Security essentials voor besluitvormers en leidinggevenden (incl. begeleiding)
Cybersecurity
52 uur
Engels (US)

Security essentials voor besluitvormers en leidinggevenden (incl. begeleiding)

Snel navigeren naar:

  • Informatie
  • Inhoud
  • Kenmerken
  • Meer informatie
  • Reviews
  • FAQ

Productinformatie

Ben jij een leidinggevende of besluitvormer binnen een organisatie? Dan is een van jouw talrijke verantwoordelijkheden de cruciale taak ervoor te zorgen dat je organisatie en haar activa veilig blijven. Vandaag de dag kan het een uitdaging zijn om de informatie van de organisatie te beschermen tegen misbruik, verkeerd gebruik of ongeoorloofde toegang. Elke dag ontstaan er nieuwe bedreigingen voor de veiligheid. In dit ontwikkelpad wordt jij gewapend met de juiste vaardigheden om goed geïnformeerde beslissingen te nemen. Je wordt bewust gemaakt van veel voorkomende beveiligingsrisico's, de blootstelling eraan, en hun impact op bedrijven en middelen. Je ontdekt hoe je beveiligingsrisico's kunt identificeren, evalueren en plannen. Tot slot leer je best practices en richtlijnen kennen om beveiligingsrisico's te beperken.

Wanneer je kiest voor dit ontwikkelpad, krijg jij:

  • toegang tot de trainingen Cybersecurity awareness, Beveiligingsrisico’s evalueren en plannen en Beveiligingsrisico’s beperken.
  • begeleiding van ons Learning & Development team, samen met jou stellen we doelen, maken we een planning en monitoren we je voortgang.

Cybersecurity awareness

In het eerste deel van dit ontwikkelpad ligt de focus op cybersecurity awareness. Je leert de basisprincipes van security en informatiebeveiliging kennen. Je ontdekt de belangrijkste termen die in cyberbeveiliging worden gebruikt. Je onderzoekt verschillende soorten bedreigingen, dreigingsactoren en doelwitten. Daarnaast leer je standaard beveiligingsrisico's en hun oorsprong te identificeren. Je komt ten slotte ook meer te weten over verschillende soorten beveiligingsproblemen en de potentiële bedreigingen voor de beveiliging van een organisatie.

Beveiligingsrisico's evalueren en plannen

In het tweede deel van dit ontwikkelpad ligt de focus op beveiligingsrisico's. Je raakt vertrouwd de terminologie, activiteiten en concepten die horen bij een security risk management proces. Je verkent risico-identificatie, risico-evaluaties, en risicobeheer.

Beveiligingsrisico’s beperken

In het laatste deel van dit ontwikkelpad ligt de focus op het beperken van beveiligingsrisico's. Je ontdekt hoe je verschillende soorten risico's, zoals netwerk-, fysieke, social engineering, en cloud risico's kunt beheren en onderhouden.

Inhoud van de training

Security essentials voor besluitvormers en leidinggevenden (incl. begeleiding)

52 uur

Cybersecurity Awareness: Getting Started with Security Foundations

As organizations become more reliant on IT systems to store all kinds of information, facilitate communication among colleagues and customers, and track business-related statistics, information is becoming more precious and its security increasingly crucial and challenging.

In this course, you'll explore standard information security concepts and the security-related roles within an organization. You'll examine where various security-related responsibilities fall throughout the organization and the importance of solid strategic planning and decision-making when implementing proper information security.

You will also investigate the concept of security governance and the activities involved. Finally, you'll delve into the relationship between an organization's overall business objectives and how information security can promote these.

Cybersecurity Awareness: Information Security Fundamentals

With information security a key concern for organizations, it is important to understand the basic concepts of information security and the security concepts that fall within this topic, such as those within the world of cybersecurity.

In this course, you'll recall information security fundamentals before examining the broad domains within it. You'll then delve into cybersecurity and explore the various approaches to it.

In addition, you'll examine some practical cybersecurity concepts, such as the CIA triad and the security architecture principle. You'll then investigate the actions that expose us to security risks, the roles we play in maintaining or breaching security, and the various security controls that can be implemented to mitigate security-related risks.

Cybersecurity Awareness: Key Security Terms & Concepts

Everyone who connects to the Internet is vulnerable to security threats. Managers need to know the types of security threats their organizations are vulnerable to and their potential impact.

