Your SlideShare is downloading. ×
IT SECURITY                                                   ARCHITECTURE                                                ...
COURSE     CONTENTDAY1 INFORMATION SECURITY MANAGER     LEADERSHIP WORKSHOP     Information Security Leadership Workshop i...
COURSE     CONTENTDAY3 ESTABLISHING YOUR SECURITY POLICY     We will discusses the value of the information and what we ne...
IT SECURITYARCHITECTURE                                                                                          REGISTRAT...
Upcoming SlideShare
Loading in...5
×

IT Security Architecture & Leadership, 18 - 21 November 2012 Dubai UAE

171

Published on

This 4 day training program combines advanced technology and relevant practical experience to develop your IT security policies & create a robust IT infrastructure.

Information security is critical for modern business models today.
Organizations must be prepared to take crucial steps to strengthen their IT infrastructure from both internal & external threats.
Organizations must look to develop a security network that enhances business operations while improving its security position. Successful security architecture combines a mix of the latest policies & practices, technology, and a robust awareness program.

This 4 day intensive training workshop addresses the latest concerns on IT infrastructure and security. Participants will develop key skills and core competencies that will allow them to meet the ever-changing security demands of the 21st century.

Course Participants will:

Master the tools & techniques for effective information & network security.
Discover how to create a complete & sustainable IT security architecture.
Gain knowledge on how to develop sound security policy together with your security architecture.
Learn how to perform an IT governance assessment using CoBIT 4.0
Learn how to perform smart security risk assessment within your organization.
Gain valuable insights on implementing a proactive & robust security management system.
Learn how to detect & prevent information security breaches due to inadequate IT security awareness within the organization.


Who should attend:

Vice Presidents, Directors, General Managers
Chief Information Officers
Chief Security Officers
Chief Information Security Officers
Chief Technology Officers

Contact Kris at kris@360bsi.com for further information.

Published in: Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
171
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "IT Security Architecture & Leadership, 18 - 21 November 2012 Dubai UAE"

