Increasing reports of targeted hacker attacks. Data leakage in all directions. Viruses, worms, and other forms of computer crime. Heightened attention to corporate governance. Today’s organizations are under increasing pressure to ensure the effectiveness of their information security efforts while using virtualization and cloud computing and as a result, information security has become a priority business issue. Yet in spite of their far-reaching strategic business implications, security threats and vulnerabilities are still often misunderstood and underestimated by line and IT management. To further add to the confusion, this vital function is often viewed mostly as a technology issue.
In this information-packed, five-day seminar you will cover the essential areas you need to know to construct or audit a comprehensive information security framework. You will gain a business-oriented, architectural perspective that defines how to organize and oversee a risk-based enterprise information security program, blending best management practices with key physical and information technology safeguards. You will cover security policies, awareness, administration, models, mechanisms, and architectures; secure application design and assurance; backup, recovery, fault tolerance, and business continuity planning; user authentication; cryptography; network concepts and security; and much more.
And to ensure that you gain proper familiarity with industry best practices, legislation, and professional standards for information security, key references and yardsticks for the material you will learn include, but are not limited to, ISO-27001/27002, Common Body of Knowledge (CBK), Payment Card Industry Data Security Standard (PCI DSS), Common Criteria, Information Technology Infrastructure Library (ITIL), and a wide array of IT and security-related publications from the Internet Engineering Task Force (IETF), Institute of Electrical and Electronics Engineers (IEEE), Federal Financial Institutions Examination Council (FFIEC), US National Institute of Standards and Technology (NIST), Defense Information Systems Agency (DISA),US National Security Agency (NSA), and leading IT suppliers.
To reinforce what you learn in the course and to aid anyone preparing for prominent information security certification examinations, you will be provided with unit and course review exercises. Come prepared for five days of intensive learning and return to your office with the foundation of knowledge and know-how needed to guide your organization as it develops or revises its information security program.
Prerequisite: This course is geared to individuals with a general familiarity and working knowledge of information technology and other forms of information risk management and security, including those with four or more years of experience and training in IT Audit, Information Security, Quality Assurance, and/or Information Technology.
Advance Preparation: None Learning Level: Intermediate
Delivery Method:Group-Live Field: Specialized Knowledge and Application
Bonus: You will receive the Swiss Army Knife Reference Guide listing hundreds of valuable information security and audit resources, including free software security and audit tools, for you and your organization.