Cyber Security_sabah-2
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
OVERVIEW : CYBER SECURITY SEMINAR<br />
<strong>Cyber</strong> security skills are essential to any organisation committed to addressing the increasing risk of cyber-attack.<br />
The <strong>Cyber</strong> <strong>Security</strong> Seminar is designed to ensure all stakeholders in developing high tech solutions understand<br />
the complexity and the need for action in the cybersecurity arena. It is hoped that Senior Excutives and C-Level<br />
and Senior Executives from government agencies, enterprises, military and police personals in need of innovative<br />
solutions to protect their company or department’s critical infrastructure with cutting-edge technologies. The<br />
seminar will provide a forum to learn more about the latest cyber threat landscape and evaluate the industry’s<br />
most cutting edge solutions available.<br />
The IoT, connected cars, new payment systems, VR and AR, wearables and our mobile devices all add new levels<br />
of concern to protecting our personal and corporate data. Mr Richard Bingley, the with his wide experiences in<br />
the cyber security arena will share with the participants on the best mode to tackle the world of cybersecurity that<br />
demands we go far beyond the simple passwords and anti-virus protection of yesterday.<br />
SEMINAR OBJECTIVES:<br />
<strong>Cyber</strong> <strong>Security</strong> skills are essential to any organisations committed to addressing the increasing risk from<br />
cyber-attack. Participants will have a better understanding of the complexity of <strong>Cyber</strong> <strong>Security</strong> and its<br />
developments in the following areas:<br />
• <strong>Cyber</strong> <strong>Security</strong> : Expecting the Unexpected<br />
• Network Architecture,Communications and protocols<br />
• Mobile Data Risk and Lone Travellers<br />
• Investigation and Incident Response<br />
• Future-proofing your Business<br />
• Build Your Own Business <strong>Cyber</strong> <strong>Security</strong> Toolkit.
DAY 1 PROGRAMME<br />
Module 1: 2Hours<br />
CYBER SECURITY: EXPECTING THE UNEXPECTED<br />
• What is <strong>Cyber</strong> Resilience? <strong>Cyber</strong> security and current attack trends and terminology<br />
• <strong>Security</strong> & Risk Management<br />
• Asset <strong>Security</strong><br />
Objectives<br />
• Research and describe major cyber events and methods of attack that have severely impacted businesses<br />
• Write an accurate, mainly descriptive report for a client, in relation to a cyber security breach, in a designated region<br />
of the world, using the correct terminology<br />
Learning Outcome<br />
• Command a basic knowledge and understanding of key business cyber security threats and risks<br />
• Understand the challenges posed by the methods of manmade cyber security threats, and how these challenges<br />
must translate into necessary work-based, and business-community-based, counter-measures<br />
Module 2: 2Hours<br />
NETWORK ARCHITECTURE, COMMUNICATIONS AND PROTOCOLS<br />
• Communication and Network <strong>Security</strong><br />
• Identity and Access Management<br />
• Network Devices, Local Area Networks (LAN) and Wide Area Networks (WAN)<br />
• Frameworks for understanding cyber-attack and defence strategies<br />
Objectives<br />
• Describe various defensive and offensive cyber security strategies and frameworks<br />
• Research and describe the dilemmas found in organising and safeguarding access controls, whilst retaining an open<br />
and functional business environment<br />
Group Exercise - RISK ASSESSMENT: – Design and explain a risk assessment matrix for cyber security in your chosen<br />
business organisation)<br />
Learning Outcome<br />
• Understand and communicate the threats and risks posed to LANs and WANs<br />
• Be able to calculate, describe and prioritise risk treatments in the domain of cyber security for networks and Proxy<br />
servers<br />
Module 3: 3Hours<br />
MOBILE DATA RISKS AND LONE TRAVELLERS<br />
• Protecting Mobile Data: Network <strong>Security</strong> on devices: Android (OS), WiFi networks and security management<br />
• <strong>Security</strong> Assessment and testing -<strong>Security</strong> Assessment and testing (CISSP Domain 6)<br />
• <strong>Security</strong> Operations (CISSP Domain 7)<br />
• Mobile Data: risk assessment, research and Open Source Intelligence (OSINT) and mitigation<br />
Objectives<br />
• Develop and demonstrate a familiarisation with Open Source Intelligence (OSINT)<br />
• Understand and explain how ‘OSINT’ can be created, collated, refined and used<br />