In this course, you'll explore the key terms used in cybersecurity. You'll examine different types of threats, threat actors, and targets. You’ll investigate advanced persistent threats (APTs), insider threats, and uncertainty in relation to cybersecurity, as well as the various types of malware and security threats.

Cybersecurity Awareness: Exposure to Security Risks

There are security issues everywhere. Managers must keep abreast of security risks and threats.

In this course, you'll identify standard security risks and their origins. You'll also learn about more diverse types of security issues and the potential threats to an organization's security.

You'll be given examples from daily life that expose us to security risks. To wrap up, you'll outline effective methods to reduce common security risks that render organizations vulnerable via different channels.

Security Risks: Key Risk Terms & Concepts

  • Familiarity with key terms and concepts associated with security risk enables security leaders to identify, evaluate, and prioritize security risks. In this course, you'll get familiar with the terminologies, activities, and concepts associated with a security risk management process.
  • You'll start by discovering the interdependence between assets, vulnerabilities, threats, and risks. You'll then investigate how to assess risk probability, measure the impact created by it, and the difference between risk appetite and risk tolerance.
  • Next, you'll examine the components, benefits, and stages of a risk management process. You'll also identify different methods of treating risk and the importance of implementing controls as a part of a risk-based approach.
  • Lastly, you'll recognize the standards for risk management and the advantages of managing and assessing security risk.

Security Risks: Performing Security Risk Identification

  • Effective security risk management often begins with proper security risk identification. In this course, you'll examine various components of the risk identification process and different techniques used to identify risk.
  • You'll begin by distinguishing between threat and risk. You'll then get familiar with other terminologies and concepts associated with risk identification.
  • Moving on, you'll recognize the significance of risk identification in recognizing assets and services that are risk-prone. You'll also investigate different methods used to identify risk and best practices for the risk identification process.
  • Later in the course, you'll outline common security-related risks and their impact on different components of an organization. Finally, you'll examine the features of a security risk register, its role in risk management, and how to create one in Microsoft Excel.

Security Risks: Performing Security Risk Assessments

  • The categorization of security risks is essential for effectively assessing and managing risk. In this course, you'll explore the assessment, classification, and prioritization of security risks.
  • You'll begin by outlining the concept of risk assessment and the advantages of different risk assessment techniques. You'll also investigate the features of security assessment methods, such as vulnerability assessment and penetration testing, and discover how to assess security vulnerability.
  • Moving on, you'll recognize the significance of risk categorization and how to update a risk register in Microsoft Excel using a four-quadrant risk classification matrix.
  • Finally, you'll identify the purpose and process of risk prioritization, and the role of a probability-impact matrix in determining risk levels. You'll then investigate how to use the matrix to prioritize risks on a security risk register.

Security Risks: Planning for Security Risk Management

  • Highly effective security leaders recognize that they must prioritize and focus their efforts on managing critical security risks. Therefore, once a security risk is identified, it must be carefully evaluated.
  • In this course, you'll identify the activities involved in a risk management process, the importance of risk strategies in the context of work environments, and essential decisions required for managing security risks effectively.
  • Moving on, you'll investigate the components of a risk management plan and how to improve a risk management strategy by increasing risk tolerance and risk appetite. You'll also outline the importance of mitigation plans and discover how to create one in Microsoft Word.
  • Lastly, you'll recognize the role of risk monitoring and control measures in risk management planning and the factors that shape an organization's approach to making decisions in handling risks.

Final Exam: Evaluating and Planning for Security Risks

Final Exam: Evaluating and Planning for Security Risks will test your knowledge and application of the topics presented throughout the Evaluating and Planning for Security Risks track of the Skillsoft Aspire Security Essentials for Decision Makers and Leaders Journey.

Mitigating Security Risks: Managing Network & Infrastructure Security Risks

  • To mitigate cyber, data, cloud, and information security risks, you need solid knowledge of the complete network security process, from network design to continuous monitoring and logging.
  • In this course, you'll explore some vital network security concepts and standard techniques for mitigating security risks.
  • You'll start by examining the potential vulnerabilities in a network and how these turn into threats. You'll then explore the decisions you need to make to secure the network infrastructure.
  • Next, you'll investigate different network zones and tools used for monitoring, detection, and logging.
  • You'll finish by outlining a secure network design's characteristics and the recommended guidelines and best practices for network security.
  • On completion of this course, you'll be able to plan for network and infrastructure-related security risks using recommended tools, methods, and best practices.

