IT Security Architecture & Leadership, 24 - 27 November 2013 Dubai UAE
Upcoming SlideShare
Loading in...5
×
 

IT Security Architecture & Leadership, 24 - 27 November 2013 Dubai UAE

on

  • 409 views

This 4 day training program combines advanced technology and relevant practical experience to develop your IT security policies & create a robust IT infrastructure. ...

This 4 day training program combines advanced technology and relevant practical experience to develop your IT security policies & create a robust IT infrastructure.

Information security is critical for modern business models today.
Organizations must be prepared to take crucial steps to strengthen their IT infrastructure from both internal & external threats.
Organizations must look to develop a security network that enhances business operations while improving its security position. Successful security architecture combines a mix of the latest policies & practices, technology, and a robust awareness program.

This 4 day intensive training workshop addresses the latest concerns on IT infrastructure and security. Participants will develop key skills and core competencies that will allow them to meet the ever-changing security demands of the 21st century.

Course Participants will:

Master the tools & techniques for effective information & network security.
Discover how to create a complete & sustainable IT security architecture.
Gain knowledge on how to develop sound security policy together with your security architecture.
Learn how to perform an IT governance assessment using CoBIT 4.0
Learn how to perform smart security risk assessment within your organization.
Gain valuable insights on implementing a proactive & robust security management system.
Learn how to detect & prevent information security breaches due to inadequate IT security awareness within the organization.


Who should attend:

Vice Presidents, Directors, General Managers
Chief Information Officers
Chief Security Officers
Chief Information Security Officers
Chief Technology Officers

Contact Kris at kris@360bsi.com for further information.

Statistics

Views

Total Views
409
Views on SlideShare
409
Embed Views
0

Actions

Likes
0
Downloads
6
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

IT Security Architecture & Leadership, 24 - 27 November 2013 Dubai UAE IT Security Architecture & Leadership, 24 - 27 November 2013 Dubai UAE Document Transcript

