Skip to Main Content
USA
Select regional store:
Learn for less: Save 25% on high-quality instructor-led and self-paced foundation training | Find out more

We're sorry but that page cannot be found

Please use the links above to find what you were looking for.

You may not have been able to visit your page because of:

   1. An out-of-date bookmark/favourite
   2. A search engine that has an out-of-date listing
   3. A mistyped address
   4. You have no access to this page
   5. The requested resource was not found.
   6. An error has occurred while processing your request.

Are you looking for:

Certified Cybersecurity Foundation Training Course
Description

Training course outline

This fully accredited, one-day training course provides a comprehensive introduction to current cybersecurity threats and the measures required to mitigate the risks associated with cyber attacks. It also prepares you to pass the included IBITGQ Certified Cybersecurity Foundation (C CS F) exam on the first attempt.

The course content is aligned with CyBOK v1.1. Approved by the NCSC, CyBOK defines and codifies the foundational knowledge required for a cybersecurity professional.

This Foundation-level training focuses on building the introductory knowledge associated with the CyBOK categories:

  • Human, Organizational and Regulatory Aspects
  • Attacks and Defenses
  • Systems Security
  • Software and Platform Security
  • Infrastructure Security

It also prepares candidates to pass the CIISec ICSF (Information & Cyber Security Foundation) qualification. Please see CIISec ICSF for further information on registering for the exam.

The course covers the following topics:

  • Understanding cybersecurity fundamentals
  • Information security and governance
  • Threat, vulnerability, risk assessment and management
  • Understanding security controls
  • Information security frameworks
  • The security lifecycle
  • The need for operational compliance

Certified Cybersecurity Foundation course benefits

 Designed by experts

We’re acknowledged leaders in cybersecurity and information security with years of hands-on experience.

 Delivered by professionals

Taught by a cybersecurity consultant with extensive management and technical experience of helping organizations of all sizes deliver effective cybersecurity programs.

  Hands-on-study

Learn about cybersecurity through group work, exercises, and case studies.

  Learn from anywhere

Learn from anywhere with our instructor-led Live Online or self-paced options that allow you to study in your choice of location and keep travel and costs to a minimum.


Who should attend this course?

This cybersecurity course is particularly suitable for people starting, or wanting to start, a career in cybersecurity. It will also benefit operational staff, business directors, and managers who wish to improve their understanding of cybersecurity and its impact on their organization.


Your learning path

Find out how the Certified Cybersecurity Foundation Training Course will help you develop your career.

Completion of this course is mandatory for taking the next step on your training journey: the Certified Cybersecurity Practitioner Training Course.

This course is an essential component of the following learning paths:

ISO 27001 learning path

Why choose IT Governance USA for your training needs?

  • Pass first time or train again for free: We have trained more than 28,000 people and we’re confident you’ll pass with us first time. If you don’t, we’ll train you again for free.*
  • Access your training anywhere: All course materials are available digitally and will be made available 20 days before your course.
  • Training solutions tailored to your organization: We provide training solutions for multinationals and small businesses.

* T&Cs apply

Course details

What does this course cover?

Module 1 – Understanding cybersecurity fundamentals

  • The impacts of cyber incidents and events on an organization
  • Identify the current threat landscape
  • The CIA triad
  • The roles of people, processes, and controls in cybersecurity

Module 2 – Information security and governance

  • Explain information governance
  • The role of organizational governance and its link to security
  • Introducing the ISO 27014 standard
  • Define a security steering committee
  • Who is responsible for cybersecurity

Module 3 – Threat, vulnerability, risk assessment and management

  • Definitions of risk, vulnerability, threat, and assets
  • The purpose of a risk-based approach
  • Describe risk in terms of impact and likelihood
  • Consider risk and mitigation options
  • The current risk appetite of an organization
  • Review the use of heat maps

Module 4 – Understanding security controls

  • The four control categories: preventive, deterrent, detective, and corrective
  • The four control types: physical, procedural, personal, and technical
  • Understand the concept of Cloud computing
  • Summarize Cloud computing responsibilities
  • Recall symmetric, asymmetric, and hybrid cryptography