Mitigating Security Risks: Managing Physical Security Risks

  • Physical security is an important but potentially overlooked consideration when implementing network security. In this course, you'll explore what's meant by physical security, how you can implement physical security risk countermeasures, and what the motivations are for doing so.
  • You'll start by defining physical security. You'll then investigate the critical decisions you must make when planning for physical security. Next, you'll delve into various types of physical security risks, such as tailgating, and the methods to handle these.
  • Moving on, you'll outline the layers of security controls that can be added to increase physical security and recognize the challenges security personnel face in ensuring physical safety.
  • Lastly, you'll study how the security principles examined in this course can be used in facility and site design, including internal and perimeter security controls.

Mitigating Security Risks: Cyber Security Risks

  • Effective cybersecurity risk management requires intricate knowledge of day-to-day IT security risks, network vulnerabilities, and cyber attacks. In this course, you'll detail several cybersecurity breaches and how best to prevent each one.
  • You'll start with a general overview of what comprises security risks before categorizing different types into information, cloud, and data-related risks.
  • Next, you'll explore cybercrime methods, the motivations behind them, and the security gaps that invite them in. You'll then use real-life examples to detail some commonplace cyberattacks and crimes.
  • Moving on, you'll investigate what's meant by malware and outline best practices to manage worms, viruses, logic bombs, trojans, and rootkits.
  • You'll also learn how to safeguard against malware, spyware, ransomware, adware, phishing, zero-day vulnerabilities, DoS, and backdoor attacks.
  • By the end of the course, you'll be able to outline guidelines and best practices for securing against the most prevalent types of cybercrimes.

Mitigating Security Risks: Managing Social Engineering Risks

  • Social engineering is a security attack method that takes advantage of the social aspect of human nature, which includes trust and interactivity. All members of an organization need to recognize how these subtle and manipulative techniques work and what they can do to avoid falling prey to them.
  • In this course, you'll explore what's meant by social engineering, examining standard social engineering techniques, the basic principles of these kinds of attacks, their intended outcomes, who and what they target, and the risks they pose for your organization.
  • Moving along, you'll investigate how social engineering is used to launch a cyberattack, study different types of spoofing attacks, and specify best practices to safeguard against social engineering.
  • At the end of the course, you'll recognize the objectives of social engineering attacks, how they're carried out, and how to implement security measures to prevent them.

Mitigating Security Risks: Information, Cloud, & Data Security Risk Considerations

  • To keep your organization's data secure, you need to know why your data is at risk and how to protect it using established principles and standards. In this course, you'll explore commonly used techniques to compromise data and how international best practices can help protect against these breaches.
  • You'll start by examining three fundamental information security principles, which define information security policy and help identify risks. You'll then outline data breach methods and identify the targets of these threats.
  • Next, you'll investigate what's meant by 'the human factor' and why it's key to any attack. You'll then study how technologies to secure data and information work under the hood.
  • Moving on, you'll outline primary worldwide information security regulations and governance frameworks. Lastly, you'll examine why the ISO 27017 cloud security principles need to be considered when formulating a cloud security risk management plan.

Mitigating Security Risks: Managing Information, Cloud, & Data Security Risks

  • To lead security-related decisions in the right direction, those

  • in specific job roles need to have a solid comprehension of the
  • guidelines, measures, and best practices for effective security
  • risk management. In this course, you'll learn how to manage various
  • types of risks, including those related to information, cloud, and
  • data. You'll explore key countermeasures to safeguard information
  • and data both on-premises and in the cloud. You'll also examine
  • best practices for cloud security, data management, access control,
  • and backup. Additionally, you'll outline common security risk
  • scenarios and the best ways to protect data and information,
  • including from unintentional exposure. Lastly, you'll study how to
  • use data science and AI to detect security threats.

Mitigating Security Risks: Handling Natural Threats

  • Natural disasters pose serious security threats. Effective planning and management are required to minimize the damage and loss they could cause.
  • In this course, you'll explore various types of natural threats, their impact on assets and data, and what you can do about them.
  • You'll examine what the procedure is for preparing for natural disasters as well as dealing with the aftermath. You'll also learn how to do this with human-made disasters, such as terrorism.
  • You'll finish the course by diving deeper into how to create an effective emergency action plan for natural disaster risk mitigation.

