Monthly Security Training Update

Monthly Security Training Update

Information Security professionals are overwhelmed with at work, at the same time they need the latest information and training to carry out their jobs effectively. The problem with the present training programs is that they are certified based and are mostly done in multiple days. They are mostly not what the people need at the present moment.

The goal of the Security Update program is to provide every month for ten months of the year a training program based on hot security concept in the industry. At the end of the day the participant will have Knowledge of the hot or upcoming security solution fully explained.

The second gap we will be filling is to provide Security Update Program. This Security Update Program will take place in the form of a ONE-DAY security workshop program to provide an update on security knowledge base and help security specialist in the market to continuously develop their skills which will enable them to stay competitive in the market and add value to their job.

At its peak the Security Update Program will be held on every working day of the month and will cover one set of topics per month. The program is designed to accept up to 50.

participants who will pay a daily fee to attend the one-day program. The program will run in several locations on different days in The Netherlands and Belgium.

The program will be focused on updating the students on new technologies, Security management concept, design and architecture and general security updates. It will also provide the monthly participant the opportunity to take part in case studies and discuss with other participants from other companies to share knowledge.

The target for this program includes:

  • CISOs
  • Security Risk Management
  • Security Engineer
  • Information Security Managers.
  • Information Security Directors.

Each participant will be provided a monthly GOODIE KIT which will contain the training materials of the day, reference materials, templates and case studies. It will also grant them access to our private membership only website where they can interact with other members of the Security Update group.

The monthly Security update is a training program to expose the company to the outside world. It is also used for marketing opportunity and income generation for the company. This is a major income earner for the business.

This program will be sold on a yearly subscription basis for € 500 per month. This will be € 5,000 per year. Companies buying more subscription will be offered a discount. This program will help Security professionals stay up to day with their education in the field. At the end of the 10 months per year lots of great information security topics will be fully covered.

The content of the One-Day security program will be held every day for the entire month for max 50 persons per section. Each new day will be added as soon as the previously available date is 70% full.

Each Daily section will be recorded professionally and achieved in the CPE program.

The five fuctions of the NICE framework

The five fuctions of the NICE framework

Overview

This learning module takes a deeper look at the Cybersecurity Framework’s five Functions: Identify, Protect, Detect, Respond, and Recover. The information presented here builds upon the material introduced in the Components of the Framework module. This module explores the value of the Functions within the Framework, and what is included in each Function.

An Introduction to the Functions

The five Functions included in the Framework Core are:

  • Identify
  • Protect
  • Detect
  • Respond
  • Recover

The Functions are the highest level of abstraction included in the Framework. They act as the backbone of the Framework Core that all other elements are organized around.These five Functions were selected because they represent the five primary pillars for a successful and holistic cybersecurity program. They aid organizations in easily expressing their management of cybersecurity risk at a high level and enabling risk management decisions.

Identify

The Identify Function assists in developing an organizational understanding to managing cybersecurity risk to systems, people, assets, data, and capabilities. Understanding the business context, the resources that support critical functions, and the related cybersecurity risks enables an organization to focus and prioritize its efforts, consistent with its risk management strategy and business needs.Examples of outcome Categories within this Function include:

  • Identifying physical and software assets within the organization to establish the basis of an Asset Management program
  • Identifying the Business Environment the organization supports including the organization’s role in the supply chain, and the organizations place in the critical infrastructure sector
  • Identifying cybersecurity policies established within the organization to define the Governance program as well as identifying legal and regulatory requirements regarding the cybersecurity capabilities of the organization
  • Identifying asset vulnerabilities, threats to internal and external organizational resources, and risk response activities as a basis for the organizations Risk Assessment
  • Identifying a Risk Management Strategy for the organization including establishing risk tolerances
  • Identifying a Supply Chain Risk Management strategy including priorities, constraints, risk tolerances, and assumptions used to support risk decisions associated with managing supply chain risks

Protect

The Protect Function outlines appropriate safeguards to ensure delivery of critical infrastructure services. The Protect Function supports the ability to limit or contain the impact of a potential cybersecurity event.Examples of outcome Categories within this Function include:

  • Protections for Identity Management and Access Control within the organization including physical and remote access
  • Empowering staff within the organization through Awareness and Training including role based and privileged user training
  • Establishing Data Security protection consistent with the organization’s risk strategy to protect the confidentiality, integrity, and availability of information
  • Implementing Information Protection Processes and Procedures to maintain and manage the protections of information systems and assets
  • Protecting organizational resources through Maintenance, including remote maintenance, activities
  • Managing Protective Technology to ensure the security and resilience of systems and assists are consistent with organizational policies, procedures, and agreements

Detect

The Detect Function defines the appropriate activities to identify the occurrence of a cybersecurity event. The Detect Function enables timely discovery of cybersecurity events.Examples of outcome Categories within this Function include:

  • Ensuring Anomalies and Events are detected, and their potential impact is understood
  • Implementing Security Continuous Monitoring capabilities to monitor cybersecurity events and verify the effectiveness of protective measures including network and physical activities
  • Maintaining Detection Processes to provide awareness of anomalous events

Respond

The Respond Function includes appropriate activities to take action regarding a detected cybersecurity incident. The Respond Function supports the ability to contain the impact of a potential cybersecurity incident.Examples of outcome Categories within this Function include:

  • Ensuring Response Planning process are executed during and after an incident
  • Managing Communications during and after an event with stakeholders, law enforcement, external stakeholders as appropriate
  • Analysis is conducted to ensure effective response and support recovery activities including forensic analysis, and determining the impact of incidents
  • Mitigation activities are performed to prevent expansion of an event and to resolve the incident
  • The organization implements Improvements by incorporating lessons learned from current and previous detection / response activities

Recover

 The Recover Function identifies appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity incident. The Recover Function supports timely recovery to normal operations to reduce the impact from a cybersecurity incident.Examples of outcome Categories within this Function include:

  • Ensuring the organization implements Recovery Planning processes and procedures to restore systems and/or assets affected by cybersecurity incidents
  • Implementing Improvements based on lessons learned and reviews of existing strategies
  • Internal and external Communications are coordinated during and following the recovery from a cybersecurity incident

en_USEnglish