  • 1 YOUR INTERNATIONAL COURSE FACILITATOR Mark T. Edmead MBA, CISSP, CISA, CompTIA Security+ IT Security Consultant & Trainer MTE Advisors Mark T. Edmead is a successful technology entrepreneur with over 28 years of practical experience in computer systems architecture, information security, and project management. Mark excels in managing the tight-deadlines and ever changing tasks related to mission-critical project schedules. He has extensive knowledge in IT security, IT and application audits, Internal Audit, IT governance, including Sarbanes-Oxley, FDIC/FFIEC, and GLBA compliance auditing. Mr. Edmead understands all aspects of information security and protection including access controls, cryptography, security management practices, network and Internet security, computer security law and investigations, and physical security. He has trained Fortune 500 and Fortune 1000 companies in the areas of information, system, and Internet security. He has worked with many international firms, and has the unique ability to explain very technical concepts in simple-to-understand terms. Mr. Edmead is a sought after author and lecturer for information security and information technology topics. Mark works as an information security and regulatory compliance consultant. He has: • Conducted internal IT audits in the areas of critical infrastructure/ systems and applications, • Assessed and tested internal controls of critical infrastructure platform systems (Windows, UNIX, IIS, SQL, Oracle) • Assessed and tested internal controls of various critical financial applications. • Prepared risk assessments and determined risks to critical financial data systems and infrastructure components. • Created test plans & processes and executed test plans. • Conducted reviews of existing systems and applications, ensuring appropriate security, management and data integrity via control processes. • Prepared written reports to all levels of management • Participated in audit review panel sessions to address results, conclusions and follow-up actions required. Tel: +6016 3326360 Fax: +603 9205 7779 kris@360bsigroup.com 1. An extensive IT Security Architecture Questionnaire that will help you evaluate your organization’s security position. 2. FREE CD containing course materials, case studies and other related items of the training seminar. 3. Take with you templates and worksheets to aid you in applying and putting into practice what you have learned from this workshop. 4. FREE CoBIT 4.0 IT Governance Assessment Evaluation Spreadsheet 1.1. AAnn exextetensnsivivee ITIT SSecec evaluate your organizati EXCLUSIVE: ArArchchititecectuturere QQueueststioionnnnaiairere tthahatt wiwillll hhelelpp yoyouu i ’ it iti ccururitityy i ti :: PRE COURSE QUESTIONNAIRE & TAKEAWAYS Course Participants will: • Master the tools & techniques for effective information & network security. • Discover how to create a complete & sustainable IT security architecture. • Gain knowledge on how to develop sound security policy together with your security architecture. • Learn how to perform smart security risk assessment within your organization. • Learn how to perform an IT governance assessment using CoBIT 4.0. • Gain valuable insights on implementing a proactive & robust security management system. • Learn how to detect & prevent information security breaches due to inadequate IT security awareness within the organization. BENEFITS OF ATTENDING Part 1: Successful Information Security Manager/Leadership Workshop (Day 1) Effective Leadership from the management team is a key feature of a positive information security culture as it determines how everybody else in the organization will view and act upon safety issues. Managing information security and managing information security teams is sometimes a challenge in many organizations. Maintaining strong information security is one of the major challengers in today’s world and it requires strong leadership and management skills. Although many think that leaders are born, not made, anyone can be a better leader. Part 2: IT Architecture Security (Day 2-4) With the rapid growth & development of the internet, organizations are taking advantage of the new opportunities available. Likewise, unscrupulous individuals are also exploiting the situation to collect & steal data from companies & their customers. Information security is therefore critical for today's modern business models. Organizations must be prepared to take crucial steps to strengthen their IT infrastructure from both internal & external threats. Organizations must look to develop a security network that enhances business operations while improving its security position. Successful security architecture combines a mix of the latest policies & practices, technology, and a robust awareness program. This intensive training workshop addresses the latest concerns on IT infrastructure and security. Participants will develop key skills and core competencies that will allow them to meet the ever-changing security demands of the 21st century. COURSE OVERVIEW IT SERIES 24 - 27 NOVEMBER 2013 RADISSON BLU DUBAI DEIRA CREEK UNITED ARAB EMIRATES IT SECURITY ARCHITECTURE & LEADERSHIP
  • 2 WHO SHOULD ATTEND Vice Presidents, Directors, General Managers Chief Information Officers Chief Security Officers Chief Information Security Officers Chief Technology Officers Heads of Departments in Information Security Management Information Systems, IT Infrastructure, IT Architecture, Network Operations, IT Operations, IT Data Center, DataBase Management, IT Deployment IT Business Enterprise, IT Risk Management, IT Quality Assurance, IT Audit, Risk Management, Internal Audit, Business Continuity Planning WHY THIS EVENT The aim of this interactive workshop is to provide you with the skills critical to developing your IT Security Architecture & Policies. After attending this workshop, you will leave fully armed with the knowledge needed to design and maintain a strong & secure IT infrastructure. The combination of interactive presentations, hands-on exercises and open discussion groups along with real case studies, ensures you will obtain maximum value from attending. COVERAGE IT Security Concepts & Principles Roles & Responsibilities Security Awareness Layered Security approach Security Policy Implementation Risk & Vulnerability Assessment Threat Identification Penetration testing IT Network & System Security IT Security Architecture Security Design & Maintenance Security Control Frameworks ISO 27001 Security Standard Laws & regulations DAY2 IT SECURITY - CONCEPTS & PRINCIPLES We will cover the main concepts, principles, structures, and standards used to design, monitor, and secure operating systems, equipment, networks, applications and those controls used to enforce various levels of confidentiality, availability, and integrity. Laying the foundation - The relationship between people, process and technology - The information security triad: confidentiality, integrity and availability - Concepts of security management - Creating policies, standards, guidelines and procedures - Promoting security awareness Protecting our assets - Where attacks come from - Protecting from internal attacks - Protecting from external attacks - Threats and vulnerabilities overview Security Architecture Basics - Security as an design goal - Security models - Authentication methods - Authorization - Models for access control The Objectives of Security - The active defense approach to security - Using the Defense in Depth concept - Layered approach including perimeter security, network security, host based security, and human awareness DAY1 INFORMATION SECURITY MANAGER LEADERSHIP WORKSHOP Information Security Leadership Workshop is a special one-day course designed to teach information security professionals how to become an effective information security manager. In addition, you will learn tips and techniques that will increase your competence and confidence when influencing information security in your organization. The role of the Information Security Manager - The challenge of managing an IT department - How to promote information security to the organization - Concepts of security management - Promoting security awareness Managing 101 - Difference between managers and leaders - Skills needed for excellence in management - Developing your management style - Using Emotional Intelligence Effective Team Management - Organizing and developing effective teamwork - Developing and leveraging team synergy - Enhancing team communications - Motivating technical teams How IT security integrates with the Organization - The ideal IT security reporting structure - How to effectively work with others in the organization - Selling the IT security solutions to Upper Management - An action-plan checklist for Information Security Managers COURSE CONTENT
