Overview Next training

Duration 2 days
Time from 09h00 - 12h00 & 13h00 - 17h00
Next training date 15 october until 16 october 2024
Next training location Van der Valk Hotel Antwerp

Our teachers for the training: Security Leader: Security Architecture

Name

Date

Location

Register

Module 2 Security Architecture - presentation video

Our teacher, Sebastien Deleersnyder, explains what aspects this module covers!

This training is taught in English.

The Security Architecture module of the Security Leader training (part of our Certified CISO training program) is a bit more technical, diving into security architectures. We do not only touch on theoretical architecture models and how to manage them but also talk about IoT, OT/ICS and cloud security concepts. Business continuity and disaster recovery is also part of this course, as certain high availability set-ups have impact on how you put your architecture together.

Too technical, you think. Don’t worry. We’ll teach you just about enough to have a meaningful conversation with your (security) architect(s). As a CISO, it is important to realize the impact of specific security strategies on the overall IT setup. It is important to be able to speak the same language – that’s why this module is geared towards bridging the gap between business risks and the more technical side of things.

At the end of this course, you will know which architectural frameworks are mostly used, how security integrates with them, and how to manage these components. But it is not only about architecture.

You will also receive practical advice and pointers on:

  • Internet of Things security
  • OT/ICS security
  • Cloud security
  • Business Continuity / Disaster Recovery

As such, you will receive a solid basis on security architectural set-ups and practices regardless of the sector you’re in.

Why take this course?

By the end of this course, you’ll have a firm grasp on:

  • The meaning behind so-called “zero trust” architectures
  • The major enterprise architecture frameworks and how security fits in
  • The various cloud service models and the various security features associated with them
  • The “shared responsibility” model when using cloud services and possible pitfalls and areas of attention
  • OT/ICS security and how it differs from IT security
  • Internet of Things major risks and current initiatives to tackle the issues
  • Disaster Recovery and Business Continuity: What’s the difference, how do we create a BCP, and how do we apply high-availability principles in our architecture?

 

This course is also the second module in a unique program intended to lead to formal CISO certification. To check out other modules, download this file: CISO Brochure download.

Target group

Who is the Certified CISO programme’s  ‘Security Architecture’ module intended for? This module targets information and cybersecurity officers, managers, and other security professionals tasked with crafting a companywide information security upgrade strategy. As a CISO, it is important to know a bit of everything, including the more technical aspects of security, so you can assess the impact on IT and the company as a whole when putting together your strategy. This module zooms in on a variety of possible security architectures and approaches, not to transform you into a security architect but to introduce you to the concepts.

Learning goals

What you’ll learn in a nutshell:

  • What is a “zero-trust” architecture?
  • What are the major enterprise architecture frameworks?
  • How do we apply security principles in these architectural frameworks?
  • How do you manage architectural domains and building blocks in an architecture repository?
  • Introduction to the 3 basic cloud service models and the shared responsibility concept
  • Possible pitfalls and areas of attention when it comes to cloud security
  • Which best practice resources are available to help you with cloud service security
  • Comparison between security controls of your own data center, MS Azure, Amazon Web services, and Google Cloud
  • Internet of Things security risks
  • On-going initiatives and guidance to security IoT devices and their networks
  • What are OT and ICS, and why are they different from them when it comes to security?
  • Which standards and frameworks can help you secure OT/ICS environments?
  • The difference between disaster recovery and business continuity
  • How can a business continuity plan based on a BIA (Business Impact Assessment) be built?
  • Which standards and frameworks can guide you while building a BCP?
  • High availability considerations on various architectural levels

Learning approach

When it comes to establishing a Security Architecture, there are a variety of approaches. Multiple frameworks and concepts exist.

And it’s for that reason that this course has a two-fold objective. It aims to introduce you to the most important architectural frameworks available and to supply you with some practical insights required to apply them in cooperation with your (security) architect(s).

We’ve lined up highly skilled professionals in the trenches for years to accomplish this. They share practical advice and workarounds and teach you what you need to know. The course blends theoretical models and frameworks to give you an overview of what’s out there and practical exercises for applying what you’ve learned in real-life situations.

End product

At the end of the course, you will be awarded a certificate of completion. This module does not entail any exams or official certification.