Evaluating and Planning for Security Risks

Practice evaluating and planning for security risks by creating a risk register and identifying risks, applying a probability matrix to identify high risks, performing a vulnerability assessment and creating a risk mitigation plan. This lab is aligned to the Evaluating and Planning for Security Risks track of the Skillsoft Aspire Security for Decision-makers and Leaders journey.

Mitigating Security Risks: Managing Risks from Internal Stakeholders

  • Effective risk management involves managing risks from external

  • as well as internal sources. Because security risks can be
  • introduced through internal stakeholder decisions, working with
  • them to build awareness of the broad spectrum of security risks and
  • their role in mitigating these is essential. In this course, you'll
  • explore the internal stakeholder's role in the security landscape
  • context. You'll then investigate how to effectively communicate
  • with stakeholders regarding their role in preventing security risks
  • from being introduced. You'll build on these concepts by examining
  • best practices for continual stakeholder engagement using workplace
  • example scenarios. You'll then outline various methods of effective
  • security health reporting. At the end of this course, you'll be
  • able to plan for effective stakeholder communication and
  • engagement.

Mitigating Security Risks: Managing Security in a Hybrid Workplace

  • Hybrid workplaces are an attractive working style for many organizations. However, a functioning and secure hybrid workplace can take some strategic planning and management to achieve.
  • By their nature, hybrid workplaces pose various security risks. Security leaders need to educate themselves and their employees on what these risks are and how best to avoid them.
  • In this course, you'll explore what a hybrid workplace entails and the resulting security risks. You'll then outline tips and guidelines to secure a hybrid workplace.
  • You'll also learn about the security risks of the 'work from home' (WFH) working methodology and guidelines for securing it.
  • Upon completing this course, you'll be able to classify the security challenges of a hybrid workplace and WFM situation, outline how to communicate these risks to employees to aid in risk prevention, and recognize the critical decisions when planning for a secure hybrid workplace.

Mitigating Security Risks: Information Security Governance

  • Adequate risk management requires the policies, procedures,

  • standards, and guidelines that encompass effective information
  • security governance are in place. This course shows you how to
  • incorporate security governance as part of a robust security
  • strategy. Examine the many security governance elements. Outline
  • how to design, implement, and continually evaluate your strategy
  • based on best practices. Define how security governance relates to
  • the CIA Triad and distinguish between security governance and
  • security management. Furthermore, investigate IT governance
  • frameworks and compare centralized, decentralized, and hybrid
  • structures. After taking this course, you'll recognize what's
  • needed to implement a sound and robust information security
  • governance strategy at your organization.

Mitigating Security Risks: Managing the Incidents

  • Security breach incidents need to be handled effectively to prevent further occurrences. An incident management process based on best practices greatly helps deal with and thoroughly learn from incidents.
  • Use this course to recognize the steps involved in the incident management process, the dependencies this process has on other processes, and who's involved in incident management.
  • Examine the use of incident handling forms and incident prevention measures. Furthermore, study the signs employees should look out for and escalate that indicate a security breach event is occurring.
  • After completing this course, you'll recognize how to use the incident management process to identify, manage, and prevent security breach incidents.

Mitigating Security Risks: Maintaining Business Continuity

  • Business continuity planning (BCP) ensures an organization

  • functions smoothly during an unplanned incident or disaster. In
  • this course, you'll explore what comprises BCP and how you can
  • employ its methods before, during, and after a disaster. You'll
  • learn about the importance of a business continuity plan and what's
  • needed to create an effective one. You'll differentiate a business
  • continuity plan from disaster recovery and emergency action plans.
  • You'll then investigate some of the individual BCP steps in more
  • detail, including the business impact analysis (BIA), risk
  • management plan, and incident response plan phases. Moving on,
  • you'll study what's involved in post-disaster recovery planning.
  • Finally, you'll explore how to achieve business resiliency and
  • excellence in the face of a disaster and during a pandemic,
  • examining not only how to get back to normal but also how to
  • exploit new opportunities and grow.

