Overzicht Volgende training

Looptijd 2 dagen
Tijd van 09u00 - 12u00 & 13u00 - 17u00
Datum volgende training 14 november tem 15 november 2022
Locatie volgende training Van der Valk Hotel Brussels Airport

Onze docenten voor de opleiding: CISO: Security Architecture

Naam

Datum

Plaats

Inschrijven

Deze opleiding wordt in het Engels gegeven.

The second module of the Certified CISO training programme is a bit more technical, diving into the world of security architectures. We do not only touch on theoretical architecture models and how to manage them but also talk about IoT, OT/ICS and cloud security concepts. Business continuity and disaster recovery is also part of this course as certain high availability set-ups have impact on how you put your architecture together.

Too technical you think. Don’t worry. We’ll teach you just about enough to have a meaningful conversation with your (security) architect(s). As a CISO, it is important to realize the impact certain security strategies may have on the overall IT set-up. It is important to be able to speak the same language – that’s why this module is geared towards bridging the gap between business risks and the more technical side of things.

At the end of this course, you will know which architectural frameworks are mostly used, how security integrates with them, and how to manage these components. But it is not only about architectures.

You will also receive practical advice and pointers on:

  • Internet of Things security
  • OT/ICS security
  • Cloud security
  • Business Continuity / Disaster Recovery

As such, you will receive a solid basis on security architectural set-ups and practices regardless of the sector you’re in.

Why take this course?

By the end of this course, you’ll have a firm grasp on:

  • The meaning behind so-called “zero trust” architectures
  • The major enterprise architecture frameworks and how security fits in
  • The various cloud service models and the various security features associates with them
  • The “shared responsibility” model when using cloud services and possible pitfalls and areas of attention
  • OT/ICS security and how it differs from IT security
  • Internet of Things major risks and current initiatives to tackle the issues
  • Disaster Recovery and Business Continuity: what’s the difference, how to create a BCP and how to apply high-availability principles in our architecture?

 

This course is also the second module in a unique programme intended to lead to formal CISO certification. To check out other modules, download this file: Certified CISO Track – modules 1-7.

Target group

Who is the Certified CISO programme’s  ‘Security Architecture’ module intended for? This module targets information and cybersecurity officers, managers and other security professionals tasked with crafting a companywide information security upgrade strategy. As a CISO, it is important to know a bit of everything, including the more technical aspects of security, so you are able to assess the impact on IT and the company as a whole when putting together your strategy. This module zooms in on a variety of possible security architectures and approaches, not to transform you into a security architect, but to introduce you to the concepts.

Learning goals

What you’ll learn in a nutshell:

  • What is a “zero-trust” architecture?
  • What are the major enterprise architecture frameworks?
  • How to apply security principles in these architectural frameworks?
  • How to manage architectural domains and building blocks in an architecture repository?
  • Introduction to the 3 basic cloud service models and the shared responsibility concept
  • Possible pitfalls and areas of attention when it comes to cloud security
  • Which best practice resources are available to help you with cloud service security
  • Comparison between security controls of your own data centre, MS Azure, Amazon Web services and Google Cloud
  • Internet of Things security risks
  • On-going initiatives and guidance to security IoT devices and their networks
  • What is OT and ICS and why is it different form It when it comes to security?
  • Which standards and frameworks can help you security OT/ICS environments?
  • The difference between disaster recovery and business continuity
  • How to build a business continuity plan, based on a BIA (Business Impact Assessment)?
  • Which standards and frameworks can guide you while building a BCP?
  • High availability considerations on various architectural levels

Learning approach

When it comes to establishing a Security Architecture, there are a variety of approaches. Multiple frameworks and concepts exist.

And it’s for that reason that this course has a two-fold objective. It aims to introduce you to the most important architectural frameworks available and to supply you with some practical insights required to apply them in cooperation with your (security) architect(s).

To accomplish this, we’ve lined up highly skilled professionals who have been in the trenches for years. They share practical advice and workarounds and teach you the core of what you need to know. The course itself blends theoretical models and frameworks to give you an overview of what’s out there, combined with practical exercises for applying what you’ve learnt in real-life situations.

