Security essentials voor besluitvormers en leidinggevenden
Duur: 44 uur |
Taal: Engels (US) |
Online toegang: 365 dagen |
Ben jij een leidinggevende of besluitvormer binnen een organisatie? Dan is een van jouw talrijke verantwoordelijkheden de cruciale taak ervoor te zorgen dat je organisatie en haar activa veilig blijven. Vandaag de dag kan het een uitdaging zijn om de informatie van de organisatie te beschermen tegen misbruik, verkeerd gebruik of ongeoorloofde toegang. Elke dag ontstaan er nieuwe bedreigingen voor de veiligheid. In dit ontwikkelpad wordt jij gewapend met de juiste vaardigheden om goed geïnformeerde beslissingen te nemen. Je wordt bewust gemaakt van veel voorkomende beveiligingsrisico's, de blootstelling eraan, en hun impact op bedrijven en middelen. Je leert hoe je beveiligingsrisico's kunt identificeren, evalueren en plannen. Tot slot leer je hoe je best practices en richtlijnen kunt toepassen om beveiligingsrisico's te beperken.
Wanneer je kiest voor dit ontwikkelpad, krijg jij:
- toegang tot de trainingen Cybersecurity awareness, Beveiligingsrisico’s evalueren en plannen en Beveiligingsrisico’s beperken.
- begeleiding van ons Learning & Development team, samen met jou stellen we doelen, maken we een planning en monitoren we je voortgang.
Dit ontwikkelpad is ideaal om jouw STAP budget in te zetten.
In het eerste deel van dit ontwikkelpad ligt de focus op cybersecurity awareness. Je leert de basisprincipes van security en informatiebeveiliging kennen. Je ontdekt de belangrijkste termen die in cyberbeveiliging worden gebruikt. Je onderzoekt verschillende soorten bedreigingen, dreigingsactoren en doelwitten. Daarnaast leer je standaard beveiligingsrisico's en hun oorsprong te identificeren. Je komt ten slotte ook meer te weten over verschillende soorten beveiligingsproblemen en de potentiële bedreigingen voor de beveiliging van een organisatie.
Beveiligingsrisico's evalueren en plannen
In het tweede deel van dit ontwikkelpad ligt de focus op beveiligingsrisico's. Je raakt vertrouwd de terminologie, activiteiten en concepten die horen bij een security risk management proces. Je verkent risico-identificatie, risico-evaluaties, en risicobeheer.
In het laatste deel van dit ontwikkelpad ligt de focus op het beperken van beveiligingsrisico's. Je ontdekt hoe je verschillende soorten risico's, zoals netwerk-, fysieke, social engineering, en cloud risico's kunt beheren en onderhouden.
Na het volgen van dit ontwikkelpad beschik je over de juiste vaardigheden om goed geïnformeerde beslissingen te nemen met betrekking tot informatiebeveiliging. Je bent bewust van veel voorkomende beveiligingsrisico's, de blootstelling eraan, en hun impact op bedrijven en middelen. Je kan beveiligingsrisico's identificeren, evalueren en plannen. Tot slot kan je best practices en richtlijnen toepassen om beveiligingsrisico's te beperken.
Geen voorkennis vereist. Dit ontwikkelpad is gericht op leidinggevenden en besluitvormers binnen organisaties.
Security essentials voor besluitvormers en leidinggevenden
Cybersecurity Awareness: Getting Started with Security Foundations
As organizations become more reliant on IT systems to store all kinds of information, facilitate communication among colleagues and customers, and track business-related statistics, information is becoming more precious and its security increasingly crucial and challenging.
In this course, you'll explore standard information security concepts and the security-related roles within an organization. You'll examine where various security-related responsibilities fall throughout the organization and the importance of solid strategic planning and decision-making when implementing proper information security.
You will also investigate the concept of security governance and the activities involved. Finally, you'll delve into the relationship between an organization's overall business objectives and how information security can promote these.
Cybersecurity Awareness: Information Security Fundamentals
With information security a key concern for organizations, it is important to understand the basic concepts of information security and the security concepts that fall within this topic, such as those within the world of cybersecurity.
In this course, you'll recall information security fundamentals before examining the broad domains within it. You'll then delve into cybersecurity and explore the various approaches to it.
In addition, you'll examine some practical cybersecurity concepts, such as the CIA triad and the security architecture principle. You'll then investigate the actions that expose us to security risks, the roles we play in maintaining or breaching security, and the various security controls that can be implemented to mitigate security-related risks.
