Cyber Security Operations Specialist®

csos-virtual

Cyber Security Operations Specialist®

3 Days, 2 Professional Certifications

This course is well suited to professionals with varied disciplines and positions. Application and Business Security stakeholders, such as cybersecurity architects, engineers, designers, planners, operators and managers as well as professionals project management, sales, finance and compliance, attend CSOS®. This course gives you a holistic view of the cyber security landscape, ongoing threats and the effective approach to keeping the entire enterprise safe and running beyond the network perimeter, third party risk, compliance to industry and regulatory requirements and having in place an effective incident response mechanism, to deal with the ever present cyber threats. The CSOS® provides a strong operational support to operationalizing the latest trends and best practices that support the Application Security and the security of the Application Ecosystem (AE)® and addressing the typical cybersecurity operation.

3 Days Classroom Session
2 Professional Certifications Available
Virtual Sessions Available
Private Organization Training Available
This is a popular course

Course Description

This course is well suited to professionals with varied disciplines and positions. Application and Business Security stakeholders, such as cybersecurity architects, engineers, designers, planners, operators and managers as well as professionals project management, sales, finance and compliance, attend CSOS®. This course gives you a holistic view of the cyber security landscape, ongoing threats and the effective approach to keeping the entire enterprise safe and running beyond the network perimeter, third party risk, compliance to industry and regulatory requirements and having in place an effective incident response mechanism, to deal with the ever present cyber threats. The CSOS® provides a strong operational support to operationalizing the latest trends and best practices that support the Application Security and the security of the Application Ecosystem (AE)® and addressing the typical cybersecurity operation.

Who should take this course?

Cyber Security Professionals including but not limited to, Security Analyst, Security Engineer, Security Architect, Security Administrator, Security Software Developer, Cryptographer, Cryptanalyst, Security Consultant and also Application Developers, Finance Professionals, Data Center Designers/Engineers, Data Center Planners, Project Managers, Legal & Compliance Professionals, College Students & Graduates and Business Continuity Experts.

what you study

You will learn how to focus on and actively protecting the organization from cybersecurity threats and managing the risk to support the successful accomplishment of the organization’s mission by having a depth of understanding of: Cybersecurity Governance, Risk Management, Physical IT-Related Asset management: Acquisition, Development & Maintenance, Vulnerability Identification and Management: Treating Cybersecurity Risks, Cybersecurity Incident and Crisis Management, Business Continuity Management, Organizational Structure, Human Factors and Culture, Cybersecurity Competencies and the CISO, Human Resources Cybersecurity, Application Security, Cybersecurity Considerations for the 7-Layers of the Application Ecosystem, Controls Management, Change Management, Application Ecosystem Management: Cybersecurity Day-to-Day Operations, Access Control, External Context & Supply Chain, Maintaining Situational Awareness: Monitoring & Reviewing Key Risk Indicators (KRI) and Security Service Level Agreements

Learning Outcomes

Learn systems approach to planning for cyber attacks, Learn how to situate Cybersecurity in tandem with the organization’s operational resilience policies and objectives, Learn how to maintain Cybersecurity infrastructure, Learn about the Application Ecosystem’s Cybersecurity and how to actively keep the Application secured, Understand cyber security policies and procedures, Learn effective cybersecurity operation, Learn day-to-day cyber security operational management, Cyber Security human resource management, Learn how to form and manage 3rd party dependencies, Learn how to manage cybersecurity assets, Learn how to understand Cybersecurity environments and the correct response, Learn about Cybersecurity Incident and how to respond to an incident

Prerequisites

  • Cyber Security Infrastructure Specialist®.

Recommendations

It is recommended for this course to be taken back-to-back with CSIS in a 5-day program. This will optimize learning and cost saving.

Course Features

  • Course Code CSOS
  • Sessions 3
  • Duraion 3 Days
  • Track Cyber Security Management
  • Language English
  • Public Yes
  • Virtual Availability Yes
  • Private Availability Yes
  • Certificate Yes
  • Assessment Yes
  • Day 1

    Cybersecurity Overview

    • Cybersecurity Complexity
    • Malware & Types of Attacks

    Governance

    • Governance Objectives
    • Governance for Cybersecurity
    • Effective Cybersecurity Programme Governance
    • Cybersecurity Governance: Meaningful Vs Meaningless
    • Cybersecurity Governance Pillars
    • Cybersecurity Organizational Structure

    Risk Management

    • Cybersecurity Risk oversight of the Board
    • Cybersecurity Risk management Principles
    • Cybersecurity Risk Policies & Procedures
    • Cybersecurity Risk Strategic Performance Management
    • Cybersecurity Standards & Frameworks
    • Cybersecurity Risks: Identify, Analyze and Evaluate
    • How to treat Cybersecurity Risk
    • Using Process Capabilities to Treat Cybersecurity Risks
    • Using Insurance and Finance to Treat Cybersecurity Risks

