This is a 4TU course
- To understand and explain the complexities of information security in a mature organization;
- To have knowledge of the common models and standards for managing information security and to be able to apply this to real-world organizations;
- To be familiar with the state of the practice and the state of the art in information security and be able to assess the position of an organization in this field;
- To be familiar with the leading standards in this area, their shortcomings and practical implementation guidelines, and to be able to apply this on a given organization
- To be able to map risk appetite to control objectives, control and guidance documentation, and to assess the compliance against control objectives using expert assessment and internal audit;
- To understand the common risks and controls in information security;
- To be able to do basic security assessments
ASSESSMENT AND IMPROVEMENT CAPABILITIES
GOVERNANCE AND RISK MANAGEMENT -Managing and governing information risks. Risk management methodologies in the industry. Overview of the leading control frameworks. Compliance against security risks and reporting. Common pitfalls in implementation and research challenges.
IDENTITY AND ACCESS MANAGEMENT -Managing electronic identities in B2B and B2C and their importance to organizational security. Cross use of EI between government agencies and the financial sector. Potential business growth areas.
ASSESSMENT OF INDUSTRIAL CONTROL SYSTEMS -Introduction to ICS and trends and common security threats. Differences between managing the security of ICS and IT systems. Common challenges in ICS security and how organizations approach them. Live demonstration of an ICS attack.
PHYSICAL SECURITY AND SECURITY AWARENESS-The link between physical, digital and social security. Physical security controls. Social engineering. Methodologies for enhancing security awareness. Penetration testing. Research challenges and potential business growth areas. Short exercise.
ALERTING AND MONITORING CAPABILITIES
SECURITY MONITORING –Development and deployment of monitoring capabilities. Live demo (or visit of operational) security operations center (SOC).
MANAGED SECURITY SERVICES -Outsourcing and managing services involving operational security such as SIEM, Log Management, Layer 7 protection and SOC deployment. Design, implementation and maintenance of security solutions. Live demo.
RESPONSE AND RECOVERY CAPABILITIES
INCIDENT AND THREAT MANAGEMENT –Identification of potential threats and events of interest. Triage of threats and analysis of incidents. Response and escalation procedures and processes. Few cases from the industry and a live exercise jointly with the crisis management lecture.
CRISIS MANAGEMENT AND BUSINESS CONTINUITY-Developing agile response capabilities. Crisis management governance. Decision making, escalation and notification processes. Few cases from the industry. Live exercise.
BIT and RI (4TU Cybersecurity, with tele-lectures to TU Delft)