Cybersecurity Awareness: Key Security Terms & Concepts
Everyone who connects to the Internet is vulnerable to security threats. Managers need to know the types of security threats their organizations are vulnerable to and their potential impact.
In this course, you'll explore the key terms used in cybersecurity. You'll examine different types of threats, threat actors, and targets. You’ll investigate advanced persistent threats (APTs), insider threats, and uncertainty in relation to cybersecurity, as well as the various types of malware and security threats.
Cybersecurity Awareness: Exposure to Security Risks
There are security issues everywhere. Managers must keep abreast of security risks and threats.
In this course, you'll identify standard security risks and their origins. You'll also learn about more diverse types of security issues and the potential threats to an organization's security.
You'll be given examples from daily life that expose us to security risks. To wrap up, you'll outline effective methods to reduce common security risks that render organizations vulnerable via different channels.
Security Risks: Key Risk Terms & Concepts
- Familiarity with key terms and concepts associated with security risk enables security leaders to identify, evaluate, and prioritize security risks. In this course, you'll get familiar with the terminologies, activities, and concepts associated with a security risk management process.
- You'll start by discovering the interdependence between assets, vulnerabilities, threats, and risks. You'll then investigate how to assess risk probability, measure the impact created by it, and the difference between risk appetite and risk tolerance.
- Next, you'll examine the components, benefits, and stages of a risk management process. You'll also identify different methods of treating risk and the importance of implementing controls as a part of a risk-based approach.
- Lastly, you'll recognize the standards for risk management and the advantages of managing and assessing security risk.
Security Risks: Performing Security Risk Identification
- Effective security risk management often begins with proper security risk identification. In this course, you'll examine various components of the risk identification process and different techniques used to identify risk.
- You'll begin by distinguishing between threat and risk. You'll then get familiar with other terminologies and concepts associated with risk identification.
- Moving on, you'll recognize the significance of risk identification in recognizing assets and services that are risk-prone. You'll also investigate different methods used to identify risk and best practices for the risk identification process.
- Later in the course, you'll outline common security-related risks and their impact on different components of an organization. Finally, you'll examine the features of a security risk register, its role in risk management, and how to create one in Microsoft Excel.
Security Risks: Performing Security Risk Assessments
- The categorization of security risks is essential for effectively assessing and managing risk. In this course, you'll explore the assessment, classification, and prioritization of security risks.
- You'll begin by outlining the concept of risk assessment and the advantages of different risk assessment techniques. You'll also investigate the features of security assessment methods, such as vulnerability assessment and penetration testing, and discover how to assess security vulnerability.
- Moving on, you'll recognize the significance of risk categorization and how to update a risk register in Microsoft Excel using a four-quadrant risk classification matrix.
- Finally, you'll identify the purpose and process of risk prioritization, and the role of a probability-impact matrix in determining risk levels. You'll then investigate how to use the matrix to prioritize risks on a security risk register.
Security Risks: Planning for Security Risk Management
- Highly effective security leaders recognize that they must prioritize and focus their efforts on managing critical security risks. Therefore, once a security risk is identified, it must be carefully evaluated.
- In this course, you'll identify the activities involved in a risk management process, the importance of risk strategies in the context of work environments, and essential decisions required for managing security risks effectively.
- Moving on, you'll investigate the components of a risk management plan and how to improve a risk management strategy by increasing risk tolerance and risk appetite. You'll also outline the importance of mitigation plans and discover how to create one in Microsoft Word.
- Lastly, you'll recognize the role of risk monitoring and control measures in risk management planning and the factors that shape an organization's approach to making decisions in handling risks.
Final Exam: Evaluating and Planning for Security Risks
Final Exam: Evaluating and Planning for Security Risks will test your knowledge and application of the topics presented throughout the Evaluating and Planning for Security Risks track of the Skillsoft Aspire Security Essentials for Decision Makers and Leaders Journey.
Mitigating Security Risks: Managing Network & Infrastructure Security Risks
- To mitigate cyber, data, cloud, and information security risks, you need solid knowledge of the complete network security process, from network design to continuous monitoring and logging.
- In this course, you'll explore some vital network security concepts and standard techniques for mitigating security risks.
- You'll start by examining the potential vulnerabilities in a network and how these turn into threats. You'll then explore the decisions you need to make to secure the network infrastructure.
- Next, you'll investigate different network zones and tools used for monitoring, detection, and logging.
- You'll finish by outlining a secure network design's characteristics and the recommended guidelines and best practices for network security.