Note: Have you got plans to pursue the entire ‘Certified CISO’ programme? In that case, you’ll need a certificate of completion for all modules, and they must have been obtained within the past two years. The first six modules must be completed to start the 7th and final module, the ‘Master Project’, where you will apply the content of the previous modules to a single integrated project. Once finished, and if you obtain a positive evaluation, you’ll be awarded the ‘Certified CISO’ certificate.

Your bonus training package includes the following:

  • Training material (printed and PDF format): handouts of the presentations with notes
  • A list of useful links with additional information on architecture standards and frameworks discussed during class
  • The exercises and their solutions (where applicable)

How to prepare yourself

This is a classroom-based, non-technical course. Bring something along (e.g., a laptop, notebook, tablet) to take additional notes.

Course prerequisites:

  • A basic understanding of IT
  • Some experience in a corporate environment as a manager could be beneficial, but is not essential.

Click here for more information about our teachers.

 

Day 1

09h00 - 17h00

1| What is Security Architecture?

  • 3 types of Security Architecture: Enterprise, Project, Security specific solutions

2| What is the role of a Security Architect in a CISO Office?

  • Governance role
  • Engineering role

3| How does Zero Trust relate to Security Architecture?

  • How does Zero Trust, as a set guiding principles, drive the outcome of the design

4| What are the most common enterprise architecture frameworks?

  • Overview most common ones and how these are applied in organizations

3| Where is the link with Security Control Frameworks?

  • Part of the Security Architect toolkit are Security Control Frameworks

5| How to apply security principles in these architectural frameworks?

6| How to manage architectural domains and building blocks in an architecture repository?

7| Introduction to the 3 basic cloud service models and the shared responsibility concept

8| Changing role/activities of the security architect in a Public Cloud context

9| Possible pitfalls and areas of attention when it comes to cloud security

10|  Which best practice resources are available to help you with cloud service security

 

Day 2

09h00 - 17h00

1| Internet of Things

  • What is meant with “Internet of Things” and why is security still an issue?
  • What are the major risks involved?
  • On-going initiatives and guidance to secure IoT devices and their networks:
    • EU’s Cybersecurity Strategy in the Digital Decade
    • ENISA IoT and Smart Infrastructures

2| OT/ICS Security

  • What do we mean with OT and ICS?
  • What are the fundamental differences between IT and OT Security?
  • Which standards and frameworks can help you secure OT environments?
    • ISA/IEC 62443
    • NIST’s Guide to Industrial Control Systems (ICS) Security
  • How do you bridge the gap between IT and OT Security as a CISO?

3| Disaster Recovery / Business Continuity

  • What is the difference between Disaster Recovery and Business Continuity
  • How to build a Business Continuity Plan?
  • What is a Business Impact Assessment (BIA)?
  • Which standards can help you with a BCM?
    • ISO22301:2019: Security and Resilience – Business Continuity management systems
    • ISO22313:2020: providing guidance on ISO22301
  • High availability considerations on various architectural levels

Price

€1.395

VAT exclusive

Certificate

"CISO Certificate of Completion"

Lunch, coffee, refreshments and course material included.

SME portfolio Flanders - higher subsidy for theme CYBERSECURITY: 45% for small and 35% for medium-sized enterprises.

Register now

Book a Call

Schedule 2024 & 2025

Name

Date

Location

Language

Register

Security Leader: Security Architecture

15 October until 16 October 2024

EN

Security Leader: Security Architecture

2 April until 3 April 2025

EN

Security Leader: Security Architecture

23 April until 25 April 2025

FR

Security Leader: Security Architecture

14 October until 15 October 2025

EN

We are recognized by:

  • Registration number KMO portefeuille: DV.O213013

    Our courses are accredited for the KMO-portefeuille. This means that, depending on whether you are a small or medium-sized enterprise, you can receive a 45% or 35% subsidy from the Flemish Government on the cost of registration.

  • Acknowledgement by Chèque-Formation

    The training voucher allows you to benefit from financial aid to train your workers in one of the approved training centres. Worth 30 euros, it corresponds to 1 hour of training per worker.

Stay informed via our newsletter

Stay connected with our latest news, offers and available training.

Newsletter
x

Stay informed via our newsletter

Stay connected with our latest news, offers and available training.

Newsletter
x

Enroll