service Performance
SLA Constraints & Service Management
SLAs Dos & Don’ts