Who should attend
This master class is designed for business and IT professionals who operate at tactical or management level.
Positions held by participants include those of information technology professionals, (chief) information security officer, security manager, operational risk manager, risk analyst, security operations center (SOC) managers, line managers, (senior) IT auditor, IT consultant, enterprise/security architects, etc.
Participants are active in various types of organizations such as consulting and auditing firms, IT service providers, manufacturing, healthcare and governmental organizations.
About the course
In today’s fast evolving society, companies and organizations have become highly dependent on information-processing systems and, by extension, on waterproof security systems.
Living in the age of digital data means we have to embrace the interconnectedness that allows us to communicate and to collaborate in an infinite number of ways.
However, with an increasing international cyber threat, the need to defend and to protect the organization’s data assets is critically important. Given the fact that organizations these days are working more and more in a distributed landscape, security requirements and appropriate governance and management processes are required outside the IT silo and should be incorporated into the relevant business processes.
In order to meet present-day stringent cyber security requirements, the security and risk officer must be well aware of the organization’s mission and vision, have insight into its security architecture, stay ahead of continuously evolving -cyber- technologies and be capable of encouraging the conscious use of dealing with digital information within and outside the organization.
About the program
In this Master Class students will acquire an end-to-end view on the various topics of cyber security management and operations. The program approaches this domain from a tactical but also from an operational point of view.
- Learn how to develop, to design and to implement secure architectures across IT systems, networks and business applications;
- Learn how to deal with the threats from IoT, cloud, mobile, wireless and other digital technologies;
- Acquire insights on how to stay informed about new technology advancements in order to stay ahead of potential threats and to maintain the highest cyber security levels within your organization;
- Gain insights on how to equip yourself in case a security breach will happen to your organization.
After attending this program, participants have further developed their professional knowledge and experience in:
- Cyber & Business Information Security: gain insights into strategic topics such as regulations, trends, strategic objectives and develop those into security goals and objectives;
- Managing Cyber Risks & Threats: gain insights into the variety of cyber risks, threats, trends, actors, tooling and techniques;
- Cyber Security Architecture: acquire understanding of the key concepts of security architecture, incorporating best practice architectural frameworks and standards;
- Agile Secure Development: understanding the main principles, stages and techniques for agile secure lifecycle management;
- Cyber Security Processes & Structures: acquire understanding of security management system frameworks and associated objectives and controls;
- Cyber Incident Management: understand and practice the process of identifying, managing, reporting and analyzing security threats or incidents;
- Cyber Security Legal & Privacy regulations: understand the ethics and legal implications of ethical hacking;
- Develop and practice interpersonal communication, presentation and persuasion skills in order to establish commitment for your security & assurance plan, get it executed and embed it with all stakeholders.
This Master Class is structured around 6 chapters addressing the core elements of cyber security from an architecture and technology point of view. Covering tactical and operational aspects of the profession, it will support you in the successful implementation of tactical and operational cyber security and risk management practices into your organization.
In each chapter, models and concepts are explained and illustrated through cases and exercises. All in-class sessions will be highly interactive, with a lot of focus on sharing experiences and challenging ideas.
Cyber Security Management
Cyber & Business Information Security gaining insights into strategic topics such as regulations, trends, strategic objectives and develop those into security goals and objectives.
Key topics are:
- Understanding the strategic content and stakeholders;
- Formulating a risk & security strategy;
- Understand the key drivers for digital assurance (risk, security & compliance);
- Frameworks for digital governance, management and assurance.
- Managing Cyber Risks & Threats by gaining insights into the variety of cyber risks, threats, trends, actors, tooling and techniques.
- Identification of relevant cyber threats and taxonomy;
- Maturity assessment methods.
Cyber Security Architecture & Technologies
Security architecture understanding of the key concepts, best practice architectural frameworks, standards and protocols.
Key topics are:
- Zero Trust architecture technology;
- Identify main security architecture frameworks (SABSA, NIST, CSA, …);
- Orchestration and automation (SOAR);
- Continuous delivery (CI/CD) and automation;
- Internet of things and smart devices (OT & IoT)
- Agile Secure Development understanding the main principles, stages and techniques for agile secure lifecycle management.
- Key topics are:
- Agile Developments & manifests;
- Software security fundamentals and frameworks;
- Measures in the software security development lifecycle.
- Implementing & maintaining information security processes & structures in practice. Key topics are:
- Frameworks such as ISF, PCI, DSS, NIST,... and operational aspects
- Security operations processes (Maturity modelling).
Key topics are:
- Managing, supporting and reporting audit findings;
- Statements and certifications (SOC2, ISAE).
Cyber Incident Management
Understanding and practicing the process of identifying, managing, recording and analyzing security threats or incidents in real-time.
Key topics are:
- Security Operations Centers (SOC);
- MITRE Attack framework;
- Threat modelling and intelligence gathering;
- Security Orchestration, Automation & Response (SOAR);
- Machine Learning and Artificial Intelligence in Cyber.
Legal & Privacy
Understand the ethics and legal implications of ethical hacking.
Key topics are:
- Main regulations for cyber security and digital assurance;
- EU data privacy directives (GDPR);
- Cloud Directives;
- Privacy aspects in intelligence gathering;
- Artificial Intelligence ethics and regulations.
Soft Skills and Leadership
Develop the necessary soft skills in order to establish the plan, execute it and embed it with all stakeholders.
Key topics are:
- Stakeholder analysis;
- Interpersonal communication skills;
- Presentation & persuasion.
I am passionate about what I do. It is why I get out of bed every day. I bring +25 years of innovative knowledge and solutions to boards, audit committees and executives to manage IT risks, information security / data protection and to execute IT audits. My core competencies: expertise, exper...
Yuri Bobbert (1973) is professor Information System Sciences. And Chief Information Security Officer (CISO) at NN-Group. Prior to NN-Group he served as an interim CISO at UWV and ten years as a CEO of a security and risk consulting firm. In 2011 Bobbert became a visiting PhD researcher at Antwerp...
Because of COVID-19, many providers are cancelling or postponing in-person programs or providing online participation options.
We are happy to help you find a suitable online alternative.