Recommended
Recommended
More Related Content
Similar to Chapter_Presentation-CSX_Cert.pptx
Similar to Chapter_Presentation-CSX_Cert.pptx (20)
Recently uploaded
Recently uploaded (20)
Chapter_Presentation-CSX_Cert.pptx
- 1. Training and Certification Solutions for Cybersecurity Professionals Real threats. Real training. Real technical skill development.
- 2. ISACA helps global professionals lead, adapt, and assure trust in an evolving digital world by offering innovative and world-class knowledge, standards, networking, credentialing and career development. Cybersecurity professionals look to ISACA to: Ensure they have the skills necessary to advance their careers and stay relevant. Demonstrate their experience and skills to the market through credentialing. Cybersecurity Nexus™ (CSX) is a program designed to empower cybersecurity professionals to: Elevate their skillset. Take control of their career paths. 2 Cybersecurity Training and Certification from ISACA
- 3. TRAINING
- 4. 4 Employment Outlook Securities Skills Gap – An Industry in Need Source: ISACA’s State of Cybersecurity 2019 Whitepaper
- 5. 5 Cyberthreats Have Evolved Faster than Cybersecurity Training Lecture/discussion doesn't prep for the real world Problems with typical training: Trainees are left in the dark regarding new threats Focuses on what trainees know instead of what they can do US$5–6K per course + travel expenses + out-of- office time Limited Hands-On Practice Content Rarely Updated Q/A-Style Exams Only Cost and Inconvenience Not tailored to individual's or organization's needs One-Size-Fits- All Training
- 6. ISACA’s Cybersecurity Nexus™ (CSX) training program aligns to existing global cybersecurity frameworks, including the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework. Our training programs help build knowledge and skill in the following cybersecurity areas in varying degrees of complexity. 6 Focus on the RIGHT Skills for the Real World
- 7. Hands-on practical labs in hosted online in a live, dynamic network environment Content that’s continually updated based on the latest real-world threats Performance-based evaluation through every step of courses and labs An assessment tool that measures real technical skills Focused, self-paced courses that dive deep into specialized areas On-demand training 7 The CSX “Nexus” Training Platform Difference
- 8. 8 CSX Nexus Difference #1 PRACTICAL, HANDS-ON TRAINING LABS Online, real-time, live- network environment Built using the latest real- world threats Designed to build real, demonstrable technical skills The industry’s only true lab- based performance assessments in a virtual environment.
- 9. 9 CSX Nexus Difference #2 SKILLS-BASED EVALUATION AND SCORING Real-time testing and success metrics at the end of each lab and course Evaluation based on what trainee can do rather than what they know Trainees get actionable feedback Managers get valuable insight
- 10. 10 CSX Nexus Difference #3 CONTINUALLY UPDATED CONTENT New content addresses latest real-world attacks New topics informed by the latest threats in the cyber landscape
- 11. CERTIFICATION
- 12. 12 ISACA CSX Certificates and Certifications ISACA’s Cybersecurity Nexus™ (CSX) is designed to address this global skills gap head-on, offering continuous, relevant training for every step along your cyber career path. PENETRATION TESTING SERIES
- 13. Builds your understanding of basic cybersecurity principals, techniques, and terminology High-quality self-paced learning Training maps to industry standards like NIST’s CSF, ISO and ISA Next step toward cybersecurity for IS/IT roles CPE Credit Hours: 8 Certificate Exam gives you the competitive advantage of an entry-level credential 13 CSX Cybersecurity Fundamentals BEGINNER/ENTRY LEVEL
- 14. Builds on your understanding of basic cybersecurity principles Detailed online instruction, guidance and real- world practice you need in three courses: CSX Packet Analysis (CPE Credit Hours: 16) CSX Linux® Application and Configuration (CPE Credit Hours: 20) CSX Network Application and Configuration (CPE Credit Hours: 16) 14 CSX Technical Foundations BEGINNER/MEDIUM LEVEL
- 16. A growing selection of specialized training, labs, and certificates through CSX Nexus. 16 Specialized Penetration Testing Certificates INTERMEDIATE/ADVANCED LEVEL PENETRATION TESTING OVERVIEW CERTIFICATE ADVANCED EXPLOITATION CERTIFICATE VULNERABILITY AND EXPLOITATION CERTIFICATE
- 17. First vendor-neutral performance certification that measures and validates skills and abilities Build the deep technical skills required to perform well in key cybersecurity positions. Limited-time accelerated certification option* *prerequisites apply 17 Cybersecurity Practitioner Certification (CSX-P) EXPERT LEVEL
- 18. Affirm your information security management expertise with the globally accepted standard of achievement in this area. This management-focused certification promotes international security practices and recognizes the individual who manages, designs, oversees, and assesses an organization’s information security. Gain the critical know-how to include cybersecurity in your audit plan, reduce cyber-related risk and put mitigating controls in place. This audit-focused certification demonstrates: Security professionals with a developed understanding of audit processes; or IT risk professionals with an understanding of cyber-related risk and mitigation controls. 18 Move from Technologist to Management
- 19. 19 A good starting point Visit: cybersecurity.isaca.org/csx-career-tool
- 20. Thank you! For more information, visit www.isaca.org/csxinfo Try our Career Roadmap tool: www.cybersecurity.isaca.org/csx-career-tool Nicholas Spinks Managing Director Nicholas.Spinks@Protiviti.com 200 East Broward Blvd. Suite 1600 Ft. Lauderdale, FL 33301
- 21. APPENDIX
- 22. 22
- 23. When submitting your CSX Cybersecurity Practitioner Application, you will need to affirm either: Your status as a professional certified as a holder of CISA, CRISC, CISM, CGEIT, ECSA, CEH, LPT, GCIH, OSCP, GPEN, CySA+, CISSP, or CSX Cybersecurity Fundamentals OR Your 3 years’ experience* in 3 or more of the 5 CSX Cybersecurity Practitioner domains which align with the NIST framework— IDENTIFY, PROTECT, DETECT, RESPOND and RECOVER * 3 years’ work experience must be within the last 5 years 23 WHAT ARE THE PREREQUSITES FOR ACCELLERATED CSX-P?
