Tactical Information Control
Overview
Without the ability to defend its digital assets, the potential loss for an organisation grows by the hour. Information and Network Security evolves rapidly, and finding the right balance of security and service is crucial to maintain competitiveness in today’s business environment.
Developed in line with Australian and International standards including ACSI 33 and ISO 17799, the SIFT Information Security: Tactical Information Control (ISTIC) course will address business, technology, and regulatory aspects of information security.
The ISTIC course will provide an understanding of current security issues confronting Australian business & IT executives and project managers. The course examines leading edge technologies including wireless networks, antivirus technologies & biometrics, and will provide industry-leading tactics for addressing widespread procedural and technical problems in information security, with a focus on issues affecting Australian organisations on a daily basis.
Prerequisites
The prerequisites for this course are business knowledge and an interest to learn about effective security controls for Australian organisations.
Duration
Information Security: Tactical Information Control is a 3 day course, running each day from 9.00am until 5.00pm. Contact us for information on scheduled dates.
Audience
The ISTIC course provides coverage of security issues from an Australian legal, regulatory and governance perspective for both the public and private sectors. The course is intended for anyone involved in security decision-making, management or analysis, including CIOs, Chief Security Officers, IT Managers & Project Managers, Security Managers & Analysts, Internal IT Auditors and Business Unit Managers.
What will you take away?
In order to fully appreciate the challenges, current issues, and
implementation life cycle surrounding an enterprise-wide security
solution, it is necessary to have a solid knowledge with which to
balance information security risk, cost and service. This knowledge is developed through the ISTIC course, with coverage of the people, process, and technology aspects of information security.
Participants in this course will take away:
- An understanding of the risks, threats and potential consequences of not effectively managing information security;
- A thorough understanding of the "Defence in Depth" model, the layers at which security can exist, and approaches to balance risk, cost and service within an organisation;
- An understanding of the legal & regulatory issues inherent in information security – and unique to Australia – and the governance & reporting processes used to ensure compliance;
- A strategic, tactical, and operational understanding of planning, implementing, and operating an enterprise-wide security solution.
Course Topics
Day 1 – Risk
Day 1 – Risk starts with foundations of security, providing a broad
overview of information security highlighting the current risks,
threats and vulnerabilities faced by Australian organisations. From
this base, an overview of current attack methods, along with a thorough coverage of risk and value analysis, as well as existing legal and regulatory standards, will be provided. Day 1 will also provide coverage of networking fundamentals to provide a base reference for technical aspects of days 2 and 3.
Day 2 – Protect
Day 2 – Protect looks at the practical issues involved in protecting
against the threats, and mitigating the vulnerabilities covered on day
1. With coverage of the people, technology, and process streams of information security, tools and techniques will be presented and
discussed to provide participants with a strong knowledge of the
security requirements of a modern Australian organisation. An analysis of information security governance practices will ensure a robust ‘return on security investment’ process is followed.
Day 3 – Detect & React
Day 3 – Detect & React examines the practical issues involved in
detecting security incidents and how to respond effectively. We will examine the policy, procedural and legal issues surrounding the
recovery of electronic evidence, and techniques for testing & auditing system security. Finally, we will look at business continuity planning and disaster recovery, and briefly review Australian computer crime law.
Courses
Information Security: Tactical Information Control
All Major Capital Cities, Contact us for dates
|
SIFT is an "Australian Government Endorsed Supplier" of information security and information risk management services. 