  • 3 COURSE SCHEDULE 8.00 8.30 10.10 - 10.30 12.00 - 13.00 14.40 - 15.00 16.00 Registration & Coffee/Tea Workshop commences Morning coffee/tea Lunch Afternoon coffee/tea End of day “Session well organized. The trainer is very conversant with the subject matter. Well delivered and would definitely recommend to anyone else.” - Habil Mutende, Manager Information Security & Change Management, Central Bank of Kenya “Excellent presentation, excellent attitude to answer our questions & to share his experience.” - Senior Manager, IT Department, Deloitte “The programme is good for IT professionals... [who] would like to setup ISO function or improve ISO.”- G. Ramgopal, Head IT Security, Bank Muscat Oman “I have used Mark in key roles with high visibility clients. Without hesitation I would highly recommend Mark for any and all IT audit engagements. His professionalism, deep knowledge, and results oriented work style are deeply valued by not only myself, but more importantly by the all those who are lucky enough to use his services.”- Russ Aebig, Director at Artesient “We have used Mark Edmead on several projects in the past few years including SOX readiness for publicly traded companies and IT vulnerability assessments for major financial institutions. He always delivers professional and detail-oriented workpapers on-time and within budget. Mark is highly recommended and we will continue to use him on other projects.”- Brenda Piazza, Director at CBIZ MHM 1 3 2 4 5 “SSes ision w lelll ororgag inizezedd. TThehhe ttraraininerer iiss vver conversant with the subject matter. Well 11 Latest TESTIMONIALS DAY4 THREAT, RISK & VULNERABILITY ASSESSMENT We will discuss the vulnerabilities, threats, and risks to the system and network environment. We will discuss practical application of risk assessment to an organization, how to conduct an assessment, and how to use this information to improve the security posture. Vulnerability and Penetration testing - Why performing vulnerability and penetration testing is important - Tools and techniques used in penetration testing - Review of sample penetration testing report - How to correct problems identified in the vulnerability and penetration testing report Protecting the network - Firewalls and other perimeter security devices - Intrusion detection systems - Using a scanner to discover vulnerabilities - Understanding network management tools Business continuity and disaster recovery - What are BCP and DR plans - How to begin the business continuity planning process - Performing a business impact assessment (BIA) - Understanding the various disaster recovery options Cloud security - Protecting your data in cloud - Pros and cons of cloud computing - Understanding how cloud security - The difference between cloud and virtualization DAY3 ESTABLISHING YOUR SECURITY POLICY We will discusses the value of the information and what we need to do to protect it. Effective security architecture begins with the establishment of a security policy. Organizations should also perform a risk assessment in order to better understand the important areas in their security architecture. Developing a Security Policy - The overall“plan of attack/defense” - Declaration of intent - Characteristics of a good policy - Policy examples Objectives of Risk Management - Benefits of performing a risk assessment - Prioritizing vulnerabilities and threats - Identifying the risk impact and determine acceptable risks - Creating a risk matrix The value of information - Why you need to classify levels of information - Managing data at rest and in transit - Understanding data access controls - The value of knowing where your data resides Basic security threats and principles - Vulnerabilities, threats and countermeasures - Hacker probing and attack - LAN, WAN, and wireless network technologies and protocols COURSE CONTENT
  • PAYMENT DETAILSFEES 4 OTHER RELATED PUBLIC COURSES IT Strategic Planning Service Oriented Architecture (SOA) Business Continuity and Disaster Recovery Preparing for the CISSP exam Cybercrime & Fraud Investigation IT Change Management IT Project Management 360 BSI is passionate about providing strategic IT programs and high potential training solutions across the region to build personal competencies and organizational capability. You will receive practical training from a professionally qualified educator with over twenty years of teaching and training experience. Please feel free to mix-and-match topics from the areas listed below to get the right training content for your staff. Other topics may be available upon request. IN-HOUSE TRAINING Thank you for your registration! * Save up to 50% for In-house Training program Substitutions are welcome at any time. Please notify us at least 2 working days prior to the event. All cancellations will carry a 10% cancellation fee, once a registration form is received. All cancellations must be in writing by fax or email at least 2 weeks before the event date. Cancellations with less than 2 weeks prior to the event date carry a 100% liability. However, course materials will still be couriered to you. General Information: 1 2 3 4 5 Cancellations/Substitutions Fax: +603 9205 7779 Tel: +603 9205 7772 Mobile: +6016 3326 360 Email: kris@360bsigroup.com REGISTRATION FORM Hotel Contact Details: Payment is required within 5 days upon receipt of the invoice. All payments must be received prior to the event date USD 8,085- Special for Group of 3 USD 2,995 per delegate USD 12,000- Special for Group of 5 Bank transfer: 360 BSI MIDDLE EAST LIMITED Abu Dhabi Commercial Bank Dubai Mall Branch, P.O.Box 49124 Dubai, U.A.E Account No: 10065721319001 Swift No: ADCBAEAAXXX IBAN No: AE780030010065721319001 The fee does not include any taxes (withholding or otherwise). In case of any taxes applicable the client has to ensure that the taxes are paid on top of the investment fee paid for the course. Compliance with the local tax laws is the responsibility of the client. 360 BSI (M) Sdn Bhd (833835-X), Level 8 Pavilion KL, 168 Jalan Bukit Bintang, 55100 Kuala Lumpur, Malaysia.© Name Name on tag Job Title Email Mobile : : : : : Name Name on tag Job Title Email Mobile : : : : : Name Name on tag Job Title Email Mobile : : : : : 1 2 3 DELEGATES AUTHORIZATION (This form is invalid without a signature) Name : Job Title : Email : ( )Tel : Organization : Address : Signature : Date: / / 24 - 27 NOVEMBER 2013 RADISSON BLU DUBAI DEIRA CREEK UAE For Room Reservation, contact for 360BSI corporate rates. Telephone: 00971 4 2057105 Fax: 00971 4 2234698 E-mail: reservations.dxbza@radissonblu.com Radisson BLU Hotel, Dubai Deira Creek Baniyas Road, P.O. Box 476, Dubai, UAE Registrations close ONE (1) week before the training dates. The fees cover lunch, tea breaks, materials and certificate. Official confirmation will be sent, once registration has been received. Participants will need to arrange their own accommodation. Attire: Smart Casual IT SECURITY ARCHITECTURE & LEADERSHIP