WHO SHOULD ATTEND
Auditors or IT auditors who are seeking to gain knowledge about the main processes of auditing a cybersecurity program
LEARNING OUTCOMES
The course will help professionals to understand the critical aspects of governance, risk, security, control relating to cyber security and obtain the level of knowledge required to audit cyber security controls.
COURSE OUTLINE
Evolution of Cyberthreats and Controls, Phishing, Virus and Malware, Denial of Service Attack, Cyber Fraud, Zero day Attacks, Risks Associated with Internet, Servers/Desktop, WIFI, Cloud Security, Internet of Things (IoT) and some of the ready controls available.
Business Impact Assessment on Cyber attacks
To understand the impact and loss of Cyberattack to the different industries
Cybersecurity Law and Regulations
Understanding different Cybersecurity Law and other regulations
Cybersecurity Best Practices
Discussion on the different types of best practices/controls like ISO27001, Cloud, Cobit, MAS TRM, NIST standards etc.
Cyber Risk Assessment and Scoping
Performing a cyber risk assessment using the Cyber security best practices to scope and prepare the audit work programme.
Other Types of Cyber Developments
Understand the other types of developing cyber security controls like:
- threat intelligence/analytics,
- user behaviour analysis,
- secure code development,
- automated threat modeling & attack simulations,
- pattern of life technologies,
- content disarming and reconstruction and more.
Cyber Security Maturity Model
Understand how to measure the success of a cyber security programme
Other Security Considerations
Discussion on other security threats like technology risks, information security risk, insider risks and more.