- On completion of this course, you'll be able to plan for network and infrastructure-related security risks using recommended tools, methods, and best practices.
Mitigating Security Risks: Managing Physical Security Risks
- Physical security is an important but potentially overlooked consideration when implementing network security. In this course, you'll explore what's meant by physical security, how you can implement physical security risk countermeasures, and what the motivations are for doing so.
- You'll start by defining physical security. You'll then investigate the critical decisions you must make when planning for physical security. Next, you'll delve into various types of physical security risks, such as tailgating, and the methods to handle these.
- Moving on, you'll outline the layers of security controls that can be added to increase physical security and recognize the challenges security personnel face in ensuring physical safety.
- Lastly, you'll study how the security principles examined in this course can be used in facility and site design, including internal and perimeter security controls.
Mitigating Security Risks: Cyber Security Risks
- Effective cybersecurity risk management requires intricate knowledge of day-to-day IT security risks, network vulnerabilities, and cyber attacks. In this course, you'll detail several cybersecurity breaches and how best to prevent each one.
- You'll start with a general overview of what comprises security risks before categorizing different types into information, cloud, and data-related risks.
- Next, you'll explore cybercrime methods, the motivations behind them, and the security gaps that invite them in. You'll then use real-life examples to detail some commonplace cyberattacks and crimes.
- Moving on, you'll investigate what's meant by malware and outline best practices to manage worms, viruses, logic bombs, trojans, and rootkits.
- You'll also learn how to safeguard against malware, spyware, ransomware, adware, phishing, zero-day vulnerabilities, DoS, and backdoor attacks.
- By the end of the course, you'll be able to outline guidelines and best practices for securing against the most prevalent types of cybercrimes.
Mitigating Security Risks: Managing Social Engineering Risks
- Social engineering is a security attack method that takes advantage of the social aspect of human nature, which includes trust and interactivity. All members of an organization need to recognize how these subtle and manipulative techniques work and what they can do to avoid falling prey to them.
- In this course, you'll explore what's meant by social engineering, examining standard social engineering techniques, the basic principles of these kinds of attacks, their intended outcomes, who and what they target, and the risks they pose for your organization.
- Moving along, you'll investigate how social engineering is used to launch a cyberattack, study different types of spoofing attacks, and specify best practices to safeguard against social engineering.
- At the end of the course, you'll recognize the objectives of social engineering attacks, how they're carried out, and how to implement security measures to prevent them.
Mitigating Security Risks: Information, Cloud, & Data Security Risk Considerations
- To keep your organization's data secure, you need to know why your data is at risk and how to protect it using established principles and standards. In this course, you'll explore commonly used techniques to compromise data and how international best practices can help protect against these breaches.
- You'll start by examining three fundamental information security principles, which define information security policy and help identify risks. You'll then outline data breach methods and identify the targets of these threats.
- Next, you'll investigate what's meant by 'the human factor' and why it's key to any attack. You'll then study how technologies to secure data and information work under the hood.
- Moving on, you'll outline primary worldwide information security regulations and governance frameworks. Lastly, you'll examine why the ISO 27017 cloud security principles need to be considered when formulating a cloud security risk management plan.
Mitigating Security Risks: Managing Information, Cloud, & Data Security Risks
To lead security-related decisions in the right direction, those
- in specific job roles need to have a solid comprehension of the
- guidelines, measures, and best practices for effective security
- risk management. In this course, you'll learn how to manage various
- types of risks, including those related to information, cloud, and
- data. You'll explore key countermeasures to safeguard information
- and data both on-premises and in the cloud. You'll also examine
- best practices for cloud security, data management, access control,
- and backup. Additionally, you'll outline common security risk
- scenarios and the best ways to protect data and information,
- including from unintentional exposure. Lastly, you'll study how to
- use data science and AI to detect security threats.
Mitigating Security Risks: Handling Natural Threats
- Natural disasters pose serious security threats. Effective planning and management are required to minimize the damage and loss they could cause.
- In this course, you'll explore various types of natural threats, their impact on assets and data, and what you can do about them.
- You'll examine what the procedure is for preparing for natural disasters as well as dealing with the aftermath. You'll also learn how to do this with human-made disasters, such as terrorism.
- You'll finish the course by diving deeper into how to create an effective emergency action plan for natural disaster risk mitigation.
Evaluating and Planning for Security Risks
Practice evaluating and planning for security risks by creating a risk register and identifying risks, applying a probability matrix to identify high risks, performing a vulnerability assessment and creating a risk mitigation plan. This lab is aligned to the Evaluating and Planning for Security Risks track of the Skillsoft Aspire Security for Decision-makers and Leaders journey.