Module 5 – Information security frameworks

  • The purpose of policies, standards, procedures, and guidelines
  • The need for security awareness
  • The relationship between legislation and cybersecurity, i.e. the GDPR, CMA
  • Contractual requirements including the PCI DSS (Payment Card Industry Data Security Standard)
  • Standards bodies including ISO/IEC and NIST

Module 6 – The security lifecycle

  • Recognize secure coding practices
  • Examples of testing strategies, such as fuzzing and regression testing
  • The importance of patch management
  • Explain change management
  • The use of independent assurance including ISO 27001

Module 7 – The need for operational compliance

  • The purpose of auditing
  • Discuss methods of monitoring such as IDS, IPS, and SIEM
  • xplain the five phases of incident management

What’s included in this course?

  • Complete course materials (digital copy provided as a PDF file)
  • The Certified Cybersecurity Foundation exam
  • A certificate of attendance

What equipment do I need?

You will need a laptop and a webcam for your course and exam.


Course duration and times

Live Online PDT/PST

  • Day 1: 07:30 am – 3:00 pm

Live Online CDT/CST

  • Day 1: 9:30 am – 5:00 pm

Live Online EDT/EST

  • Day 1: 10:30 am – 6:00 pm

Course location

Learn from anywhere with our instructor-led Live Online course.


Are there any prerequisites for this course?

This course has no entry requirements, but it would be beneficial for attendees to have basic IT knowledge.

Exams and qualifications

Certified Cybersecurity Foundation exam

Candidates take the Certified Cybersecurity Foundation (C CS F) exam set by IBITGQ (International Board for IT Governance Qualifications) at the end of the course.

  • Delivery method: Online
  • Duration: 60 minutes
  • Questions: 40
  • Format: Multiple choice
  • Pass mark: 65%

This course is equivalent to:

7

CPD points


What qualifications will I receive?

Certified Cybersecurity Foundation (C CS F).


Accreditation

This course holds accreditation from IBITGQ (International Board for IT Governance Qualifications) and CIISec (The Chartered Institute of Information Security), satisfying CIISec Knowledge Areas requirements at Level 1: A2, A3, A4, A5, A6, B1, C3, D2, E1, F2, G1, G2, H1 and H2, and Level 2: B2, B3, and H3.

As a premier personnel certification body, IBITGQ specialises in certifying individuals who demonstrate exceptional proficiency in IT governance practices.

IBITGQ maintains accreditation to the ISO/IEC 17024:2012 standard, a globally recognised benchmark for conformity assessment. Accreditation by the International Accreditation Service (IAS) further underscores the course's commitment to meeting stringent certification requirements.

ISO 17024 certification is esteemed within the industry and universally acknowledged by employers worldwide. By aligning with this standard, our course ensures that your qualifications are not only recognised but also highly valued by employers across diverse sectors.

Upon successful completion of the course, you have the opportunity to validate your professional expertise by registering your qualification on the esteemed IBITGQ/GASQ successful candidate register. This platform serves as a testament to your commitment to excellence in IT governance, setting you apart as a distinguished professional in the field.


How will I receive my exam results and certificates?

  • Provisional exam results will be available immediately upon completion of the exam. Confirmed exam results will be issued within ten working days from the exam date.
  • Certificates for those who pass will be issued within ten working days from the exam date.
  • Results notifications and certificates are sent directly to candidates by the relevant exam board in electronic format. Please note that hard copy exam certificates are not issued.

Can exams be retaken?

Yes, if you are unsuccessful on the first attempt, you can retake the exam for an additional fee. You can email us to schedule the retest.


CPD (Continuing Professional Development)

This course awards 7 CPD points, which are accredited by the CPD Certification Service.

CPD points are a record of your commitment to acquiring the knowledge required to enhance your ability and proficiency to perform your job role.

