Information Security Management

Introduction:

Information is the lifeblood to all organizations, without it, it would be severely impacted and ultimately cease to function. Information is knowledge and knowledge is power. With an ever-changing climate of technology and threats (both technical and human), the need for trained security personnel to protect our information becomes increasingly critical evolutionary task.

Information is at risk from many sources, legal, electronic, physical, internal, and external to mention a few. It is paramount that security and related management personnel have an understanding of the risks, controls, and countermeasures that are available to secure information and technology within an effective management framework. Furthermore, utilizing countermeasures, best practice and management techniques will mitigate electronic and physical risks and enhance protection to an organization

Targeted Groups:

Risk Management
IT Security and IT Security Auditing
Technical IT Management
Those with involvement of systems integration and corporate IT development
Financial controllers with a technical interest may also benefit from the seminar

Course Objectives:

At the end of this course the participants will be able to:

Gain knowledge of the concepts relating to information security management (confidentiality, integrity, availability, vulnerability, threats, risks, countermeasures, etc.)
Understand the current legislation and regulations which impact upon information security management
Be fully aware of current national and international standards such as ISO 27002, frameworks and organizations which facilitate the management of information security
Understand the current business and common technical environments in which information security management has to operate
Gain knowledge of the categorization, operation, and effectiveness of controls of different types and characteristics

Targeted Competencies:

Information security management
Vulnerability assessment and management
Applying cybersecurity solutions
Developing IT policies and procedures
Data Integrity
Risk management

Course Content:
Unit 1: Overview of Information Security:

What is Information Security?
Examples of Information Security Incidents
What is Information Security Management?
Human Aspect of Information Security
Social Engineering

Unit 2: Information Security for Server Systems:

Attacks for Personal Computers and Smartphones and countermeasure
Information Security Risk Management
What is the Risk Management process?
Identifying Information Assets
Identifying Security Risk and evaluation
Risk Treatment

Unit 3: Security Risk management as an Organization:

Information Security Governance
Information Security Management System (ISMS)
Information Security Policy, Standards, and Procedures
Information Security Evaluation
Security Incident Response

Unit 4: Information Security and Cryptography:

Requirements for Secure Communication
What is Cryptography?
Classic and Modern Cryptography
Common Key Cryptography algorithms: DES, Triple DES, AES
Problems of Key distribution for Common Key Cryptography

Unit 5: Data Integrity and Digital Signature:

Integrity of Data
Hash Function
Digital Signature
Public Key Certificate and Public Key Infrastructure (PKI)
Certificate Authority

Business Information Technology Planning, Deployment & Management

Information Security Management

Introduction:

Targeted Groups:

Course Objectives:

Targeted Competencies:

Course Content: Unit 1: Overview of Information Security:

Unit 2: Information Security for Server Systems:

Unit 3: Security Risk management as an Organization:

Unit 4: Information Security and Cryptography:

Unit 5: Data Integrity and Digital Signature:

Our Training Courses

Contact Us

Istanbul Office (Turkey)

London (UK)

Amman (Jordan)

Course Content:
Unit 1: Overview of Information Security: