Fundamentals of Cyber Security by Design

This two-day course provides a fundamental level of learning in ‘Cyber Security by Design’ and how it is essential, not only in the software development life cycle but of high importance to meet the business aims and objectives of any organisation. 

The course covers a wide range of cyber security topics, that need active involvement of governance frameworks and policies to establish a good security posture for an organisation.

What Will You Learn?

• Introduction of a cyber security strategy and information management system and impact of compliance requirements on it
• Basics of security operations, including human element, security controls, incident management and business continuity
• Understanding the basics of cyber risk and exploring the stages involved in the cyber risk management process and considerations related to third-party management

Modules:

• Module 1. Cyber Security Strategy and Design
• 1 Building Cyber Strategy
•  1.2: Security Policies
• Cyber Security Policies
• 1.3: National Cyber Strategy – UK Gov
• 1.4: UK Cyber Resilience Policy – UK Gov
• 1.5: Security Design Principles
• Defence in Depth
• Zero Trust
• 1.6: Cyber Security Frameworks
• NIST Cyber Security Framework
• ISO 27001
• 1.7: Security Control Framework
• Intro to Security Controls
• NIST SP 800-53
• 2 Cyber Legislation and Regulations
• 2.1: Intro to NCSC
• 2.2: Intro and significance of DPA/GDPR
• 2.3: Intro and significance of PCI-DSS
• 3 Information Security Management System (ISMS)
• 3.1: Components of ISMS
• 3.2: Security Control Types (ISO 27002)
• Organisational
• People
• Physical
• Technological
• 3.3: Security Audit and Compliance
• Cyber Essentials
• What is the Cyber Essentials?
• Why is it important?
• Security Audit Frameworks, Standards and Process
• 3.4: Human Factors
• Cyber Security Culture
• Making Security Useable (Fitting task to the human)
• Security Awareness and Training Programme
• Module 2. Security Controls