IT Governance is an approved CPD Provider of the CPD Certification Service. This training course has been reviewed to ensure its quality and integrity and found to meet the required continuing professional development standard and benchmark of an internationally recognized CPD accreditation service.

Ways to Learn

Learn from anywhere with our range of instructor-led courses

Wherever you are in the world, you can now attend an IT Governance USA online course and get the full benefit of a classroom session.

To make your life as easy as possible, we offer two ways to attend an instructor-led course:

Live Online

Our instructor-led Live Online courses are hosted and delivered live by one of our expert trainers.

Learn more

Learn from anywhere

Our instructor-led classroom / Live Online courses give you the flexibility of attending a classroom course, either in person or by joining the classroom course online.
 

Learn more


The benefits of learning from anywhere:

  • Save on travel, parking, hotels, and other fees
  • Learn and obtain a professional certification from the comfort of your home
  • Our courses use the latest conferencing technology that is compatible with all devices
  • Our trainers focus on maximizing audience participation and getting the most out of our learners
  • All trainers have been hand-picked for their technical and practical expertise
  • You have full control over your course booking, meaning you can edit learner details, course dates, and any special requirements

Find out more about the benefits of learning from anywhere

Certified Cybersecurity Practitioner Training Course
Description

Training course outline

This fully accredited, four-day course gives you the skills required to deliver infrastructure, application, information, and operational cybersecurity by implementing appropriate technical and organizational controls. It also prepares you to pass the internationally recognized IBITGQ C CS P exam on the first attempt.

The course content is aligned with CyBOK v1.1. Approved by the NCSC, CyBOK defines and codifies the foundational knowledge required for a cybersecurity professional.

This Practitioner-level training focuses on building the knowledge associated with the CyBOK categories:

  • Attacks and Defenses
  • Systems Security
  • Software and Platform Security
  • Infrastructure Security

The course covers:

  • How to detect and respond to malware attacks and adversarial behavior
  • The concepts of security operations and incident management
  • How security can be ensured at the operating system and hypervisor levels
  • Implementing network and hardware security
  • The prevention, detection, and mitigation of software cyber attacks
  • Web and mobile device cybersecurity

Certified Cybersecurity Practitioner course benefits

 Designed by experts

We’re acknowledged leaders in cybersecurity and information security with years of practical, hands-on experience.

 Delivered by professionals

Taught by a cybersecurity consultant with extensive management and technical experience of helping organizations of all sizes deliver effective cybersecurity programs.

 Gain practical experience

Use tools and real-life examples to understand how to apply cybersecurity controls.

  Hands-on-study

Learn about cybersecurity through group work, exercises, and case studies.

  Learn from anywhere

Learn from anywhere with our instructor-led Live Online or self-paced options that allow you to study in your choice of location and keep travel and costs to a minimum.


Who should attend this course?

This course is for people who wish to develop a successful career in cybersecurity management and implementation, especially those who need to improve their technical knowledge of typical cyber attacks and the security controls required at the network, systems, operational, and software levels.

It is particularly appropriate for those with foundational cybersecurity experience who wish to advance their career, and existing IT professionals such as:

  • Network administrators
  • Database administrators
  • Cloud architects
  • IT helpdesk staff

Your learning path

Find out how the Certified Cybersecurity Practitioner Training Course will help you start or enhance your career and boost your knowledge.

This course is an essential component of the following learning paths:

ISO 27001 learning path

Why choose IT Governance USA for your training needs?

  • Pass first time or train again for free: We have trained more than 28,000 people and we’re confident you’ll pass with us first time. If you don’t, we’ll train you again for free.* 
  • Access your training anywhere: All course materials are available digitally and will be made available 20 days before your course. 
  • Training solutions tailored to your organization: We provide training solutions for multinationals and small businesses. 

* T&Cs apply

Course details

What does this course cover?

