The Core Fundamentals of Cybersecurity

Course Title	: The Core Fundamentals of Cybersecurity
Course Duration	: 2 Day Online Intructor Led Workshop : Online workshop is delivered in two days, two units each day between 10:30 am to 1 pm and 3 pm to 5:30 pm
Course Fee	: Available upon request (Write to us at info@tlcpak.com)
Course Location	: TLC (Karachi), Customer Onsite, and Online
Course Code	: TN225
Deliverables	: Comprehensive Student Guide and Workshop Certificate

Customer onsite workshop can also be conducted for customers in Lahore, and Islamabad

PURPOSE:
In the era of digital transformation, the importance for having substantial knowledge on cybersecurity is becoming essential skills to acquire for every technology professional today. The reason behind is the protection of information which is considered as one of the critical function for all enterprises. Cybersecurity is a growing and rapidly changing field and it is vital that the principal concepts that frame and define this increasingly pervasive field are clearly understood by technology professionals who are involved and concerned with the security implications of information Technologies. This workshop is designed for this purpose, as well as to provide the insight into the importance of cybersecurity, and the integral role of cybersecurity professionals.

The training course flow will be a mix of lectures & classroom discussions so that participants can have a detailed understanding of various components of cybersecurity technologies.

What is cybersecurity all about?
A successful cybersecurity approach has multiple layers of protection spread across the computers, networks, programs, or data that one intends to keep safe. In an organization, the people, processes, and technology must all complement one another to create an effective defense from cyber attacks.

Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks. Thesecyberattacksare usually aimed at accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal business processes. Implementing effective cybersecurity measures is particularly challenging today because there are more devices than people, and attackers are becoming more innovative.

After completing this workshop, you will be able to:

Understand basic cybersecurity concepts and definitions.
Define Network security architecture concepts.
Recognize malware analysis concepts and methodology.
Explain network systems management principles, models, methods and tools.
Distinguish system and application security threads and vulnerabilities.
Classify types of incidents (categories, responses and timelines of response).
Outline disaster recovery and business recovery and business continuity planning.
Comprehend incident response and handling methodologies.
Understand security event correction tools and how different file types can be used for analytical behavior.
Be aware of the basic concepts, practices, tools, tactics, techniques and procedure for processing digital forensic data.

ABOUT THE INSTRUCTOR
This workshop shall be delivered by TOGAF 9 Certified/IBM Certfied Infrastructure System Architect and an experienced trainer with 25+ years of career experience imparting education and training services both locally and internationally and have worked for international enterprise technology vendors including IBM, Fujitsu, and ICL. Our instructor holds various industry professional certifications in the space of enterprise servers and storage technologies, Information Security, Enterprise Architecture, ITIL, Cloud, Virtualization, Green IT, and a co-author of 10 IBM Redbooks.

AUDIENCE:
This workshop is intended for resources who/from:

Different LOB's including business, application, audit, risk, compliance, information security, IT operations, project management, and legal professionals with a familiarity of basic IT/IS concepts who want to;
Want to learn new basic trends in cybersecurity.
New to cybersecurity.
Interested in entering the field of Cybersecurity.
Students and fresh graduates.
Managers and Senior IT and Business Leaders who want to refresh thier present knowledge.

A FLEXIBLE PRICING MODEL FOR CORPORATE:
This workshop can also be delivered for an organization at their premises with 40% reduction is the cost subject to 10 -15 corporate users taking this session from different LOB’s.

Workshop Summary
In a nut shell, this workshop shall increase their focus on cybersecurity to protect sensitive data and systems. No organization, regardless of size or industry, is immune to cyberattacks, and just one breach could cause significant financial, reputational or regulatory consequences. However, an effective control environment can reduce the likelihood of a breach, enhance incident detection and response, and accelerate recovery efforts to limit damage.

Moreover, two criteria can help determine the effectiveness of a data security methodology. First, the cost of implementing the system should be a small fraction of the value of the protected data. Second, it should cost a potential hacker more, in terms of money and/or time, to compromise the system than the protected data is worth.

PREREQUISITES:
Participants attending this workshop should be familiar with basic Information Technology (IT) and Security concepts, business challenges and the role of general system wide infrastructure technologies and their applications.

