932 Cyber Security courses in Whetstone delivered Online

Information on the risks and practical advice to address them TSC's eBooks, whitepapers, and reports cover some of the most important risks in information and cyber security — risks that constantly challenge information and cyber security professionals who work tirelessly to reduce them across their organisations and home users alike.

Information on the risks and practical advice to address them TSC's eBooks, whitepapers, and reports cover some of the most important risks in information and cyber security — risks that constantly challenge information and cyber security professionals who work tirelessly to reduce them across their organisations and home users alike.

The “ISO 22301:2019 Lead Implementer ” course provides comprehensive training in the ISO 22301:2019 standard and all its requirements from the Implementer ’s point of view, as well as basic skills necessary to execute the requirements. It’s a practical-oriented training that should be considered “a must” for every ISO 22301:2019 Implementer. This intensive course is specifically designed to participants to serve as ISO 22301:2019 Lead Implementers.

Information on the risks and practical advice to address them TSC's eBooks, whitepapers, and reports cover some of the most important risks in information and cyber security — risks that constantly challenge information and cyber security professionals who work tirelessly to reduce them across their organisations and home users alike.

Information on the risks and practical advice to address them TSC's eBooks, whitepapers, and reports cover some of the most important risks in information and cyber security — risks that constantly challenge information and cyber security professionals who work tirelessly to reduce them across their organisations and home users alike.

Information on the risks and practical advice to address them TSC's eBooks, whitepapers, and reports cover some of the most important risks in information and cyber security — risks that constantly challenge information and cyber security professionals who work tirelessly to reduce them across their organisations and home users alike.

Gain the solid skills and knowledge to kickstart a successful career and learn from the experts with this

Duration 4 Days 24 CPD hours This course is intended for This course assumes the student has successfully taken and passed the NCSF Foundation 2.0 course based on the NIST Cybersecurity Framework version 1.1, release April 2018. Following the course introduction, the course provides an introduction to the intersection between digital transformation and cybersecurity, which is followed by an overview of the threat landscape. Following an approach to the implementation of cybersecurity controls, the course delves into an organizational approach to cybersecurity that starts governance, management, and a supportive culture,Finally, the course provides additional guidance for the cybersecurity practitioner to determine the current state, the desired state, and a plan to close the gap - and to do this over and over again to inculcate it into organizational DNA. Overview This course looks at the impact of digital transformation on cybersecurity risks, an understanding of the threat landscape, and an approach to the application of cybersecurity controls. It provides guidance for students on the best approach to design and build a comprehensive cybersecurity program. Executives are keenly aware of the risks but have limited knowledge on the best way to mitigate these risks. This course also enables our executives to answer the critical question - Are we secure? The class includes lectures, informative supplemental reference materials, quizzes, exercises, and formal examination. The exercises are a critical aspect of the course; do not skip them. Outcomes and benefits from this class is a practical approach that students can use to build and maintain comprehensive cybersecurity and cyber-risk management programs. This course is targeted at IT and Cybersecurity professionals looking to become certified on how to operationalize the NIST Cybersecurity Framework (NCSP) across an enterprise and its supply chain. Digital Transformation Explores what the Practitioner needs to know about the relationship between digital transformation and cybersecurity Explain how to determine the impact of cybersecurity on DX. Explain the relationships between culture and digital transformation from the perspective of a practitioner. Explain the delivery of value to stakeholders in a DX & cybersecurity environment. Illustrate the interdependent relationship between cybersecurity and DX. Threat Landscape The Practitioner needs to understand what threat actors do and their capabilities. Compare the evolving attack type impact to the threat environment. Apply knowledge about the threat landscape to maintain a readiness to respond. Develop a risk profile based on business impact analysis Establish the relationship between awareness and training in the continual improvement of cybersecurity posture. Develop and treat training & awareness as a critical aspect of deterrence Use knowledge about the threat landscape as a predicate to the adoption and adaptation of your cybersecurity posture. The Controls This chapter provides a sample set of controls based on an informative reference. Understand the purpose goals & objectives for each control. Characterize & explain the informative reference controls Discover how to apply the controls in an organizational context. Adopt & Adapt Adopt is a decision about governance; adapt is the set of management decisions that result from the decision to adopt. Distinguish Adopt, Adapt, Management & Governance. Develop an approach to adoption & adaptation. Distinguish & demonstrate the impact of organizational culture on developing cybersecurity as a capability. Develop an assessment approach to define current state. Adaptive Way of Working Threat actors are agile and highly adaptive. The cybersecurity Practitioner must develop the same capabilities Break down what constitutes an adaptive approach. Characterize & apply the need for crossfunctional teams. Recognize and prioritize the first steps (get started). Demonstrate & establish cybersecurity phases. Break down the impact of the flows. Rapid Adoption & Rapid Adaptation FastTrack FastTrack? is an approach to allow organizations to learn to adapt to an evolving threat landscape rapidly. Approach: Establish what it takes to adopt CS. Determine how that impacts management adaptation of CS. Determine how that impacts the capability to assess. CS Capability: Determine the gap between existing & needed capabilities. Establish what must be developed. Develop appropriate risk management profile. Discover how cybersecurity impacts people, practice & technology impacts organization. Differentiate CIS Implementation groups. Determine appropriate implementation group & approach. Develop appropriate phase approaches. CIIS Practice Cybersecurity is an ongoing game of cat and mouse. Organizations must learn how to inculcate cybersecurity improvement into their DNA. Break down & develop mechanisms for ongoing cybersecurity improvement that includes developing a learning organization. Illustrate an improvement plan based on the NIST 7-Step Approach. Illustrate an improvement plan based on the Improvement GPS Demonstrate understanding of Cybersecurity Maturity Model Certification Break down the balancing loop & how it fits into the escalation archetype Use the Fast Track? (improvement & implementation) cycles.