  1. 1. IT SECURITY ARCHITECTURE & LEADERSHIP 18 - 21 NOVEMBER 2012 RADISSON BLUIT DUBAI DEIRA CREEKSERIES UNITED ARAB EMIRATES COURSE OVERVIEW Part 1: Successful Information Security Manager/Leadership Workshop (Day 1) YOUR INTERNATIONAL Effective Leadership from the management team is a key feature of a positive COURSE FACILITATOR information security culture as it determines how everybody else in the organization will view and act upon safety issues. Mark T. Edmead Managing information security and managing information security teams is MBA, CISSP, CISA, CompTIA Security+ sometimes a challenge in many organizations. Maintaining strong information security is one of the major challengers in today’s world and it requires strong leadership and management skills. Although many think that leaders are born, not IT Security made, anyone can be a better leader. Consultant & Trainer MTE Advisors Part 2: IT Architecture Security (Day 2-4) Mark T. Edmead is a successful technology entrepreneur With the rapid growth & development of the internet, organizations are taking with over 28 years of practical experience in computer advantage of the new opportunities available. Likewise, unscrupulous individuals are systems architecture, information security, and project also exploiting the situation to collect & steal data from companies & their customers. management. Mark excels in managing the tight-deadlines and ever Information security is therefore critical for todays modern business models. changing tasks related to mission-critical project Organizations must be prepared to take crucial steps to strengthen their IT schedules. He has extensive knowledge in IT security, IT infrastructure from both internal & external threats. and application audits, Internal Audit, IT governance, including Sarbanes-Oxley, FDIC/FFIEC, and GLBA Organizations must look to develop a security network that enhances business compliance auditing. operations while improving its security position. Successful security architecture Mr. Edmead understands all aspects of information combines a mix of the latest policies & practices, technology, and a robust awareness security and protection including access controls, program. cryptography, security management practices, network and Internet security, computer security law and This intensive training workshop addresses the latest concerns on IT infrastructure investigations, and physical security. and security. Participants will develop key skills and core competencies that will allow He has trained Fortune 500 and Fortune 1000 companies them to meet the ever-changing security demands of the 21st century. in the areas of information, system, and Internet security. He has worked with many international firms, and has the BENEFITS OF ATTENDING unique ability to explain very technical concepts in simple-to-understand terms. Mr. Edmead is a sought after Course Participants will: author and lecturer for information security and • Master the tools & techniques for effective information & network security. information technology topics. • Discover how to create a complete & sustainable IT security architecture. Mark works as an information security and regulatory compliance consultant. He has: • Gain knowledge on how to develop sound security policy together with your security architecture. • Conducted internal IT audits in the areas of critical infrastructure/ systems and applications, • Learn how to perform smart security risk assessment within your organization. • Learn how to perform an IT governance assessment using CoBIT 4.0. • Assessed and tested internal controls of critical infrastructure platform systems (Windows, UNIX, IIS, SQL, • Gain valuable insights on implementing a proactive & robust security management Oracle) system. • Learn how to detect & prevent information security breaches due to inadequate IT • Assessed and tested internal controls of various critical financial applications. security awareness within the organization. • Prepared risk assessments and determined risks to EXCLUSIVE: : PRE COURSE QUESTIONNAIRE & TAKEAWAYS critical financial data systems and infrastructure c components. c 1. An extensive IT Security Architecture Questionnaire that will help you An extensive Security Architecture Questionnaire that will help you extensive Security Architecture Questionnaire that c help • Created test plans & processes and executed test plans. evaluate your organizati ’ security position. organization’s i tii it iti 2. FREE CD containing course materials, case studies and other related items of • Conducted reviews of existing systems and the training seminar. applications, ensuring appropriate security, management a and data integrity via control processes. a 3. Take with you templates and worksheets to aid you in applying and putting into practice what you have learned from this workshop. • Prepared written reports to all levels of management 4. FREE CoBIT 4.0 IT Governance Assessment Evaluation Spreadsheet • Participated in audit review panel sessions to address results, conclusions and follow-up actions required. r © 360 BSI (M) Sdn Bhd (833835-X), Level 8 Pavilion KL, 168 Jal Bukit Bin g, 55100 Kuala Lump , Malaysia BSI (M) Bhd (833835-X) L l Pavilion KL, 168 Jalan Bukit Bintang, (833835 X) Pavilion Kuala Lumpur Mala Lumpur, Malaysia. 1
