Fundamentals of Cyber Security

This Module is 3 hours workshop with interactive Q&A at the end. Wellington Professionals will attend physically in Brooklyn, Wellington. Rest of the participants through remote video link

Please get yourself registered by sending the following details to Tech_stream@charitynz.org

Your name

Phone number

Address

Profession

This will cover below topics

Workshop contents

1. Cyber Security Concepts

• Cyber Security Concepts and Definitions
  – Difference between IT Security, Information Security, and Cyber Security
  – Assets, Threats & Vulnerabilities
  – Likelihood, Consequence, and Impact
  – Inherent Risk, Current Risk, and Residual Risk

• Corporate Cyber Security Strategy
  – Supporting Business Goals and Objectives
  – Cyber Security Policy and Framework
  – Cyber Awareness, Training and Education
• Laws, Regulations and Industry Standards
• Roles and Responsibilities
• Professional Organisations and Ethics
• Q&A

Exercise – Development of a cyber asset register

2. Security Architecture

• Security Architecture Concepts and Definitions

• Security Architecture Frameworks
  – SABSA
  – TOGAF
• – PCI & ISO27K
• Security Architecture Design Principles
• Service Models
  – Insourcing
  – Outsourcing
  – Managed Services – Single provider, multiple providers, prime provider
  – Cloud Services – Cloud service models and cloud deployment models
• Q&A

Exercise – Recommendations for service provider models in addressing risks
Exercise – Identification of security architecture design principles

3. Implementing Security

• OSI and TCP/IP and Internet Models
• Low and high communication protocols/ports

• Network Fundamentals
  – Network Security
  – Network Topologies
  – Security Zones
  – Network Security Technologies
  – Virtualisation Benefits and Security Challenges
• Virtualization and VLAN segmentation
• Endpoint Security
  – Servers, desktops, laptops, tablets, mobile devices, wearables
  – Endpoint Security Technologies
  – Specialised Endpoint Systems
• Next Generation of Endpoint with EUBA
• Application Security
  – Software Development Lifecycle
  – OWASP Top 10
  – Web Application Firewall and Database Firewall
• Data Security
  – Data owners, data classification, labeling
  – Access control
  – Data governance and lifecycle
  – Data remanence
• Australian Signals Directorate Top 35, E4 and E8
  – SANS Top 20 mapped to ASD Top 35 and other frameworks
• 20 CIS controls of Centre for Internet Security
• Q&A

• Exercise – Establish a data classification scheme
  Exercise – Design a secure network topology with network security zones, overlay the data classification scheme and placement of recommended perimeter and layered controls

4. Cryptography

• Cryptography Key Terms and Concepts

• Symmetric Algorithms
  – Data Encryption Standard (DES)
  – Triple DES
  – Advanced Encryption Standard (AES)
  – Other symmetric algorithms
• Diffie Helman groups and PFS
• Asymmetric Algorithms
• Hashing Algorithms
• Non-Repudiation
• Cryptographic Attacks
  – Side-channel
  – Birthday
  – Implementation
  – Other attack methods
• Implementing Cryptography in the Real World
  – Public Key Infrastructure (PKI)
  – Electronic Document Exchange
  – Virtual Private Networks (VPNs)
  – Secure e-mail
  – Steganography
  – Digital Watermarks
  – Wireless Security
  – Secure Shell
  – Key Management
• Q&A

5. Risk Management

• Risk Management Concepts and Definitions
  – The stages of risk
  – Systemic and systematic Risk, Risk Aggregation
  – Risk treatment options Risk Acceptance, Reduction, Transfer and Avoidance
  – Risk Appetite and Tolerance
  – What is GRC (Governance, Risk Management, and Compliance)
  – Risk Management Process
  – Quantitative, Semi-quantitative, and Qualitative Risk
  – Introduction to Critical Security Controls CIS20” under the first few lines of Risk Management Concepts and Definition,
• Threats and Opportunities
  – Assessing the current threat landscape
  – Developing a threat taxonomy
  – Advanced Persistent Threats (APT)
  – Bring Your Own Device or Technologies
  – The Internet of Things
• Block chain is a way to save IOT
• Controls, Countermeasures, and Enablers
• Business Impact Analysis
  – Sample Business Impact Analysis Template
  – Sample Business Impact Levels
• Q&A
• Exercise – Development of a threat taxonomy and identification of vulnerabilities
  Exercise – Evaluate inherent risk, current controls, current risk, recommend controls and residual risk

6. Business Continuity and Disaster Recovery Planning

• Business Continuity Planning
  – NIST SP800-34 as a framework

• Disaster Recovery Planning
  – Relationship between the BCP and DRP
  – Events that trigger a BCP/DRP
• Developing the BCP and DRP
  – Application of NIST SP800-34
  – Initiation
  – Business Impact Analysis – BIA
  – Identification of preventive controls
  – Recovery strategies
  – Plan design and development and important BCP/DRP frameworks
  – Ongoing maintenance
• Q&A

Exercise – Identify and rank the most important business operations

7. Incident Response

• NIST Cyber Security Framework
  – Identify
  – Protect
  – Detect
  – Respond
  – Recover

• • Cyber Forensics
    – General phases of the forensic process
    – Anti-forensics
    – Forensic media analysis
    – Network forensics
    – Forensic analysis of software, Embedded devices, and Electronic Discovery
  • Incident Response Management
    – Security events and Security incidents
    – Incident Response Methodology using NIST SP800-61
  • Security Assurance
    – Defining and implementing meaningful metrics
    – Configuration management
    – Minimum Security Baselines
    – Vulnerability Assessments
    – Penetration Testing
    – Security Audits (Internal & External Audits)
    – Security Assessments and their types
    – Log reviews, retention, centralization, and analysis
    – Security Information and Event Management System (SIEM)
  • Next-Gen of SIEM and Security Orchestration and Automated Response (SOAR)
  • Q&A