  • Typical malware attacks and how to detect and respond to them
  • Adversarial behaviors and the frameworks used to understand malicious operations
  • Fundamental concepts of security operations and incident management
  • Digital forensic techniques and their application
  • Introducing cryptography
  • How security can be ensured at the operating system and hypervisor levels
  • Distributed systems security
  • Authorization, authentication, and accountability, and their relationship with access control
  • Prevention, detection, and mitigation of cyber attacks on software applications
  • Web and mobile device cybersecurity
  • Secure software design and the secure software lifecycle
  • Implementing network security
  • Hardware security and how it is measured and protected
  • Research trends and characteristics in the CPSs (cyber-physical systems) security field
  • Challenges and opportunities of physical layer and telecommunications security

What’s included in this course?

  • Full course materials (digital copy provided as a PDF file)
  • The Certified Cybersecurity Practitioner exam
  • A certificate of attendance

What equipment do I need?

You will need a laptop for the duration of your course and exam. Our course materials include an interactive PDF and an online quiz tool for knowledge testing. Full details on how to access the exam will be provided by email 1–2 days before sitting the exam.


Course duration and times

Live Online PDT/PST

  • Day 1: 07:30 am – 3:00 pm
  • Day 2: 07:30 am – 3:00 pm
  • Day 3: 07:30 am – 3:00 pm
  • Day 4: 07:30 am – 3:00 pm

Live Online CDT/CST

  • Day 1: 9:30 am – 5:00 pm
  • Day 2: 9:30 am – 5:00 pm
  • Day 3: 9:30 am – 5:00 pm
  • Day 4: 9:30 am – 5:00 pm

Live Online EDT/EST

  • Day 1: 10:30 am – 6:00 pm
  • Day 2: 10:30 am – 6:00 pm
  • Day 3: 10:30 am – 6:00 pm
  • Day 4: 10:30 am – 6:00 pm

Course location

Learn from anywhere with our instructor-led Live Online course.


Are there any prerequisites for this course?

Before joining this course, you must have passed the Certified Cybersecurity Foundation Training Course and included exam.

Exams and qualifications

Certified Cybersecurity Practitioner exam

Candidates take the Certified Cybersecurity Practitioner (C CS P) exam set by IBITGQ(International Board for IT Governance Qualifications) at the end of the course.

  • Delivery method: Online
  • Duration: 60 minutes
  • Questions: 40
  • Format: Multiple choice
  • Pass mark: 65%

This course is equivalent to:

28

CPD points


What qualifications will I receive?

Certified Cybersecurity Practitioner (C CS P).


Accreditation

This course holds accreditation from IBITGQ (International Board for IT Governance Qualifications) and CIISec (The Chartered Institute of Information Security), satisfying CIISec Knowledge Areas requirements at Level 1: A2, A3, A4, A5, A6, B1, C3, D2, E1, F2, G1, G2, H1 and H2, and Level 2: B2, B3, and H3.

As a premier personnel certification body, IBITGQ specialises in certifying individuals who demonstrate exceptional proficiency in IT governance practices.

IBITGQ maintains accreditation to the ISO/IEC 17024:2012 standard, a globally recognised benchmark for conformity assessment. Accreditation by the International Accreditation Service (IAS) further underscores the course's commitment to meeting stringent certification requirements.

ISO 17024 certification is esteemed within the industry and universally acknowledged by employers worldwide. By aligning with this standard, our course ensures that your qualifications are not only recognised but also highly valued by employers across diverse sectors.

Upon successful completion of the course, you have the opportunity to validate your professional expertise by registering your qualification on the esteemed IBITGQ/GASQ successful candidate register. This platform serves as a testament to your commitment to excellence in IT governance, setting you apart as a distinguished professional in the field.


How will I receive my exam results and certificates?

  • Provisional exam results will be available immediately on completion of the exam. Confirmed exam results will be issued within ten working days from the exam date.
  • Certificates for those who have achieved a passing grade will be issued within ten working days from the exam date.
  • Results notifications and certificates are sent directly to candidates by the relevant exam board in electronic format; please note that hard copy exam certificates are not issued.

Can exams be retaken?