COURSE OUTLINE

Unit 1 – Introduction to Cybersecurity

Exponential Data Growth –Some key facts and figures.

The Evolution of Data increases storage security threats.

A world without cybersecurity.

Most Frequently Targeted Industries in 2018.

Top Security Concerns for the Executive Management.

Security Vs. Safety in a view.

How to avoid Social Engineering & Malicious Software.

Hacker tricks to avoid – Recommendations.

What is Cybersecurity? and Cyberspace defined.

Differences between Information Security and Cybersecurity.

Multiple layers of protection offered by Cybersecurity.

Why is Cybersecurity important?

Why you need to make cybersecurity a priority.

Types of cybersecurity threats and Malware Detection.

Why is Cyber Resilience needed.

Top 11 ways poor Cybersecurity can harm you.

Cyber Security Awareness –The 6 Layers.

Blueprint for Cybersecurity Success.

What are the objectives of Cyber Security?

Suggestions for building stronger Cybersecurity defense.

Adoption of Cybersecurity best practices.

Unit 2 – Information Security Lifecycle Management

Why Data Protection is important?

The 8 Principles of Cybersecurity Laws.

Life Cycle Management defined.

What is Information Security.

The Information Security Management Lifecycle.

IT Security Lifecycle Model.

Keep your Security policy simple.

Information Security and Dependability.

Generalized Security Framework.

Traditional Approach to Security.

Enterprise Security in a View.

Security Architecture.

Consequences for not following security management lifecycle.

Risks that turn your IT landscape into a hacker’s gold mine.

Unit 3 – Managing Risks, Threats and Vulnerabilities

Understand Fault Tolerance and Fault Resilience.

Examining the Cost of Data Breach.

To address security threats, leaders must avoid following common myths.

Understand Incidents, Breaches, Risk & Vulnerability.

Threats, Motives and Methods.

Threats and security challenges faced today.

Understand Threat management.

Different threat levels and risks.

Knowing security threats and their channels.

Understanding Security Elements –The larger picture.

Risk Management: Know your risks.

The role of Risk Management.

Defense Planning – Risk Analysis and Assessments.

Risk Management Approach, key objectives and benefits.

A small backdrop on ISO 27001.

12 main sections of ISO 27002.

Issues that needs attention from storage security POV.

Hardening of the platform as a part of common practice.

Storage Security Management –ISO/IEC 27040 Overview.

ISO/IEC 27040:2015 addresses storage risks & vulnerabilities.

Qualitative Risk Assessment –Simple and Detailed Risk Assessment.

Security risks and solutions in the digital transformation age.

Possible vulnerabilities that one cannot ignore.

Types of Comprehensive Vulnerability Assessments.

Understand nine layers of IT Infrastructure foundation from overall security perspective.

Outside Threat Protection –The bigger picture.

Cyber incident recovery tools.

A Layered Cyber Defense Approach.

Top 10 recommendations for closing the security gap.

Top 5 Security Challenges for customers opting Cloud services.

Unit 4 –Incident Response

Understanding Incident Response.

The Role of Computer Security Incident Response Team –CSIRT.

The importance of Incident Response Plan.

Seven key phases of an Incident Response Plan.

Computer Forensics (Cyber Forensics).

Cyber Incident Management Framework.

Incident Management and Categorization.

The role of Service Desk in Incident Management.

Challenges associated with Incident Categorization.

Why Incident Categorization cause so much difficulty?

Incident categories and subcategories.

Categorizing incidents.

Incident Response Planning.

Severity of Incident.

Timeline from Security incident to Business Continuity.

Critical Incident Recovery Plan.

Cyber Attack Quick Response.

Zero-day and your Security Strategy.

Mitigating the effects of a Zero-day attack.

Following are the customers who have attended this workshop.

Group Photographs of students attended our The Core Fundamentals of Cybersecurity Workshops

Emirates NBD, Lotte Chemicals Pakistan, TPL Corporation Ltd, and UBL
has attended a one day workshop on "The Core Fundamentals of
Cybersecurity" on May 2, 2019.

TEXITECH has attended a one day workshop on "The Core Fundamentals
of Cybersecurity" on September 28, 2019. This workshop was conducted at
client onsite as a part of our customer onsite education & services program.