How do you combine you information security and IT operations practices to improve collaboration and reduce risks?
In this training you will learn how to practically setup and improve your organization security operations in your role as CISO. You will learn how to identify and manage your most important assets (including data).
One of the key components of a modern security architecture is Identity and Access management (IAM). Indeed, controlling users and their access to the right resource is a challenging activity. Learn all about modern cloud and non-cloud authentication techniques (including Oauth, OpenID,…), Identity Governance and Administration platforms, PKI, and privileged identity and access management,. In this context we will also explore the management of encryption and key management.
Besides users, also physical assets must be managed. How do you make sure only authorized hardware and applications are used? Laptops, tablets, smartphones, owned and managed by your organization. And what about BYOD, BYOK, CYOD, …? During this module you will learn how a CISO can manage assets such as devices and applications. How do you ensure assets are secure and still supported by the vendor? Do you have a good idea about which cloud based applications are used by the employees? We will teach you the related practical ins and outs.
A critical element of security operations is the management of your company network. This network is no longer the border of your infrastructure. Our trainers will teach you how to secure access to wired, wireless and cloud networks. We will also cover physical security components, such as badge readers, camera systems, burglary alarms, etc.
Running secure operations can be expensive. Certain aspects of these types of operations may be a candidate for outsourcing to lower cost, to avoid attracting a specialized workforce or to simplify the work. What are the most common security operations to outsource and which aspects deserve your attention? What kind of KPI’s and SLA’s should be put in place?
If your task is running and improving organization security operations as a CISO, then this training is for you!
Why take this course?
- Get control over your most important assets
- Better manager your organization identities and access
- Understand how to protect your organization devices
- Apply best practices to physical security
- Outsource your security operations without losing control
This course is also the fourth module in a unique programme intended to lead to formal CISO certification. To check out the modules from 2 to 7, download this file: Certified CISO – Security Governance and Compliance_modules
Who is the Certified CISO programme’s ‘Security Operations” module intended for? This module targets information and cybersecurity officers, managers and other security professionals tasked with running and improving your security operations. Those working in risk management and/or conducting security-related audits could also benefit from this course.
You will learn about your role as a CISO in:
- Creating and maintaining an asset inventory
- Governing your assets with classification and ownership
- Managing your organization identities and access
- Managing your organization devices
- Securing your networks (wired, wireless and cloud)
- Manage your organization application security
- Understanding physical security and its components
- Applying best practices to physical security
- Outsourcing security operations without losing control
Educational approach of this course
When it comes to establishing and running proper Security Operations, there are a variety of approaches. A one-size-fits-all formula doesn’t apply.
And it’s for that reason that this course has a two-fold objective. It aims to introduce you to the current best practices available and to supply you with the practical skills required to apply them correctly within your organization.
To accomplish this, we’ve lined up highly skilled professionals who have been in the trenches for years. They share practical advice and workarounds and teach you the core of what you need to know. The course itself blends theoretical models, frameworks, and standards to give you an overview of what’s out there, combined with practical exercises for applying what you’ve learnt in real-life situations.
1| Asset / Data Management
- What are assets?
- Create and maintain an asset inventory
- Asset classification
- Asset and data owners
2| Identity & Access Management
- What are identities?
- Modern authentication and authorization
- Setting up and maintaining IAM, CIAM, PAM
- IAM platforms and governance
- Encryption and Key management
3| Device Management
- What are devices?
- Device configuration, tuning, updates, and maintenance
- Mobile device management
- Devices on the edge, datacenter, and in the cloud
1| Network Management
- Wired, wireless, and cloud networking
- Network security and segmentation
- Network security operations
2| Application Management
- Application life cycle management and governance
- Application security
3| Physical Infrastructure Management
- Do we still need physical security in our digital life?
- Physical security components
- Physical access control
- Physical security best practices
4| Security Outsourcing
- Aligning security operations costs with your organization strategy
- Security operations outsourcing models
- Security operations SLAs
We are recognized by:
Registration number KMO portefeuille: DV.O213013
Our courses are accredited for the KMO-portefeuille. This means that, depending on whether you are a small or medium-sized enterprise, you can receive a 45% or 35% subsidy (for cybersecurity) from the Flemish Government on the cost of registration.
Acknowledgement by Chèque-Formation
The training voucher allows you to benefit from financial aid to train your workers in one of the approved training centres. Worth 30 euros, it corresponds to 1 hour of training per worker.