End product

You’ll be awarded a certificate of completion at the end of the course. This module does not entail any exams or official certification.

Note: Have you got plans to pursue the entire ‘Certified CISO’ programme? In that case, you’ll need a certificate of completion for all modules, and they must have been obtained within the past two years. The first six modules must be completed to start the 7th and final module, the ‘Master Project’, where you will apply the content of the previous modules to a single integrated project. Once finished, and if you obtain a positive evaluation, you’ll be awarded the ‘Certified CISO’ certificate.

Your bonus training package includes:

  • Training material (printed and PDF format): handouts of the presentations with notes
  • A list of useful links with additional information on architecture standards and frameworks discussed during class
  • The exercises and their solutions (where applicable)

How to prepare yourself

This is a classroom-based, non-technical course. Bring something along (e.g., a laptop, notebook, tablet) to take additional notes.

Course prerequisites:

  • A basic understanding of IT
  • Some experience in a corporate environment as a manager could be beneficial but is not essential.

Click here for more information about our teachers.

Day 1

09u00 - 17u00

1| Zero Trust

  • Where does “zero trust” come from?
  • What does a “zero trust” security architecture consist of?
  • What are the advantages of this set-up in today’s threat landscape?

2| Main Architecture Frameworks

  • An overview of the most important Enterprise Architectural frameworks:
    • SABSA
    • TOGAF
  • How to apply security in an architecture?
  • How to manage architectural domains and building blocks in an architecture repository?

3| Cloud Security

  • Introduction to the 3 basic cloud service models (IaaS, PaaS and SaaS)
  • What is the “shared responsibility model”?
  • Which aspects require special attention when considering a cloud service?
  • Which best practice resources are available to apply to cloud services
    • Cloud Security Alliance
    • ISO27017: Cloud security extension to ISO27002
  • Security controls comparison between own data centre, Microsoft Azure, Amazon Webservices and Google Cloud

Day 2

09u00 - 17u00

1| Internet of Things

  • What is meant with “Internet of Things” and why is security still an issue?
  • What are the major risks involved?
  • On-going initiatives and guidance to secure IoT devices and their networks:
    • EU’s Cybersecurity Strategy in the Digital Decade
    • ENISA IoT and Smart Infrastructures

2| OT/ICS Security

  • What do we mean with OT and ICS?
  • What are the fundamental differences between IT and OT Security?
  • Which standards and frameworks can help you secure OT environments?
    • ISA/IEC 62443
    • NIST’s Guide to Industrial Control Systems (ICS) Security
  • How do you bridge the gap between IT and OT Security as a CISO?

3| Disaster Recovery / Business Continuity

  • What is the difference between Disaster Recovery and Business Continuity
  • How to build a Business Continuity Plan?
  • What is a Business Impact Assessment (BIA)?
  • Which standards can help you with a BCM?
    • ISO22301:2019: Security and Resilience – Business Continuity management systems
    • ISO22313:2020: providing guidance on ISO22301
  • High availability considerations on various architectural levels

Prijs van de cursus

€1.195

Exclusief BTW

Certificaat

"CISO Certificate of Completion"

Inclusief lunch, koffie, versnaperingen, cursusmateriaal.

KMO-portefeuille - hogere tussenkomst voor CYBERSECURITY: 45% kleine en 35% middelgrote ondernemingen.

Registreer nu

Boek een gesprek

Planning 2022

Naam

Datum

Plaats

Inschrijven

CISO: Security Architecture

14 november tem 15 november 2022

Wij zijn erkend door:

  • Registration number KMO portefeuille: DV.O213013

    Our courses are accredited for the KMO-portefeuille. This means that, depending on whether you are a small or medium-sized enterprise, you can receive a 45% or 35% subsidy (for cybersecurity) from the Flemish Government on the cost of registration.

  • Acknowledgement by Chèque-Formation

    The training voucher allows you to benefit from financial aid to train your workers in one of the approved training centres. Worth 30 euros, it corresponds to 1 hour of training per worker.

x

Blijf op de hoogte via onze nieuwsbrief

Blijf in contact met ons laatste nieuws, aanbiedingen en beschikbare opleidingen.

Newsletter
x

Schrijf je in