Information Security
Foundations of Information Security
27 Feb (Sydney), 2 Mar (New Zealand), 3 Apr (Sydney), 17 Apr (Melbourne)
Overview
Without the ability to defend its digital assets, the potential loss for an organisation grows by the hour. Information Security evolves rapidly, and finding the right balance of security and service is crucial to maintain competitiveness in today�s business environment.
Developed in line with Australian and International standards including ACSI 33 and ISO 17799, the Foundations of Information Security course will address business, technology, and regulatory aspects of information security.
The course will provide an understanding of current security issues confronting Australian business & IT executives and project managers, with a pragmatic approach to prioritizing response and ensuring an optimal Return on Security Investment (ROSI).
Prerequisites
The prerequisites for this course are business knowledge and an interest to learn about effective security controls for Australian organisations.
Duration
Foundations of Information Security is a single day course, running from 9.00am until 5.00pm. Contact us for information on scheduled dates.
Audience
The Foundations of Information Security course provides coverage of security issues from an Australian legal, regulatory and governance perspective for both the public and private sectors. The course is intended for anyone involved in security decision-making, management or analysis, including CIOs, Chief Security Officers, IT Managers & Project Managers, Security Managers & Analysts, Internal IT Auditors and Business Unit Managers.
What will you take away?
In order to fully appreciate the challenges, current issues, and implementation life cycle surrounding an enterprise-wide security solution, it is necessary to have a solid knowledge with which to balance information security risk, cost and service. This knowledge is developed through the Foundations of Information Security course, with coverage of the people, process, and technology aspects of information security.
Participants in this course will take away:
- An understanding of the risks, threats and potential consequences of not effectively managing information security;
- A thorough understanding of the "Defence in Depth" model, the layers at which security can exist, and approaches to balance risk, cost and service within an organisation;
- An understanding of the legal & regulatory issues inherent in information security � and unique to Australia � and the governance & reporting processes used to ensure compliance;
- A strategic, tactical, and operational understanding of planning, implementing, and operating an enterprise-wide security solution.
Course Topics
Module 1 � Understanding the Problem
Module 1 starts with foundations of security, providing a broad overview of information security highlighting the current risks, threats and vulnerabilities faced by Australian organisations. From this base, an overview of current attack methods, along with coverage of risk and value analysis, as well as existing legal and regulatory standards, will be provided.
Module 2 � Developing a Security Culture
Module 2 examines the people and processes that impact upon an organisations information security profile. Personnel will be discussed to develop an understanding of their potential negative impact on a security strategy, and the associated processes required to support ongoing security resilience. The security culture will be discussed with reference to developing security awareness and support for proactive measures. Particular attention will be paid to proper patching and change control policies which have been proven to drastically reduce the security exposure of an organisation.
Module 3 � Protecting Information
Module 3 looks at the practical issues involved in protecting against the threats, and mitigating some of the vulnerabilities identified in Module 1. Coverage of common security vulnerabilities relating to technology components, and the tools and methods available to better mitigate these risks will provide participants with a strong knowledge of the security requirements of a modern Australian organisation.
Module 4 � Response, Recovery & Policy Review
Module 4 discusses the factors involved in effectively responding to a security breach, and the measures taken to minimise the organisational impact. A systematic review of information security policy is discussed and how the governance model can be best implemented.
E-mail Craig Searle, to register or obtain additional information of Sydney Training and Michael Baker to register or obtain additional information of Melbourne Training
|
SIFT is an "Australian Government Endorsed Supplier" of information security and information risk management services. 
