Fundamentals of Threats and Risk Management Training

Fundamentals of Threats and Risk Management Training

Cybersecurity risk management takes the idea of real world risk management and applies it to the cyberworld.

It involves identifying your risks and vulnerabilities and applying administrative actions and comprehensive solutions to make sure your organization is adequately protected.

In general, an organization needs to determine what assets it needs to protect and prioritize them before setting up a cybersecurity risk management system. According to the National Institute of Standards and Technology (NIST) in its Framework for Improving Critical Infrastructure Cybersecurity, there is no one-size-fits all solution. Different organizations have different technology infrastructures and different potential risks.

Some organizations such as financial services firms and healthcare organizations have regulatory concerns in addition to business concerns that need to be addressed in a cybersecurity risk management system.

These days it’s crucial for every organization, no matter the size or industry, to develop a cybersecurity management plan.

Cybersecurity pros often recommend that organizations follow the Capability Maturity Model approach for risk management assessments:

• Initial: The starting point for use of a new or undocumented repeat process
• Repeatable: The process is at least documented sufficiently such that repeating the same steps may be attempted
• Defined: The process is defined and confirmed as a standard business process
• Managed: The process is quantitatively managed in accordance with agreed-upon metrics
• Optimizing: The process management includes deliberate process optimization/improvement.

With the desired risk posture identified, examine the enterprise technology infrastructure to determine a baseline for the current risk posture and what the enterprise needs to do to move from the current state to the desired state of risk exposure.

However, even small security vulnerabilities can lead to large losses if network systems are connected in such a way that intrusion into an unimportant area can provide an unauthorized entry into more important systems and more sensitive data.

An  important aspect of cybersecurity risk management often overlooked is implementing an evolving risk assessment. An organization’s entire risk management process should be reviewed on a regular basis and changed as new technologies are introduced into the company or organization.

New technologies could affect where sensitive data is stored and as more tools are integrated into the organization’s processes, there is more risk for data to fall into the wrong hands.

Additionally, keep in mind that IT systems are continually being updated, software applications are being replaced and updated with newer versions, and the human aspect is also changing, putting weight on training new personnel with evolving security policies that affect existing employees.

New risks will surface and risks previously mitigated may be reborn into new vulnerabilities. All in all, your risk management process must be ongoing and evolving to combat new and existing threats.

Fundamentals of Threats And Risk Management Training Course by Tonex

By taking the Fundamentals of Threats and Risk Management Training, participants learn the history behind cybersecurity and requirements of a secured network in the modern cyber-world. The training also helps you to understand the common threats and attacks and results of each attack on security and reliability of a network.

The Fundamentals of Threats and Risk Management Training course simply teaches you the concept of cybersecurity, definition of threats, different types of vulnerabilities in the system security, definition of network, common types of network attacks with examples, and effect of the internet on network security these days.

Learn about malware in cybersecurity, different types of viruses, Trojan horses, and spyware. This course will address the latest techniques, tools and case studies from information studies in enterprise level and component level down to the field, network and IT level.

Learn how malware exploits and malicious code attacks can penetrate cybersecurity and what procedures should be done to secure the network in case these attacks occur.

Recognize network security issues, destructive behavior of unauthorized network access to cybercrimes and effect of firewalls. Moreover, learn how to detect cybercriminals, close the access to them, and perform system back ups in case of cyber-attack.

This training helps you to understand how detecting threats and protecting data systems against them cyber losses. It also teaches you recent advancement and risk management techniques to handle the threats.

If you are a professional who specialize in managing or designing security solutions and risk based management provider, you will benefit from the presentations, examples, case studies, discussions, and individual activities upon the completion of this course.

Aditionally, the fundamentals of threats and risk management training will help you to identify cybercriminals, conduct risk management processes and develop appropriate incident response in advance to protect systems against vulnerabilities.

Audience

The fundamental of threats and risk management training is a 2-day course designed for:

• All individuals who need to understand the concept of risk management and threats.
• Cybersecurity professionals, network engineers, security analysts, policy analysts.
• Security operation personnel, network administrators, system integrators and security consultants.
• Computer engineers working on cybersecurity technology.
• Test engineers who need to learn the security issues in networks.
• Security traders to understand the cybersecurity systems.
• Investors and contractors who plan to make investments in security system industry.
• Technicians, operators, and maintenance personnel who are or will be working on cybersecurity projects.
• Managers, accountants, and executives of the    cybersecurity industry.

Training Objectives

Upon completion of the training course, the attendees are able to:

• Understand the foundation and history behind the cybersecurity
• Explain different types of threats and attacks in cyber world
• Understand how to recognize the threats and classify different methods of defense
• Process the risk management techniques in networks
• Identify different types of spywares, malwares or malicious codes in cybersecurity
• Understand the policies and regulations of cybersecurity networks
• Manage the detection and protection solution depending on the type of attack
• Identify the attackers and understand the method of hacking in different cyber secured networks
• Define types of incidents in cybersecurity
• Access additional external resources to supplement knowledge of cybersecurity

Training Outline

The Fundamentals of Threats and Risk Management Training course consists of the following lessons, which can be revised and tailored to the client’s need:

