Compare courses
Register
ICTD International Centre for Training and Development

ISRM: Information Security Risk Management

Sep 29—Oct 3, 2019
5 days
Dubai, United Arab Emirates
USD 3300
USD 660 per day

How it works

Disclaimer

Coursalytics is an independent platform to find, compare, and book executive courses. Coursalytics is not endorsed by, sponsored by, or otherwise affiliated with ICTD International Centre for Training and Development.

Full disclaimer.

Description

The last decade’s rapid acceleration of network technology and the unparalleled growth of the Internet have led to increased risks to information and systems. Continuous advancements in technology and the relative ease with which people are able to access, manipulate, and store information has further compounded such risks, especially with organizations and society heavily dependent on information and systems for survival.

This course explores the world of technology and information security from a risk management perspective. Through an understanding of history and the examination of trends in today’s technology landscape, the course investigates the sources of risk and its business implications.

Course Objectives

By the end of this course, students should be able to:

  • Defend the need for security risk-based management based on an understanding of opportunity costs, within the confines of regulation and client expectations.
  • Identify and develop awareness of risk sources involving people, processes, information, and technology.
  • Defend enterprises through an understanding of the anatomy of attacks and the building of sustainable defense-in-depth (DiD) strategies to mitigate current and emerging attacks.
  • Review and develop an on-going and sustained approach to security risk-management throughout the enterprise.

Course Outline

Overview of Risk Management, Security, and Governance:

  • Overview of risk management and its life cycle
  • Business implications of security management, including risk and opportunity management (costs and benefits)
  • Understanding and reviewing risk management frameworks, standards, and practices

Overview of Risk Management, Security, and Governance:

  • Essentials of risk governance and legislation
  • Roles and responsibilities for security risk management
  • Articulating clear goals for enterprise risk management

Identifying Sources of Risk:

  • Understanding residual risks as well as threats, vulnerabilities, and organizational assets
  • Knowledge of different types of security threats and attacks
  • Physical versus logical security
  • Network, database, and application level security

Identifying Sources of Risk:

  • Understanding security risks in enterprise processes and employees
  • Emerging sources of risk: outsourcing, cloud, critical infrastructure, and cyber security
  • Technology projects, the SDLC and security risk planning

Dealing with Security Risks:

  • Anatomy of security threats and attack modeling
  • Security and the risk management life cycle
  • Quantitative vs. qualitative risk methodologies
  • Technical and non-technical risks management (Security policies, standards, guidelines, and governance)

Dealing with Security Risks:

  • Mitigation strategies and developing response plans (IRP, DRP, and BCP)
  • Technology projects, the SDLC, and security risk design and management
  • Developing Security-in-Depth

Ongoing Management of a secure enterprise:

  • Review of your risk and security management program
  • Review of security policies, standards, guidelines, and procedures
  • Review of security and enterprise governance frameworks

Ongoing Management of a secure enterprise:

  • Documentation of lessons learned
  • Security awareness, training, and education

Course Methodology

A variety of methodologies will be used during the course that includes:

  • (30%) Based on Case Studies
  • (30%) Techniques
  • (30%) Role Play
  • (10%) Concepts
  • Pre-test and Post-test
  • Variety of Learning Methods
  • Lectures
  • Case Studies and Self Questionaires
  • Group Work
  • Discussion
  • Presentation

Who should attend

  • IT Director/IT Manager
  • Information security Core Team or anyone with responsibility for, or with an interest in.

Files

Detailed Description
Detailed Description

Next dates

Sep 29—Oct 3, 2019
5 days
Dubai, United Arab Emirates
USD 3300
USD 660 per day

How it works

Show more