Editor's Notes
- Today we’d like to talk about ISACA—an organization that is a recognized world leader in professional training and certification. They have been providing CPE support for over 50 years, to help keep professionals current. Many of you have no doubt earned your CISSA certification with ISACA and continue to rely on them for CPEs. Cybersecurity, as you can all imagine, is becoming an increasingly-important field. Things change rapidly, so those in the industry need to not only get the skills, but have a reliable way to be ready to reduce risk for their organizations as new threats emerge.
- First, I’d like to briefly touch on training, which can really develop the skillset your employer or potential employers are looking for…
- In a 2019 survey of employers, the findings clearly indicated that: The skills gap continues to widen. Open positions are not being filled promptly—it can take up to 6 months to find qualified candidates and the majority of those applying for positions don’t have experience or qualifications to do the job. That’s why certification is becoming more and more important. Job candidates need to LEARN the knowledge, and then CERTIFICATION can demonstrate that knowledge to a potential employer or when seeking a promotion in the industry.
- TRAINING for cybersecurity needs to be nimble. And it can’t rely on traditional teaching/methods with a lecture/discussion and a simple Q&A-style exam. Travel to take courses as the security landscape changes and new threats evolve becomes costly and disruptive to day-to-day operations.
- To help develop cybersecurity skills, ISACA aligned with the National Institute of Standards and Technology’s Cybersecurity Framework. By focusing on the key areas— Protect Detect Respond Identify (and) Recover The training programs help build the RIGHT skills.
- I’d like to talk about How the CSX Nexus addresses the gaps head-on. It’s the first and only on-demand cyber security training solution of its kind. It provides the real-world, hands-on experience your team needs to bridge the cyber security skills gap and protect your organization against advanced cyberthreats. Let’s take a closer look at some specific features and benefits.
- The interactive labs really set these courses apart. You will go through complex cybersecurity scenarios based on recent, real-world scenarios and are given live incidents to detect and mitigate. 55% of employers surveyed indicated that hands-on experience is the most important qualification for a cybersecurity candidate
- Yesterday’s cyber security training won’t stop tomorrow’s threats—with the CSX platform, you can stay sharp at all times.
- Now that we have that understanding of how the hands-on training approach really helps develop the right skillsets, I will cover the certificates available that help document the acumen, and set you apart.
- Whether you’re just out of college, or been working in an IT field and looking for a career path into cybersecurity, the CSX Fundamentals course will help you build the strong foundation of principles, techniques and terminology. Once you complete the 8-hour course, you can take the certificate exam to get that entry-level credential that will set you apart from other job-seekers.
- If you’ve been in the field and gotten a basic understanding of cyber, and are ready to take it to the next level, ISACA offers CSX Technical Foundations. This is where training gets more technical and more hands-on, to position you for career advancement… The Packet Analysis course is beginner-level, and you’ll learn about packet and protocol analysis in real network environments. You’ll analyze different communication types, their components, and real packet captures—and you’ll create network topologies, device characterizations and more. The Linux course will introduce you to the Linux operating system, from key commands to creating objects, to establishing network connections. You’ll interact with live systems in a real environment as you learn the secrets of the Linux terminal. And finally, the Network course will build your understanding of network connections, protocols and routing—and learn to establish and secure networks from scratch. In a live environment, you’ll direct, moderate and deny traffic as it flows through a network of your own creation.
- Three “Technical Foundations” courses prepare you for certificates that document your new proficiency. There are three separate exams, represented here on the left. Network Application Configuration Certificate Linux Application and Configuration Certificate Packet Analysis Certificate Once each of those has been successfully completed, the overarching CSX Technical Foundations Certificate is awarded, acknowledging expertise in all three courses.
- Penetration testing (or “PEN” testing) is a more advanced skillset. ISACA has an overview course that will help you learn You'll work with real systems in real environments to understand methodology, essential hacking tools, key Linux commands and the overall concepts guiding penetration testing from a practical, hands-on vantage point.
- For those with 1-5 years of experience, there is a 40-hour course that incorporates even more challenging labs to build deep technical skills required to perform well in key cybersecurity positions. The Practitioner certificate, or CSX-P is the exam that you would take after completing this course. For a limited time, there is an Accelerated CSX-P option that allows you to complete 10 practice labs, complete a one-hour online challenge assessment and submit the certificate application. There are some pre-requisites to be eligible for this program.
- There are a couple of paths to move into a management role. The CISM is a management-focused certificate Cybersecurity Audit certificate is more audit-focused
- If you’d like to get started on a path to a career in cybersecurity, or take your skill set up a notch, visit cybersecurity.isaca.org/csx-career-tool for a really cool assessment tool.
- Thank you for your time today. I’d be happy to answer questions, if you have them, now. If you’d like more information, or would like to get started with some of the courses and certification exams that we’ve talked about today, you can visit the websites on the screen. If you have a QR code reader on your phone, you can just scan the code on the screen and bookmark the page. NOTE: if the QR code isn’t scanning for people, page down into the Appendix for a larger version that will probably scan better