Mitigating Security Risks: Managing Risks from Internal Stakeholders
Effective risk management involves managing risks from external
- as well as internal sources. Because security risks can be
- introduced through internal stakeholder decisions, working with
- them to build awareness of the broad spectrum of security risks and
- their role in mitigating these is essential. In this course, you'll
- explore the internal stakeholder's role in the security landscape
- context. You'll then investigate how to effectively communicate
- with stakeholders regarding their role in preventing security risks
- from being introduced. You'll build on these concepts by examining
- best practices for continual stakeholder engagement using workplace
- example scenarios. You'll then outline various methods of effective
- security health reporting. At the end of this course, you'll be
- able to plan for effective stakeholder communication and
Mitigating Security Risks: Managing Security in a Hybrid Workplace
- Hybrid workplaces are an attractive working style for many organizations. However, a functioning and secure hybrid workplace can take some strategic planning and management to achieve.
- By their nature, hybrid workplaces pose various security risks. Security leaders need to educate themselves and their employees on what these risks are and how best to avoid them.
- In this course, you'll explore what a hybrid workplace entails and the resulting security risks. You'll then outline tips and guidelines to secure a hybrid workplace.
- You'll also learn about the security risks of the 'work from home' (WFH) working methodology and guidelines for securing it.
- Upon completing this course, you'll be able to classify the security challenges of a hybrid workplace and WFM situation, outline how to communicate these risks to employees to aid in risk prevention, and recognize the critical decisions when planning for a secure hybrid workplace.
Mitigating Security Risks: Information Security Governance
Adequate risk management requires the policies, procedures,
- standards, and guidelines that encompass effective information
- security governance are in place. This course shows you how to
- incorporate security governance as part of a robust security
- strategy. Examine the many security governance elements. Outline
- how to design, implement, and continually evaluate your strategy
- based on best practices. Define how security governance relates to
- the CIA Triad and distinguish between security governance and
- security management. Furthermore, investigate IT governance
- frameworks and compare centralized, decentralized, and hybrid
- structures. After taking this course, you'll recognize what's
- needed to implement a sound and robust information security
- governance strategy at your organization.
Mitigating Security Risks: Managing the Incidents
- Security breach incidents need to be handled effectively to prevent further occurrences. An incident management process based on best practices greatly helps deal with and thoroughly learn from incidents.
- Use this course to recognize the steps involved in the incident management process, the dependencies this process has on other processes, and who's involved in incident management.
- Examine the use of incident handling forms and incident prevention measures. Furthermore, study the signs employees should look out for and escalate that indicate a security breach event is occurring.
- After completing this course, you'll recognize how to use the incident management process to identify, manage, and prevent security breach incidents.
Mitigating Security Risks: Maintaining Business Continuity
Business continuity planning (BCP) ensures an organization
- functions smoothly during an unplanned incident or disaster. In
- this course, you'll explore what comprises BCP and how you can
- employ its methods before, during, and after a disaster. You'll
- learn about the importance of a business continuity plan and what's
- needed to create an effective one. You'll differentiate a business
- continuity plan from disaster recovery and emergency action plans.
- You'll then investigate some of the individual BCP steps in more
- detail, including the business impact analysis (BIA), risk
- management plan, and incident response plan phases. Moving on,
- you'll study what's involved in post-disaster recovery planning.
- Finally, you'll explore how to achieve business resiliency and
- excellence in the face of a disaster and during a pandemic,
- examining not only how to get back to normal but also how to
- exploit new opportunities and grow.
Mitigating Security Risks: Maintaining a Secure Workplace
- Securing a workplace is a collaborative effort and requires contribution from everyone, including employees at all levels. It's a leader's role to educate and encourage everyone to build a security mindset into their daily practices. In this course, you'll learn how to foster a secure workplace.
- You'll start by exploring what comprises a secure workplace before examining best practices for achieving this state. You'll then outline best practices for developing a security policy.
- Next, you'll study how to conduct security awareness training, cultivate an organization-wide security mindset, and encourage employees to take ownership of the security processes.
- Finally, you'll learn about the role of security certifications, specifically the Cyber Maturity Model certification. You'll recognize what it comprises and how it applies to a secure workplace.
Final Exam: Mitigating Security Risks
Final Exam: Mitigating Security Risks will test your knowledge and application of the topics presented throughout the Mitigating Security Risks track of the Skillsoft Aspire Security Essentials for Decision Makers and Leaders Journey.
