Customer onsite workshop can also be conducted for customers in Lahore, and Islamabad PURPOSE:
In the era of digital transformation, the importance for having substantial knowledge on cybersecurity is becoming essential skills to acquire for every technology professional today. The reason behind is the protection of information which is considered as one of the critical function for all enterprises. Cybersecurity is a growing and rapidly changing field and it is vital that the principal concepts that frame and define this increasingly pervasive field are clearly understood by technology professionals who are involved and concerned with the security implications of information Technologies. This workshop is designed for this purpose, as well as to provide the insight into the importance of cybersecurity, and the integral role of cybersecurity professionals.

The training course flow will be a mix of lectures & classroom discussions so that participants can have a detailed understanding of various components of cybersecurity technologies.

What is cybersecurity all about?
A successful cybersecurity approach has multiple layers of protection spread across the computers, networks, programs, or data that one intends to keep safe. In an organization, the people, processes, and technology must all complement one another to create an effective defense from cyber attacks.

Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks. The cyber attacks are usually aimed at accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal business processes. Implementing effective cybersecurity measures is particularly challenging today because there are more devices than people, and attackers are becoming more innovative.

After completing this workshop, you will be able to:

• Understand basic cybersecurity concepts and definitions.
• Define Network security architecture concepts.
• Recognize malware analysis concepts and methodology.
• Explain network systems management principles, models, methods and tools.
• Distinguish system and application security threads and vulnerabilities.
• Classify types of incidents (categories, responses and timelines of response).
• Outline disaster recovery and business recovery and business continuity planning.
• Comprehend incident response and handling methodologies.
• Understand security event correction tools and how different file types can be used for analytical behavior.
• Be aware of the basic concepts, practices, tools, tactics, techniques and procedure for processing digital forensic data.

AUDIENCE:
This workshop is intended for resources who/from:

• Different LOB's including business, application, audit, risk, compliance, information security, IT operations, project management, and legal professionals with a familiarity of basic IT/IS concepts who want to;
• Want to learn new basic trends in cybersecurity.
• New to cybersecurity.
• Interested in entering the field of Cybersecurity.
• Students and fresh graduates.
• Managers and Senior IT and Business Leaders who want to refresh thier present knowledge.

Workshop Summary
In a nut shell, this workshop shall increase their focus on cybersecurity to protect sensitive data and systems. No organization, regardless of size or industry, is immune to cyberattacks, and just one breach could cause significant financial, reputational or regulatory consequences. However, an effective control environment can reduce the likelihood of a breach, enhance incident detection and response, and accelerate recovery efforts to limit damage.

Moreover, two criteria can help determine the effectiveness of a data security methodology. First, the cost of implementing the system should be a small fraction of the value of the protected data. Second, it should cost a potential hacker more, in terms of money and/or time, to compromise the system than the protected data is worth.

PREREQUISITES:
Participants attending this workshop should be familiar with basic Information Technology (IT) and Security concepts, business challenges and the role of general system wide infrastructure technologies and their applications. 

COURSE OUTLINE 

Unit 1 – Introduction to Cybersecurity  Exponential Data Growth –Some key facts and figures. The Evolution of Data increases storage security threats. A world without cybersecurity. Most Frequently Targeted Industries in 2018. Top Security Concerns for the Executive Management. Security Vs. Safety in a view. How to avoid Social Engineering & Malicious Software. Hacker tricks to avoid – Recommendations. What is Cybersecurity? and Cyberspace defined. Differences between Information Security and Cybersecurity. Multiple layers of protection offered by Cybersecurity. Why is Cybersecurity important? Why you need to make cybersecurity a priority. Types of cybersecurity threats and Malware Detection. Why is Cyber Resilience needed. Top 11 ways poor Cybersecurity can harm you. Cyber Security Awareness –The 6 Layers. Blueprint for Cybersecurity Success. What are the objectives of Cyber Security? Suggestions for building stronger Cybersecurity defense. Adoption of Cybersecurity best practices. Unit 2 – Information Security Lifecycle Management Why Data Protection is important? The 8 Principles of Cybersecurity Laws. Life Cycle Management defined. What is Information Security. The Information Security Management Lifecycle. IT Security Lifecycle Model. Keep your Security policy simple. Information Security and Dependability. Generalized Security Framework. Traditional Approach to Security. Enterprise Security in a View. Security Architecture. Consequences for not following security management lifecycle. Risks that turn your IT landscape into a hacker’s gold mine. Unit 3 – Managing Risks, Threats and Vulnerabilities Understand Fault Tolerance and Fault Resilience. Examining the Cost of Data Breach. To address security threats, leaders must avoid following common myths. Understand Incidents, Breaches, Risk & Vulnerability. Threats, Motives and Methods. Threats and security challenges faced today. Understand Threat management.

Different threat levels and risks. Knowing security threats and their channels. Understanding Security Elements –The larger picture. Risk Management: Know your risks. The role of Risk Management. Defense Planning – Risk Analysis and Assessments. Risk Management Approach, key objectives and benefits. A small backdrop on ISO 27001. 12 main sections of ISO 27002. Issues that needs attention from storage security POV. Hardening of the platform as a part of common practice. Storage Security Management –ISO/IEC 27040 Overview. ISO/IEC 27040:2015 addresses storage risks & vulnerabilities. Qualitative Risk Assessment –Simple and Detailed Risk Assessment. Security risks and solutions in the digital transformation age. Possible vulnerabilities that one cannot ignore. Types of Comprehensive Vulnerability Assessments. Understand nine layers of IT Infrastructure foundation from overall security perspective. Outside Threat Protection –The bigger picture. Cyber incident recovery tools. A Layered Cyber Defense Approach. Top 10 recommendations for closing the security gap. Top 5 Security Challenges for customers opting Cloud services. Unit 4 –Incident Response Understanding Incident Response. The Role of Computer Security Incident Response Team –CSIRT. The importance of Incident Response Plan. Seven key phases of an Incident Response Plan. Computer Forensics (Cyber Forensics). Cyber Incident Management Framework. Incident Management and Categorization. The role of Service Desk in Incident Management. Challenges associated with Incident Categorization. Why Incident Categorization cause so much difficulty? Incident categories and subcategories. Categorizing incidents. Incident Response Planning. Severity of Incident. Timeline from Security incident to Business Continuity. Critical Incident Recovery Plan. Cyber Attack Quick Response. Zero-day and your Security Strategy. Mitigating the effects of a Zero-day attack.