Information is at risk from many sources, legal, electronic, physical, internal and external to mention a few. It is paramount that security and related management personnel have an understanding of the risks, controls and countermeasures that are available to secure information and technology within an effective management framework. Furthermore, this Information Security Management training course will feature utilising counter measures, best practice and management techniques will mitigate electronic and physical risks and enhance protection to an organisation.

Target Group

• Chief Information Security Officer
• Chief Information Officer
• Director of Security
• IT Director/Manager
• Security Systems Engineer
• Security Analyst
• Security Manager
• Security Auditor
• Security Architect
• Security Consultant
• Network Administrator and Architect
• System Administrators
• IT Auditors/Penetration Testers

Course Benefits

By the end of the course participants will gain the following benefit;

• Gain knowledge of the concepts relating to information security management (confidentiality, integrity, availability, vulnerability, threats, risks, counter measures, etc.)
• Understand the current legislation and regulations which impact upon information security management
• Be fully Aware of current national and international standards such as ISO 27002, frameworks and organisations which facilitate the management of information security
• Understand the current business and common technical environments in which information security management has to operate
• Gain knowledge of the categorisation, operation and effectiveness of controls of different types and characteristics

Course Contents

Module 1:  Overview of Information Security

• What is Information Security?
• Examples of Information Security Incidents
• What is Information Security Management?
• Human Aspect of Information Security
• Social Engineering

Module 2:  Information Security for Server Systems

• Attacks for Personal Computers and Smart phones and counter measure
• Information Security Risk Management
• What is Risk Management process?
• Identifying Information Assets
• Identifying Security Risk and evaluation
• Risk Treatment

Module 3: Security Risk management as an Organization

• Information Security Governance
• Information Security Management System (ISMS)
• Information Security Policy, Standards and Procedures
• Information Security Evaluation
• Security Incident Response

Module 4: Information Security and Cryptography

• Requirements for Secure Communication
• What is Cryptography?
• Classic and Modern Cryptography
• Common Key Cryptography algorithms: DES, Triple DES, AES
• Problems of Key distribution for Common Key Cryptography

Module 5: Data Integrity and Digital Signature

• Integrity of Data
• Hash Function
• Digital Signature
• Public Key Certificate and Public Key Infrastructure (PKI)
• Certificate Authority