Mitigating Security Risks: Maintaining a Secure Workplace

  • Securing a workplace is a collaborative effort and requires contribution from everyone, including employees at all levels. It's a leader's role to educate and encourage everyone to build a security mindset into their daily practices. In this course, you'll learn how to foster a secure workplace.
  • You'll start by exploring what comprises a secure workplace before examining best practices for achieving this state. You'll then outline best practices for developing a security policy.
  • Next, you'll study how to conduct security awareness training, cultivate an organization-wide security mindset, and encourage employees to take ownership of the security processes.
  • Finally, you'll learn about the role of security certifications, specifically the Cyber Maturity Model certification. You'll recognize what it comprises and how it applies to a secure workplace.

Final Exam: Mitigating Security Risks

Final Exam: Mitigating Security Risks will test your knowledge and application of the topics presented throughout the Mitigating Security Risks track of the Skillsoft Aspire Security Essentials for Decision Makers and Leaders Journey.

Mitigating Security Risks

  • Mitigate security risks by identifying a phishing email,

  • creating and sending a phishing email and subscribing to the
  • Microsoft Security Notification Service. Then, calculate the
  • vulnerability score for a given vulnerability. This lab is aligned
  • to the Mitigating Security Risks track of the Skillsoft Aspire
  • Security for Decision-makers and Leaders journey.

Kenmerken

Docent inbegrepen
Bereidt voor op officieel examen
Engels (US)
52 uur
Cybersecurity
365 dagen online toegang
HBO

Meer informatie

Doelgroep Manager, Teamleider
Voorkennis

Geen voorkennis vereist. Dit ontwikkelpad is gericht op leidinggevenden en besluitvormers binnen organisaties.

Resultaat

Na het volgen van dit ontwikkelpad ben je bekend met de vaardigheden om goed geïnformeerde beslissingen te nemen met betrekking tot informatiebeveiliging. Je hebt een groter bewustzijn van veel voorkomende beveiligingsrisico's, de blootstelling eraan, en hun impact op bedrijven en middelen. Je hebt kennis genomen met het identificeren, evalueren en plannen van beveiligingsrisico's. Tot slot ben je bekend met best practices en richtlijnen om beveiligingsrisico's te beperken.

Positieve reacties van cursisten

Training: Leidinggeven aan de AI transformatie

Nuttige training. Het bestelproces verliep vlot, ik kon direct beginnen.

- Mike van Manen

Onbeperkt Leren Abonnement

Onbeperkt Leren aangeschaft omdat je veel waar voor je geld krijgt. Ik gebruik het nog maar kort, maar eerste indruk is goed.

- Floor van Dijk

Training: Leidinggeven aan de AI transformatie

Al jaren is icttrainingen.nl onze trouwe partner op het gebied van kennisontwikkeling voor onze IT-ers. Wij zijn blij dat wij door het platform van icttrainingen.nl maatwerk en een groot aanbod aan opleidingen kunnen bieden aan ons personeel.

- Loranne, Teamlead bij Inwork

Hoe gaat het te werk?

1

Training bestellen

Nadat je de training hebt besteld krijg je bevestiging per e-mail.

2

Toegang leerplatform

In de e-mail staat een link waarmee je toegang krijgt tot ons leerplatform.

3

Direct beginnen

Je kunt direct van start. Studeer vanaf nu waar en wanneer jij wilt.

4

Training afronden

Rond de training succesvol af en ontvang van ons een certificaat!

Veelgestelde vragen

Veelgestelde vragen

Op welke manieren kan ik betalen?

Je kunt bij ons betalen met iDEAL, PayPal, Creditcard, Bancontact en op factuur. Betaal je op factuur, dan kun je met de training starten zodra de betaling binnen is.

Hoe lang heb ik toegang tot de training?

Dit verschilt per training, maar meestal 180 dagen. Je kunt dit vinden onder het kopje ‘Kenmerken’.

Waar kan ik terecht als ik vragen heb?

Je kunt onze Learning & Development collega’s tijdens kantoortijden altijd bereiken via support@icttrainingen.nl of telefonisch via 026-8402941.

Background Frame
Background Frame

Onbeperkt leren

Met ons Unlimited concept kun je onbeperkt gebruikmaken van de trainingen op de website voor een vast bedrag per maand.

Bekijk de voordelen

Heb je nog twijfels?

Of gewoon een vraag over de training? Blijf er vooral niet mee zitten. We helpen je graag verder. Daar zijn we voor!

Contactopties