Yes, if you are unsuccessful on the first attempt, you can retake the exam for an additional fee. You can email us to schedule the retest.

Ways to Learn

Learn from anywhere with our range of instructor-led courses

Wherever you are in the world, you can now attend an IT Governance USA online course and get the full benefit of a classroom session.

To make your life as easy as possible, we offer two ways to attend an instructor-led course:

Live Online

Our instructor-led Live Online courses are hosted and delivered live by one of our expert trainers.

Learn more

Learn from anywhere

Our instructor-led Classroom / Live Online courses give you the flexibility of attending a classroom course, either in person or by joining the classroom course online. 
 

Learn more


The benefits of learning from anywhere:

  • Save on travel, parking, hotels, and other fees
  • Learn and obtain a professional certification from the comfort of your home
  • Our courses use the latest conferencing technology that is compatible with all devices
  • Our trainers focus on maximizing audience participation and getting the most out of our learners
  • All trainers have been hand-picked for their technical and practical expertise
  • You have full control over your course booking, meaning you can edit learner details, course dates, and any special requirements 

Find out more about the benefits of learning from anywhere

California Privacy Rights Act (CPRA) Foundation Training Course
Description

Training course outline

The CCPA (California Consumer Privacy Act) is a California data protection law that came into effect on January 1, 2020. Following the passing of Prop 24, the CPRA (California Privacy Rights Act) will take effect officially on January 1, 2023 and replace the CCPA. The CPRA is widely viewed as California’s version of the EU’s GDPR (General Data Protection Regulation).

Just like the GDPR, it gives people more control over their personal data, and holds businesses more accountable for protecting the data they collect and process.

Once you have completed the California Privacy Rights Act Foundation Online Training course, you will be able to:

  • Demonstrate an understanding of privacy and cybersecurity law concepts, and basis of national/state jurisdiction 
  • Define terms used in the CCPA/CPRA and contrast to the GDPR 
  • Articulate the rights of consumers, and determine the duties of a business 
  • Examine the CPRA's security requirements and prepare relevant responses 
  • Use the CPRA to determine what action(s) should be taken in the event of a breach 
  • Demonstrate an understanding of the CPRA's penalty provisions 

CPRA Foundation training course benefits

 Save time and money

Save time and travel costs with online training delivered to any location with Internet access.

 Fully understand the CPRA

Get an insight into the components of the CPRA, and how your organization may be affected, in just one day.

 Delivered by professionals

Delivered by an experienced privacy consultant, this training course is built on the foundations of our extensive practical experience through advising companies on compliance with data privacy laws and related information security standards, such as ISO 27001.

 Designed by experts

The course will give you a clear understanding of the main elements of the CPRA, and you can ask the trainer questions during the course.

“William was wonderful. I have been trained by some okay people and terrible people. He was by far the best and most engaging trainer I have ever had. He has an amazing wealth of knowledge and I could not have asked for more. Thank you, thank you! ”

- Pete Gebhart, Director Sales Engineering

 

Who should attend this course?

The course is suitable for anyone involved in information management, data protection compliance, data privacy compliance, or implementation programs for different organizations either located or doing business in the state of California.

This might include:

  • Information security personnel responsible for implementing and maintaining cybersecurity and privacy systems
  • Executive management, senior leaders, and other personnel who need to understand California's requirements for managing consumer information
  • Those who have attended the GDPR Foundation and Practitioner courses, and want to develop their knowledge of US privacy and cybersecurity regulations
  • Lawyers and attorneys who want to advise clients on changes in the U.S. privacy and cybersecurity regulatory environment

Why choose IT Governance for your training needs?

  • We’re an internationally recognized authority in ISO 27001 – our team led the world’s first ISO 27001 certification project, and since then we have trained more than 8,000 professionals on ISMS (information security management system) implementations and audits
  • Trained by industry experts – our trainers are working consultants with years of practical, hands-on experience.
  • Choose the method that suits you – we offer instructor-led online, self-paced online, e-learning and in-house training options
  • Access your training anywhere – all our course materials are provided as a digital copy, allowing you to access them anywhere and at any time. Documents will be made available 20 days before your course
  • Business solutions to suit you – whether you’re a multinational wanting us to manage all your training needs or a small business wishing to boost your workforce skills, we offer a range of training solutions.
Course details

What does this training course cover?

