Dates |
Fees |
Location |
Apply |
03/04/2023 - 14/04/2023 |
$2700 |
Nairobi |
|
01/05/2023 - 12/05/2023 |
$4500 |
Dubai |
|
05/06/2023 - 16/06/2023 |
$3000 |
Mombasa |
|
03/07/2023 - 14/07/2023 |
$3500 |
Kigali |
|
07/08/2023 - 18/08/2023 |
$2700 |
Nairobi |
|
04/09/2023 - 15/09/2023 |
$3000 |
Mombasa |
|
02/10/2023 - 13/10/2023 |
$3500 |
Kigali |
|
06/11/2023 - 17/11/2023 |
$3000 |
Mombasa |
|
04/12/2023 - 15/12/2023 |
$2700 |
Nairobi |
INTRODUCTION
Information
and know-how are valuable company assets, and in times of fierce competition,
organizations need to protect their information and systems against the threat
of corporate espionage. Many organizations are unaware of potential information
leaks, and as a result counterintelligence operations are neglected or are
simply a series of routine technical measures. However, employees typically
represent a major weak spot for organizations – which means that existing
processes and structures for information flows need to be
challenged.
Empirical
research indicates that most information losses are traced back to a company’s
employees, or the personnel of its suppliers, customers, or partners – all of
whom have access to confidential information.
The
training will look at the different threats organizations might face and ways in
which they can protect and secure it against attacks. Participants will also
learn how to set up counterintelligence processes that involve collecting
information and conducting counterintelligence activities.
Course
Objectives
By
the end of this course, participants should be able to:
·
Know the purpose of a
cybersecurity audit
·
Define cybersecurity audit
controls
·
Identify cybersecurity audit
frameworks
·
Explain proper audit team
performance
·
Define the benefits of a
cybersecurity audit
·
Learn how to identify vulnerable
points within your organization and how to secure them.
Duration
14
Days
Who
should Attend
·
Individuals involved in
cybersecurity management
·
Learning and development
professionals
·
Internal
auditors
·
Individuals seeking to gain
knowledge about the main processes of auditing a cybersecurity
program
·
Individuals interested to pursue
a career in cybersecurity audit
COURSE
CONTENT
What
is a Cybersecurity Audit?
·
Introduction
·
What is a Cybersecurity
Audit?
·
When to Perform a Cybersecurity
Audit
Controls
and Frameworks
·
Cybersecurity Audit
Controls
·
Cybersecurity Audit
Frameworks
Completing
the Audit
·
The Audit
·
Audit
Completion
Understanding
Cyber Threat Intelligence
·
Defining
Threats
·
Understanding
Risk
·
Cyber Threat Intelligence and
Its Role
·
Expectation of Organizations and
Analysts
·
Diamond Model and Activity
Groups
· Four Types of Threat Detection
·
Process of auditing information
systems
·
Governance and management of
IT
·
Information systems’
acquisition, development and implementation
·
Protection of information
assets
·
Information systems’ operation,
maintenance and service management
Threat
Intelligence Consumption
·
Sliding Scale of
Cybersecurity
·
Consuming Intelligence for
Different Goals
·
Enabling Other Teams with
Intelligence
Positioning
the Team to Generate Intelligence
·
Building an Intelligence
Team
·
Positioning the Team in the
Organization
·
Prerequisites for Intelligence
Generation
Planning
and Direction (Developing Requirements)
·
Intelligence
Requirements
·
Priority Intelligence
Requirements
·
Beginning the Intelligence
Lifecycle
·
Threat
Modeling
Recent
cybercrime trends
·
Cyberwar attacks leading to the
shutdown of production facilities or utilities (e.g. Stuxnet,
Emotet).
·
Ransomware trojans and smart
viruses.
Recent
espionage threats and protection
·
Risk audits: Identification,
monitoring, and evaluation of risks for information theft.
·
Electronic eavesdropping —
reality or fiction?
·
Audio-visual information
gathering.
· Product piracy.
Information
drainage through social engineering
·
Threats: Elicitation, back-door
recruitment, external personnel, Romeo approaches, social media activities
(sockpuppets), and pretext calls.
·
Protection: Vulnerability
analysis, employee training, and never-talk-to-strangers
policies.
Security
of data and communication networks
·
Protection against hacking and
orchestrated attacks.
·
The weak spot — exploiting the
human factor.
·
Opportunities and limitations
for technical counterintelligence solutions.
·
Secure communication: Safe data
transfer methods, minimization of communication risks, and protection of
corporate communication structures.
·
Internet: How to securely
conduct research, transfer data, and avoid harmful
software.
·
Illustration of attacks with
numerous small case studies.
Counterintelligence:
The role of CI/MI professionals in espionage
protection.
·
Prevention
campaigns.
·
Penetration tests for an
outside-in perspective.
·
Briefing/de-briefing of
colleagues with sensitive external contacts.
THE
END