  2. 2. COURSE CONTENTDAY1 INFORMATION SECURITY MANAGER LEADERSHIP WORKSHOP Information Security Leadership Workshop is a special one-day course designed to teach information security professionals how to become an effective information security manager. In addition, you will learn tips and techniques that will increase your competence and confidence when influencing information security in your organization. WHY THIS EVENT The role of the Information Security Manager The aim of this interactive workshop is to provide - The challenge of managing an IT department you with the skills critical to developing your IT - How to promote information security to the organization Security Architecture & Policies. - Concepts of security management - Promoting security awareness After attending this workshop, you will leave fully armed with the knowledge needed to Managing 101 design and maintain a strong & secure IT - Difference between managers and leaders infrastructure. - Skills needed for excellence in management The combination of interactive presentations, - Developing your management style hands-on exercises and open discussion groups - Using Emotional Intelligence along with real case studies, ensures you will obtain maximum value from attending. Effective Team Management - Organizing and developing effective teamwork - Developing and leveraging team synergy COVERAGE - Enhancing team communications IT Security Concepts & Principles - Motivating technical teams Roles & Responsibilities Security Awareness How IT security integrates with the Organization Layered Security approach - The ideal IT security reporting structure Security Policy Implementation - How to effectively work with others in the organization Risk & Vulnerability Assessment - Selling the IT security solutions to Upper Management Threat Identification - An action-plan checklist for Information Security Managers Penetration testing IT Network & System Security IT Security Architecture Security Design & Maintenance Security Control Frameworks ISO 27001 Security Standard Laws & regulationsDAY2 IT SECURITY - CONCEPTS & PRINCIPLES We will cover the main concepts, principles, structures, and standards used to design, monitor, and secure operating systems, equipment, networks, applications and those controls used to enforce various levels of confidentiality, availability, and integrity. Laying the foundation - The relationship between people, process and technology - The information security triad: confidentiality, integrity and availability - Concepts of security management - Creating policies, standards, guidelines and procedures - Promoting security awareness Protecting our assets - Where attacks come from - Protecting from internal attacks - Protecting from external attacks - Threats and vulnerabilities overview WHO SHOULD ATTEND Security Architecture Basics Vice Presidents, Directors, General Managers - Security as an design goal Chief Information Officers - Security models Chief Security Officers - Authentication methods Chief Information Security Officers - Authorization Chief Technology Officers - Models for access control Heads of Departments in Information Security Management Information Systems, IT The Objectives of Security Infrastructure, IT Architecture, Network - The active defense approach to security Operations, IT Operations, IT Data Center, - Using the Defense in Depth concept DataBase Management, IT Deployment - Layered approach including perimeter security, network security, host based security, and human awareness IT Business Enterprise, IT Risk Management, IT Quality Assurance, IT Audit, Risk Management, Internal Audit, Business Continuity Planning 2
  3. 3. COURSE CONTENTDAY3 ESTABLISHING YOUR SECURITY POLICY We will discusses the value of the information and what we need to do to protect it. Effective security architecture begins with the establishment of a security policy. Organizations should also perform a risk assessment in order to better understand the important areas in their security architecture. Developing a Security Policy Latest TESTIMONIALS - The overall “plan of attack/defense” 1 “Session well org nized The trainer is very “Session well organized.. The trainer is ver S i ll orga ized trainer - Declaration of intent conversant with the subject matter. Well delivered - Characteristics of a good policy and would definitely recommend to anyone else.” - Policy examples - Habil Mutende, Manager Information Security & Change Management, Central Bank of Kenya Objectives of Risk Management - Benefits of performing a risk assessment 2 “Excellent presentation, excellent attitude to - Prioritizing vulnerabilities and threats answer our questions & to share his experience.” - Identifying the risk impact and determine acceptable risks - Senior Manager, IT Department, Deloitte - Creating a risk matrix 3 “The programme is good for IT professionals... The value of information [who] would like to setup ISO function or improve - Why you need to classify levels of information ISO.” - G. Ramgopal, Head IT Security, Bank Muscat Oman - Managing data at rest and in transit - Understanding data access controls 4 “I have used Mark in key roles with high visibility - The value of knowing where your data resides clients. Without hesitation I would highly recommend Mark for any and all IT audit Basic