Introduction to Cybersecurity

• Definition of Cybersecurity
• Information security principles
• System engineering approaches for Cybersecurity
• Cyber world
• Cyber space
• Cyber domain
• Cyber ecosystem
• Cyber culture
• Cyber environment
• Cognitive layer of cyber world
• Service layer of cyber world
• Semantic layer in cyber world
• Syntactic layer of cyber world
• Physical layer of cyber world
• Professional terms used in cybersecurity
• concepts and approaches in cybersecurity
• impact of legal issues in cybersecurity
• online security resources
• Basic security terminology
• Microsoft security adviser

Threats and Vulnerabilities

• Threats to be dangerous for the system security
• Definition of threats
• Different types of threats
• System security in one term
• Phishing and spear phishing
• Malicious code
• Weak and default passwords
• Unpatched or outdated software vulnerabilities
• Removable media

Network Attacks

• DOS Attacks
• Denial of Service Flooding Attacks
• Disassociation Attacks
• Disclosure Attacks
• Reading/Revealing Information
• MITM Attacks
• Modification Attacks Changing Information
• Destructive Attacks
• Escalation of Privilege
• Network Security Architectures
• Sniffing
• Password grabbing
• Brute Force
• Password attempts
• Buffer Overflows
• Spoofing Attacks
• Forging IP/MAC/Etc.
• Flooding: SYN, UDP, ICMP
• Flooding Redirection: using ICMP, ARP, STP, MITM Attacks
• Anti-Virus: Worms, Viruses, Trojans Masquerading Social Engineering

Concept of Network and Effect of Internet in Cybersecurity

• Basics of networks
• Physical network, Local network
• Speed of a network
• concept of connection speed
• Data transmission
• IP address
• History of the internet
• Basics of network utilities
• Network devices important for cybersecurity
• network communication
• Importance of network communication in cybersecurity
• media access control (MAC) addresses
• Uniform resource locators (URL)
• Critical infrastructures
• Energy transmission and distribution network
• Telecommunication and information system network
• Community technology network
• Financial system network
• Food supply network
• Security network
• Health care system
• Supervisory control and data acquisition system (SCADA)
• Responsibilities of cybersecurity
• Cyber security training
• National and international cooperation toward cybersecurity

Malware in Cybersecurity

• Viruses as the most common threats
• Spreading a virus
• Common types of viruses in Cybersecurity
• W32
• Netsky-p
• Troj
• Invo-zip
• MacDefender
• Sobig virus
• Mimail
• Nonvirus
• How to avoid viruses?
• Trojan Horses
• Well-known Trojans
• Auto start of Trojans
• Buffer-overflow attack
• Sasser virus
• Spyware
• Legal usage of spyware
• How to identify a spyware
• Rootkit
• Malicious web-based code
• Logic bombs
• Spam
• Detecting viruses and spywares
• Antivirus software
• Antispyware software

Information Assurance in Cybersecurity

• Why should we protect the network?
• Concept of confidentiality
• Concept of integrity in information assurance
• Availability of information
• Management process
• Network protection
• Risk management
• Knowledge of your team
• Personnel training for information assurance
• Understanding the threat
• Securing the system
• Personal devices security
• Common access card security
• Continuity of operation plans
• Facility disaster recovery plan
• Information technology contingency plan
• Incident response
• Information assurance enforcement

Network Security

• The ISO/OSI reference model
• Popular networks
• UUCP
• The language of the internet
• Open design
• TCP
• UDP
• Risk management; vital part of network security
• Destructive behavior
• Unauthorized access
• Firewalls and network security
• Hybrid system network security
• Single point of failure in network
• Secure modems/dial back system
• Crypto-capable routers
• Virtual private networks

Website Security in Presence of Cybercriminals

• Updating the software
• Close the access resources
• Credential security
• Performing the back ups
• Hosting companies
• Website builders
• Backup functions
• Dynamic cloud hosting

Insider Threats in a Cyber World

• Definition of insider threat
• Location of insider threats on security agenda
• Growing insider threats
• Active directory and insider threats
• Network management and compliance
• Trends of insider activities
• Enterprise-wide risk assessment for insiders threats
• Insider threat awareness incorporation into security training
• Enforcing policies and controls
• Monitoring suspicious or disruptive behavior
• Managing the negative issues regarding the insider threats
• Strict password implementation
• Recognizing the assets
• Separation of duties and least privilege
• Beating insider threats

Risk Management Techniques in Cybersecurity

• Identifying the cybercriminals
• Economic companies as a cyber-threat
• Identifying the hackers
• Risk management process
• Implementing industry standards
• Evaluating and managing the organization
• Providing oversight
• Incident response development
• Situational awareness of cyber threats
• Risk management regime
• User education
• Incident management
• Malware protection
• Network security management
• Risk management applications
• Strategic planning
• Resource decisions
• Operational planning
• Real-world events

Hands-on and In-Class Activities

• Labs
• Workshops
• Group Activities

Sample Workshops Labs for Fundamentals of Threats and Risk Management Training

• Risk Response monitoring and control
• How to Identify Threats and Vulnerabilities in an IT Infrastructure
• Execute risk strategies
• Align Threats and Vulnerabilities to the Risk Management Controls
• Contingency plans and workarounds
• Risk evaluation
• Reassessing risk
• Perform a Qualitative Risk Assessment for an IT Infrastructure
• Risk documentation
• Identify Risks, Threats, and Vulnerabilities in an IT Infrastructure Using Zenmap GUI (Nmap)

Fundamentals of Threats and Risk Management Training