  • Privacy and cybersecurity law concepts, and basis of national/state jurisdiction
  • Terms in the CCPA/CPRA and how they compare to those in the GDPR
  • The rights of a consumer and the duties of a business 
  • CCPA/CPRA security requirements 
  • Actions to be taken in the event of a breach
  • Penalties under the CCPA/CPRA

You will be assessed on the following criteria:

  • Demonstrate an understanding of privacy and cybersecurity law concepts, and basis of national and state jurisdiction (10%)
  • Define terms used in the CPRA and contrast to the GDPR (10%) 
  • Articulate the rights of consumers, and determine the duties of a business (30%) 
  • Examine the CPRA’s security requirements (20%) 
  • Use the CPRA to determine what action(s) should be taken in the event of a breach (10%)
  • Demonstrate an understanding of the CPRA’s penalty provisions (20%) 

What’s included in this course?

  • Full course materials (digital copy provided as PDF file);
  • California Privacy Rights Act Foundation exam; and
  • Certificate of attendance

What equipment should I bring?

This course is delivered as a WebEx instructor-led online session. Anyone booked on this course is expected to have a reliable Internet connection at their home or office. You will need to take the exam on a PC, Mac or laptop. Docked devices cannot be used when sitting the exam.

To ensure that the WebEx client works properly on your computer, we recommend using the test session functionality offered by WebEx.

To sit the online exam, you will need:

  • Internet Explorer 9 (or later) or Mozilla Firefox version 16 (or later);
  • Internet access for the full time of the exam;
  • To deactivate the pop-up blocker; and
  • A working webcam on the machine you are using to sit the exam.

Course duration and times

9:00 am – 5:00 pm each day course is run.

Exams and qualifications

CPRA Foundation exam

Attendees take the ISO 17024-certificated, California Privacy Rights Act Foundation (CPRA F), exam set by IBITGQ (International Board for IT Governance Qualifications). There is no extra charge for this exam.

  • Delivery method: Online
  • Duration: 60 minutes
  • Questions: 40
  • Format: Multiple choice
  • Pass mark: 65%

This course is equivalent to:

7

CPD points


What qualifications will I receive?

The course supports professional development, and delegates who pass the included exam are awarded the California Privacy Rights Act Foundation (CPRA F) qualification by IBITGQ.


Accreditation

This course holds accreditation from IBITGQ (International Board for IT Governance Qualifications), a renowned authority in personnel certification within the field of IT governance.

As a premier personnel certification body, IBITGQ specialises in certifying individuals who demonstrate exceptional proficiency in IT governance practices.

IBITGQ maintains accreditation to the ISO/IEC 17024:2012 standard, a globally recognised benchmark for conformity assessment. Accreditation by the International Accreditation Service (IAS) further underscores the course's commitment to meeting stringent certification requirements.

ISO 17024 certification is esteemed within the industry and universally acknowledged by employers worldwide. By aligning with this standard, our course ensures that your qualifications are not only recognised but also highly valued by employers across diverse sectors.

Upon successful completion of the course, you have the opportunity to validate your professional expertise by registering your qualification on the esteemed IBITGQ/GASQ successful candidate register. This platform serves as a testament to your commitment to excellence in IT governance, setting you apart as a distinguished professional in the field.


How will I receive my exam results and certificates?

  • Where exams are taken online (either remotely or by computer in the classroom), provisional exam results will be available immediately on completion of the exam. Confirmed exam results will be issued within ten working days from the date of the exam.
  • Certificates for those who have achieved a passing grade will be issued within ten working days from the date of the exam.
  • Results notifications and certificates are sent directly to candidates by the relevant exam board in electronic format; please note that hard copy exam certificates are not issued.