    Physical IT-Related Asset management

    • Build, Buy or Update: Embedding Cybersecurity Requirements and Establishing Best Practices
    • Governance & Panning
    • Development & Implementation
    • End of Useful Life and Disposal
    • Specific Considerations
      • Commercial Off-the-Shelf Applications
      • Cloud/SaaS Applications
    • Physical Security
      • Commit To a Plan
      • Physical Security Risk Landscape View and the Impact on Cybersecurity
      • Manage/Review the Cybersecurity Organization
      • Design/Review Integrated Security Measures
    • Data Center Scenario Reworked
      • Understanding Objectives for Security Measures
      • Understanding Controls for the Data Center Scenario
    • Calculate/Review Exposure to Adversarial Attacks
      • Simulating the Path of an Adversary
      • Calculate the Probability of Interrupting & Disrupting the Adversary
    • Optimize Return on Security Investment

    Vulnerability Identification and Management: Treating Cybersecurity Risks

    • Introduction
    • Identity & Access Management
    • Policy
    • Establish Identities
    • Create Identities
    • User ID Revocation
    • Enterprise IT Governance
    • Reduced Security Costs
    • Penetration Testing

    Day 2

    Threat Identification & Handling Management: Identify, Analyze & Evaluate

    • The Risk Landscape
    • The People Factor
    • Assessing & Managing Risk: A structured Approach
    • Cybersecurity Culture
    • Regulatory Compliance
    • Maturity Compliance
    • Protection Prioritised

    Cybersecurity Incident and Crisis Management

    • Cybersecurity Incident Management Overview
    • Cybersecurity Incident Response Overview
    • Cybersecurity Incident Response Plan & Processes
    • Cybersecurity Incident Response Team (CSIRT)
    • Technical Response Capabilities Development
    • Build and Maintain Capabilities
    • Incident Timelines

    Integrating Cybersecurity & Business Continuity Management

    • What is Business Continuity
    • ISO 22301 Overview
    • BCM Lifecycle
    • Understand/Analyze the organization and Integrate with Cybersecurity
    • Determine BCM Strategy & Integrate with Cybersecurity
    • Developing and Implementing BCM Responses, Integrate with Cybersecurity
    • Exercising/Validating BCM and integrate with Cybersecurity
    • BCM Policy & Programme Management
    • Embedding BCM in the organizational culture

    Organizational Structure

    • Having the Right People
    • Establishing the Team
    • What are the Established Performance Standards?

    Human Factors and Culture

    • Technology Investment vs Investing in People
    • Business Email Compromise (BEC)
    • Organizations as Social Systems
    • Cybersecurity More Than a Technology Problem
    • Organizational Culture
    • Cybersecurity and Human Factors
    • Insider Threats
    • Social Engineering Threats
    • Cybersecurity Training & Awareness
    • Measures Against Business Email Compromise
    • Human Factors & Technology Trends
    • Metrics

    The Application Ecosystem

    Day 3

    Application Security

    • Application Security Terminology
    • Risk Calculation Models
    • Calculation of Application Security Risk
    • Application Security Best Practices

    Application Ecosystem Management: Cybersecurity Day-to-Day Operations

    • Controls Management
      • Security Controls
      • Asset Management
    • Change Management
      • The Importance of Managing Change
      • When should Changes be Made?
      • What are the Impact Changes bring?
      • The safeguard Effect of Internal Control in Change Management
      • Organizational Change Management
    • Access Control
      • Access Control & A New Perspective
      • Organizations requirements for Access Control
      • User Access Management
      • User Registration and Deregistration
      • Access Provisioning for Users
      • Privileged Access Rights Management
      • Users Secret Authentication Information Management
      • User Access Under Review
      • User Rights: Removal & Adjustments
      • Responsibility of Users
      • Application & System Access Control
      • Access Restriction to Information
      • Procedures for Secure-Logins
      • Password Management System
      • Privileged Utility Programs Usage
      • Program Source Code & Controlled Access
    • External Context & Supply Chain
      • Overview
      • Supply Chain Support Strategy
      • Planning How to Create Supply Relationships
      • How to Identify Competent External Suppliers
      • Relationship Management
    • Maintaining Situational Awareness
      • Overview
      • Situational Awareness Plan
      • Situational Awareness Process

    Cybersecurity Service Level Agreement

    • Overview
    • Purpose
    • Attributes
    • General Parts of SLA
    • SLA Service Performance
    • SLA Constraints & Service Management
    • SLAs Dos & Don’ts

    Examination

    IDCA Courses

    Save & Share Cart
    Your Shopping Cart will be saved and you'll be given a link. You, or anyone with the link, can use it to retrieve your Cart at any time.
    Back Save & Share Cart
    Your Shopping Cart will be saved with Product pictures and information, and Cart Totals. Then send it to yourself, or a friend, with a link to retrieve it at any time.
    Your cart email sent successfully :)