Mitigating Security Risks
Mitigate security risks by identifying a phishing email,
- creating and sending a phishing email and subscribing to the
- Microsoft Security Notification Service. Then, calculate the
- vulnerability score for a given vulnerability. This lab is aligned
- to the Mitigating Security Risks track of the Skillsoft Aspire
- Security for Decision-makers and Leaders journey.
Opties bij cursus
Wij bieden, naast de training, in sommige gevallen ook diverse extra leermiddelen aan. Wanneer u zich gaat voorbereiden op een officieel examen dan raden wij aan om ook de extra leermiddelen te gebruiken die beschikbaar zijn bij deze training. Het kan voorkomen dat bij sommige cursussen alleen een examentraining en/of LiveLab beschikbaar is.
In aanvulling op deze training kunt u een speciale examentraining aanschaffen. De examentraining bevat verschillende proefexamens die het echte examen dicht benaderen. Zowel qua vorm als qua inhoud. Dit is de ultieme manier om te testen of u klaar bent voor het examen.
Als extra mogelijkheid bij deze training kunt u een LiveLab toevoegen. U voert de opdrachten uit op de echte hardware en/of software die van toepassing zijn op uw Lab. De LiveLabs worden volledig door ons gehost in de cloud. U heeft zelf dus alleen een browser nodig om gebruik te maken van de LiveLabs. In de LiveLab omgeving vindt u de opdrachten waarmee u direct kunt starten. De labomgevingen bestaan uit complete netwerken met bijvoorbeeld clients, servers, routers etc. Dit is de ultieme manier om uitgebreide praktijkervaring op te doen.
Via ons opleidingsconcept bespaar je tot 80% op trainingen
Start met leren wanneer je wilt. Je bepaalt zelf het gewenste tempo
Spar met medecursisten en profileer je als autoriteit in je vakgebied.
Ontvang na succesvolle afronding van je cursus het certificaat van deelname van Icttrainingen.nl
Krijg inzicht in uitgebreide voortgangsinformatie van jezelf of je medewerkers
Kennis opdoen met interactieve e-learning en uitgebreide praktijkopdrachten door gecertificeerde docenten
Zodra wij uw order en betaling hebben verwerkt, zetten wij uw trainingen klaar en kunt u aan de slag. Heeft u toch nog vragen over ons orderproces kunt u onderstaande button raadplegen.
Een zakelijk account aanmaken
Wanneer je bestelt namens je bedrijf doe je er goed aan om aan zakelijk account bij ons aan te maken. Tijdens het registratieproces kan je hiervoor kiezen. Je hebt vervolgens de mogelijkheden om de bedrijfsgegevens in te voeren, PO-nummer & referentie en een afwijkend factuuradres toe te voegen.
Je hebt bij ons diverse betaalmogelijkheden. Bij alle betaalopties ontvang je sowieso een factuur na de bestelling. Gaat je werkgever betalen, dan kies je voor betaling per factuur.
Als je een zakelijk account hebt aangemaakt dan heb je de optie om cursisten/medewerkers aan te maken onder je account. Als je dus meerdere trainingen koopt, kan je cursisten aanmaken en de cursussen vervolgens uitdelen aan je collega’s. De cursisten krijgen een e-mail met inloggegevens en dat zij kunnen starten met de cursus.
Met een zakelijk account ben je automatisch beheerder van je organisatie en kan je naast cursisten ook managers aanmaken. Beheerders en managers kunnen tevens voortgang inzien van alle cursisten binnen de organisatie.
Wat is inbegrepen?
|Certificaat van deelname||ja|
|Award Winning E-learning||ja|
|Geschikt voor mobiel||ja|
|Kennis delen||Onbeperkte toegang tot onze community met IT professionals|
|Studieadvies||Onze consultants zijn beschikbaar om je te voorzien van studieadvies|
|Studiemateriaal||Gecertificeerde docenten met uitgebreide kennis over de onderwerpen|
|Service||Service via chat, telefoon, e-mail (razendsnel)|
Na bestelling van je training krijg je toegang tot ons innovatieve leerplatform. Hier vind je al je gekochte (of gevolgde) trainingen, kan je eventueel cursisten aanmaken en krijg je toegang tot uitgebreide voortgangsinformatie.
- Op welke manieren kan ik betalen?
- Hoe werkt het bestelproces?
- Kan ik persoonlijke begeleiding krijgen bij mijn training?