Duration 1 Days 6 CPD hours Overview The purpose of this document is to provide the learning outcomes for the course and the assessment criteria. It also provides an overview of the examination design in terms of the types of questions asked.Starting with Chapter 2, Digital Transformation, the BL 1 & 2 (for Bloom's Taxonomy 1 & 2) provides the number of questions that will appear on the exam. This course is targeted at IT and Cybersecurity professionals looking to become certified on how to operationalize the NIST Cybersecurity Framework (NCSP) across an enterprise and its supply chain. Digital Transformation Explain what it means to ?become digital.? Discuss the difference between industrial and digital era enterprises. Explain how cybersecurity supports an organization?s digital transformation. Understanding cyber Risks Explain the cyber risk equation. Identify and explain each component of the cyber risk equation. Describe the basics of a risk assessment. NIST Cybersecurity Framework Fundamentals9 Explain the genesis of the NIST-CSF. List and describe the components of the NIST-CSF. Describe each of the NIST-CSF?s objectives. Core Functions, Categories & Subcategories Understand and explain the a.Core Functions b.Framework Categories c.Informative References. Implementation Tiers & Profiles Understand and explain Implementation Tier terms and their use. Understand and explain each Implementation Tier. Understand and describe the three risk categories Understand and explain Profiles and their use a.Current b.Target Understand and describe the use of Profiles when a.Determining gaps b.Identify & prioritize focus areas Cybersecurity Improvement Understand and explain how an organization can approach the adoption and adaptation of the NIST-CSF Understand and describe how to implement cybersecurity controls using an incremental improvement approach. Understand and describe CIIS as a practice within an organization.

Duration 3 Days 18 CPD hours This course is intended for This course is ideal for Professionals preparing to become CRISC certified. Risk practitioners Students or recent graduates Overview At course completions, students will understand the essential concepts in the 4 ISACA CRISC domains: Governance IT Risk Assessment Risk Response and Reporting Information Technology and Security This 3 Day CRISC course is geared towards preparing students to pass the ISACA Certified in Risk and Information Systems Control examination. The course covers all four of the CRISC domains, and each section corresponds directly to the CRISC job practice. CRISC validates your experience in building a well-defined, agile risk-management program, based on best practices to identify, analyze, evaluate, assess, prioritize and respond to risks. This enhances benefits realization and delivers optimal value to stakeholders. GOVERNANCE - a. Organizational Governance Organizational Strategy, Goals, and Objectives Organizational Structure, Roles, and Responsibilities Organizational Culture Policies and Standards Business Processes Organizational Assets GOVERNANCE - b. Risk Governance Enterprise Risk Management and Risk Management Framework Three Lines of Defense Risk Profile Risk Appetite and Risk Tolerance Legal, Regulatory, and Contractual Requirements Professional Ethics of Risk Management IT RISK ASSESSMENT - a. IT Risk Identification Risk Events (e.g., contributing conditions, loss result) Threat Modelling and Threat Landscape Vulnerability and Control Deficiency Analysis (e.g., root cause analysis) Risk Scenario Development IT RISK ASSESSMENT - b. IT Risk Analysis and Evaluation Risk Assessment Concepts, Standards, and Frameworks Risk Register Risk Analysis Methodologies Business Impact Analysis Inherent and Residual Risk RISK RESPONSE AND REPORTING - a. Risk Response Risk Treatment / Risk Response Options Risk and Control Ownership Third-Party Risk Management Issue, Finding, and Exception Management Management of Emerging Risk RISK RESPONSE AND REPORTING - b. Control Design and Implementation Control Types, Standards, and Frameworks Control Design, Selection, and Analysis Control Implementation Control Testing and Effectiveness Evaluation RISK RESPONSE AND REPORTING - c. Risk Monitoring and Reporting Risk Treatment Plans Data Collection, Aggregation, Analysis, and Validation Risk and Control Monitoring Techniques Risk and Control Reporting Techniques (heatmap, scorecards, dashboards) Key Performance Indicators Key Risk Indicators (KRIs) Key Control Indicators (KCIs) INFORMATION TECHNOLOGY AND SECURITY - a. Information Technology Principles Enterprise Architecture IT Operations Management (e.g., change management, IT assets, problems, incidents) Project Management Disaster Recovery Management (DRM) Data Lifecycle Management System Development Life Cycle (SDLC) Emerging Technologies INFORMATION TECHNOLOGY AND SECURITY - b. Information Security Principles Information Security Concepts, Frameworks, and Standards Information Security Awareness Training Business Continuity Management Data Privacy and Data Protection Principles