Select Page
The Master Class: Information Security Management

The Master Class: Information Security Management

MasterClass:
Information Security Management

This masterclass program is designed for people responsible for setting up and managing information security in organizations.  It contains deep learning in all major areas of information security management. It is indented for people who would like to go beyond the theory and be able to carry out the job in the various areas of information security management. As a bonus after the training candidate can prepare to take major information security certification exams.

What is included in the Masterclass?

  • 1 x Masterclass per subject area
  • 20 Webinars per year on selected information Security topics
  • 4 x One-day live security events per year
  • 1 x Yearly information security event
  • Several Continue Education Events
  • Certificate of completion is awarded at the end of every session for your CPE

What is in a MasterClass Program

This Masterclass program is designed for security professionals who would like to gain the knowledge required to obtain multiple information security management certifications. The class is optimized to present the required knowledge to the student in a compact and straight form without redundancies.

One of the challenges of Information security management training offers today is the lack of dept and repetition of various subjects. In this program we have examined four certification programs that are geared toward the information security management professionals and compress them into the master class. By doing this we have reduced the time spent on these certifications totally with about 40%. Despite this we can go very deep in each subject and provide the students practical help on real life implementation.

How did we do this? Each of these certification programs has some unique subjects that are useful to the security professionals. However, there are also lots of recurring and redundant subjects such as Risk management, Business Continuity Planning, Incident management, cloud security, Assets management, Data classification, Networking, etc. Therefore, instead of doing these programs four times from different vendors, we have grouped them into similar topics and handle them at once going deep.

The Information Security Management Masterclass covers the following certification program:

  • ISC2 Certified Information Systems Security Professional (CISSP)
  • ISACA Certified Information Security Management (CISM)
  • EC Council Certified Chief Information Security Officer (CCISO)
  • ISACA Certified in Risk and Information Security Control (CRISC)

Despite the concentration of this program you will get additional support and resources to pass the associated certification exam.

After Class Instructor Support

Each Masterclass in supported through our online portal where instructors are available to answer students’ questions and help them with difficult challenges. The support is available throughout the duration of the master class program.

Exam Preparation

We organized Exam preparation days for those who are interested to help them prepare for the examination. There are four optional exam preparation days. One for the certification exam.

  • ISC2 Certified Information Systems Security Professional (CISSP) I day
  • ISACA Certified Information Security Management (CISM) 1 day
  • EC Council Certified Chief Information Security Officer (CCISO) 1 day
  • ISACA Certified in Risk and Information Security Control (CRISC) 1 day

Masterclass Support Content

All our Masterclass participants can attend any of our security events during the year free. We have several security events each month specific to the Information Security Management field to provide the students with insights and in-depth discussions and workshops on related information security topics. Below are some examples of our security events:

  • How to protect against Social Engineering
  • Understand and protect the organisation from Ransomware
  • Helping the organisation with the GDPR Compliance
  • Introduction to cybersecurity
  • Implementing Mobile Device Security
  • Introduction to Cloud Security
  • The First 90 days of CISO
  • Cyber Security Risk Management
  • Building Security into Software Development
  • Threat Modelling in Software Development Life Cycle (SDLC).
  • Integrating security into Agile Software development.
  • Integrating security into DevOps
  • Understanding Zero Trust Security
  • Implementing Data Loss Prevention (DLP) Program
  • Severless Security

 

 

SDLC Threat Modelling

SDLC Threat Modelling

Security Workshop:
Threat Modeling In Software Development Life Cycle (SDLC)

 

Join us in this 3 days Training on Threat Modeling and learn how to integrate security and manage risk during system development.

About The Threat Modeling In SDLC

In this training, our expert will take you through the process of Threat modeling. You will learn about the main idea behind threat modeling and how to integrate security into the software development lifecycle.

Threat modeling helps software developers to:

    • Learn to balance risks, controls, and usability.
    • How to identify threats and compliance requirements, and evaluate their risks.
    • How to define and build required controls.
    • Identify where building control is unnecessary, based on acceptable risk.
    • Document threats and mitigation.
    • Identification of security test cases/security test scenarios to test the security requirements.
Training Content

Threat modeling is a process by which potential threats, such as structural vulnerabilities or the absence of appropriate safeguards, can be identified, enumerated, and mitigations can be prioritized.

The purpose of threat modeling is to provide a systematic analysis of what controls our defenses need to be included to defend a given system against a potential attack, the probable attacker’s profile, the most likely attack vectors, and the assets most desired by an attacker.

In this training, we shall handle the following:

    • The main idea behind threat modeling and how to build security by default and by design into system development.
    • How to use threat modeling to ensure business requirements (or goals) are adequately protected in the face of a malicious actor, accidents, or other causes of impact.
    • Integrating threat modeling into software development methodologies such as waterfall, Agile, and DevOps
    • Learn about threat modeling Methodologies such as STRIDE, Pasta, Trike, CAST, etc.
    • Threat modeling stages and examples.
    • Able to identify threats and compliance requirements during SDLC and evaluate their risks.
    • Learn to balance risks, controls, and usability.
    • Define and build the required controls.
    • Identify where building control is unnecessary, based on acceptable risk.
    • Document threats and mitigation.
    • Identification of security test cases/security test scenarios to test the security requirements
WHO SHOULD ATTEND
  • CISO’s
  • Security Risk Managers
  • Security Engineers
  • Information Security Managers.
  • Information Security Directors.
  • All other security professionals who want to be kept up to date.