Can exams be retaken?

Yes, if you are unsuccessful on the first attempt you can retake the exam for an additional fee. You can email us to schedule the retest for the exam.

Prerequisites

Are there any prerequisites for this course?

There are no formal entry requirements, although participants are assumed to have some knowledge of cybersecurity systems and privacy laws. 


Is there any recommended-reading?

We recommend that you purchase and read the following textbook:

The California Privacy Rights Act (CPRA) – An implementation and compliance guide

An Introduction to Information Security and ISO 27001 (2013) A Pocket Guide, Second Edition
Overview

The ideal primer for anyone implementing an Information Security Management System (ISMS)

This pocket guide will help you to:

  • Make informed decisions
    Using this guide will enable the key people in your organization to make better decisions before embarking on an information security project.
  • Ensure everyone is up to speed
    Use this guide to give the non-specialists on the project board and in the project team a clearer understanding of what the project involves.
  • Raise awareness among staff
    Use this guide to make sure your people know what is at stake with regard to information security and understand what is expected of them.
  • Enhance your competitiveness
    Use this guide to let your customers know that the information you hold about them is managed and protected appropriately.
About the author

Steve G. Watkins

Steve G. Watkins managed the world’s first successful BS7799 (the forerunner of ISO27001) implementation project and leads the consultancy and training services of IT Governance Ltd. He is Chair of the ISO/IEC 27001 User Group, the UK Chapter of the ISMS International User Group, and an ISMS Technical Assessor for UKAS, advising on their assessments of certification bodies offering accredited certification. He has over 20 years’ experience managing integrated management systems, including maintenance of Information Security, Quality, Environmental and Investor in People certifications. His experience includes senior management positions in both the public and private sectors.

Assessing Information Security - Strategies, Tactics, Logic and Framework, 2nd Edition
Overview

Build a strategic response to cyber attacks

The activities of the cyber criminal are both deliberate and hostile, and they can be compared to military operations.

Many people in business understand that the insights from the classics of military strategy are as relevant to modern commerce as they are to war.

It is clear that organizations need to develop a view of cybersecurity that goes beyond technology: all staff in the organization have a role to play, and it is the senior managers who must ensure, like generals marshaling their forces, that all staff know the cybersecurity policies that explain what to do when under attack.


Cybercrime… cyber war?

With this in mind, the authors have drawn on the work of Clausewitz and Sun Tzu and applied it to the understanding of information security that they have built up through their extensive experience in the field. The result is expert guidance on information security, underpinned by a profound understanding of human conflict.

Building on the success of the first edition, this new edition covers the most recent developments in the threat landscape and the best-practice advice available in the latest version of ISO 27001:2103.


Contents: 

  1. Information Security Auditing and Strategy
  2. Security Auditing, Governance, Policies, and Compliance
  3. Security Assessments Classification
  4. Advanced Pre-Assessment Planning
  5. Security Audit Strategies and Tactics
  6. Synthetic Evaluation of Risks
  7. Presenting the Outcome and Follow-Up Acts
  8. Reviewing Security Assessment Failures and Auditor Management Strategies 
About the author

About the authors 

Dr. Andrew Vladimirov is a security researcher. His fields of expertise include network security and applied cryptography, and he has extensive experience of performing information security assessments. He and his fellow authors are the founders of Arhont Ltd, a leading information security consultancy.

Konstantin Gavrilenko has over 15 years of experience in IT and security. As a researcher, information security is his specialty, and he has a particular interest in wireless security. He holds a BSc in management science from De Montfort University and an MSc in management from Lancaster University.

Andriej Michajlowski is an expert on network security. His research interests include user and device authentication mechanisms and wireless networking security. He has extensive experience carrying out internal and external information security assessments. He is a graduate of the University of Kent at Canterbury and he holds an MBA.

top
This website uses cookies. View our cookie policy
SAVE 25% ON
FOUNDATION
TRAINING
Loading...