security threats and principles engagements. His professionalism, deep - Vulnerabilities, threats and countermeasures knowledge, and results oriented work style are - Hacker probing and attack deeply valued by not only myself, but more - LAN, WAN, and wireless network technologies and protocols importantly by the all those who are lucky enough to use his services.” - Russ Aebig, Director at Artesient 5 “We have used Mark Edmead on several projects in the past few years including SOX readiness for publicly traded companies and IT vulnerabilityDAY4 THREAT, RISK & VULNERABILITY assessments for major financial institutions. He always delivers professional and detail-oriented ASSESSMENT workpapers on-time and within budget. Mark is We will discuss the vulnerabilities, threats, and risks to the system and highly recommended and we will continue to use network environment. We will discuss practical application of risk him on other projects.” - Brenda Piazza, Director at CBIZ MHM assessment to an organization, how to conduct an assessment, and how to use this information to improve the security posture. Vulnerability and Penetration testing - Why performing vulnerability and penetration testing is important - Tools and techniques used in penetration testing - Review of sample penetration testing report - How to correct problems identified in the vulnerability and penetration testing report Protecting the network - Firewalls and other perimeter security devices - Intrusion detection systems - Using a scanner to discover vulnerabilities - Understanding network management tools Business continuity and disaster recovery - What are BCP and DR plans - How to begin the business continuity planning process - Performing a business impact assessment (BIA) COURSE SCHEDULE - Understanding the various disaster recovery options 8.00 Registration & Coffee/Tea 8.30 Workshop commences Cloud security 10.10 - 10.30 Morning coffee/tea - Protecting your data in cloud - Pros and cons of cloud computing 12.00 - 13.00 Lunch - Understanding how cloud security 14.40 - 15.00 Afternoon coffee/tea - The difference between cloud and virtualization 16.00 End of day 3
  4. 4. IT SECURITYARCHITECTURE REGISTRATION FORM& LEADERSHIP Fax: +603 9205 7788 Tel: +603 9205 7770 Mobile: +6016 3326 36018 - 21 NOVEMBER 2012RADISSON BLUDUBAI DEIRA CREEK Email: kris@360bsi.comUAE DELEGATES IN-HOUSE TRAINING 1 Name : 360 BSI is passionate about providing strategic IT programs and high potential training solutions across the region to build Name on tag : personal competencies and organizational capability. Job Title : You will receive practical training from a professionally qualified educator with over twenty years of teaching and Email : training experience. Mobile : Please feel free to mix-and-match topics from the areas listed below to get the right training content for your staff. Other 2 Name : topics may be available upon request. Name on tag : OTHER RELATED PUBLIC COURSES Job Title : IT Strategic Planning Email : Service Oriented Architecture (SOA) Business Continuity and Disaster Recovery Mobile : Preparing for the CISSP exam Cybercrime & Fraud Investigation 3 Name : IT Change Management Name on tag : IT Project Management Job Title : Hotel Contact Details: Email : For Room Reservation, contact for 360BSI corporate rates. Telephone: 00971 4 2057105 Fax: 00971 4 2234698 Mobile : E-mail: reservations.dxbza@radissonblu.com Radisson BLU Hotel, Dubai Deira Creek AUTHORIZATION Baniyas Road, P.O. Box 476, Dubai, UAE (This form is invalid without a signature) General Information: Name : 1 Closing date for registration is 11th November 2012. 2 The fees cover lunch, tea breaks, materials and certificate. Job Title : 3 Official confirmation will be sent, once registration has Email : been received. 4 Participants will need to arrange their own accommodation. 5 Attire: Smart Casual Tel : ( ) Cancellations/Substitutions Organization : Substitutions are welcome at any time. Please notify us at Address : least 2 working days prior to the event. All cancellations will carry a 10% cancellation fee, once a registration form is received. All cancellations must be in writing by fax or email at least 2 weeks before the event date. Cancellations with less than 2 weeks prior to the event date carry a 100% liability. However, course materials will still be couriered to you. Signature : Date: / / Thank you for your registration! FEES PAYMENT DETAILS Payment is required within 5 days upon receipt of USD 2,995 per delegate the invoice. Bank transfer: USD 2,795 per delegate - register before 24-OCT-2012 360 INTERNATIONAL LIMITED USD 8,085 - Special for Group of 3 Standard Chartered Bank The fee does not include any taxes (withholding or otherwise). In case of any taxes applicable P.O.Box – 999 Al Fardan Building, the client has to ensure that the taxes are paid on top of the investment fee paid for the course. Al Mankhool Area, Bur Dubai, Dubai, U.A.E Compliance with the local tax laws is the responsibility of the client. Account No: 02-2077311-01 USD Swift No: SCBLAEADXXX * Save up to 50% for In-house Training program IBAN No: AE920440000102207731101 All payments must be received prior to the event date © 360 BSI (M) Sdn Bhd (833835-X), Level 8 Pavilion KL, 168 Jalan Bukit Bintang, 55100 Kuala Lumpur, Malaysia. www.360bsi.com/IT 4

×