• Research and describe various legal frameworks to ensure ethical and compliant risk management research<br />
Group Exercise - REPORT on mobile worker data risks for a Board of Directors including the recommendation of three<br />
credible CoA – 750 words)<br />
Learning Outcome<br />
• Be able to calculate and prioritise risk treatments in mobile data domains including VPN, WiFi and Android technologies<br />
• Identify and Research risks posed to lone workers, business travellers and groups<br />
• Be able to explain and effectively communicate such risks within a business environment by way of formal report writing<br />
and the creation of credible recommendations/ Courses of Action (CoA)
Module 4: 3Hours<br />
INVESTIGATIONS AND INCIDENT RESPONSE<br />
• Legal and Ethical Principles and <strong>Cyber</strong> Investigations<br />
• Forensic Science and Digital Forensics<br />
Objectives<br />
• 1.1 Develop knowledge of key cyber security lapses and breaches in multinational environments, and understand how<br />
these relate to counter-terrorism<br />
• 1.2 Research and describe useful risk assessment processes for IT Systems and vulnerable <strong>Cyber</strong> <strong>Security</strong> domains<br />
• 1.3 Understand how to prioritise cyber risks and explain the methodical treatment for such risks for an Executive Board<br />
(of non-technical specialists)<br />
• 1.4 Research, describe and explain the costings and ‘business case’ for investing in cyber security<br />
(Group exercise - Produce an INCIDENT MANAGEMENT PLAN for a business enterprise – 750 words)<br />
Learning Outcome<br />
• Demonstrate a basic knowledge and understanding of laws, international standards and useful guidance for the<br />
conduct of ethical investigations<br />
• Understand and apply the correct legal, ethical and International Standards to practical cyber security controls,<br />
whilst taking into account the functionality of the business<br />
• Comprehend and describe how firms respond to major incidents related to cyber security attacks/breaches<br />
Module 5: 2Hours<br />
• Software Development <strong>Security</strong> (CISSP Domain 8)<br />
• Incident Response and Crisis Management<br />
FUTURE-PROOFING YOUR BUSINESS<br />
• Internet of Things, Hybrid and Emerging Technologies<br />
• Preparing for ISO 27001 and preparing for CISSP<br />
• Insuring against cyber and/or data loss<br />
Objectives<br />
• Develop knowledge of key emerging cyber technologies and potential impacts on modern business environments<br />
• Understand how to prioritise risks relating to cyber security processes and explain such risks to staff and senior business<br />
leaders in order to achieve ‘buy in’<br />
• Research, describe and explain the costings and ‘business case’ for investing in a lawful internal system of staff security<br />
Learning Outcome<br />
• Describe and explain the future cyber threat environment for companies in the short to medium term<br />
• Understand how Standards from Industry and International organisations, can support cyber security and business resilience<br />
Module 6: 2Hours<br />
DAY 2 PROGRAMME<br />
BUILD YOUR OWN BUSINESS CYBER SECURITY TOOLKIT<br />
Objectives<br />
• Bring together the knowledge in order to construct and apply a cyber defence plan (‘cyber security business toolkit’)<br />
for a business/organisation<br />
Learning Outcome<br />
• Build a cyber defence plan (‘cyber security business toolkit’) for a business/organisation<br />
Note: The program is delivered across 3 days. Depending on the type of the program (residential / non-residential), the participants are expected to put in additional effort to do the case study and to prepare the<br />
presentation While one desktop / laptop for each participant is ideal, if there is a lack of infrastructure, participants may be grouped in two or three persons per group.<br />
Trainer’s Biography<br />
Richard Bingley serves as Chairman of UK <strong>Security</strong> Partners Ltd., and has worked at Buckinghamshire New<br />
University since 2012 as a Senior Lecturer in <strong>Security</strong> as well as Director of the Business School. Richard<br />
served as Press Liaison officer, in the UK Labour Party Government during Prime Minister Tony Blair’s<br />
second and third administration (2003-06). He is the author of three security books, including Terrorism:<br />
Just the Facts (Heinemann, 2004) and the <strong>Security</strong> Consultant’s Handbook (IT Governance Press, 2015).<br />
More recently, he has worked as a UK Home Office <strong>Security</strong> Industry Authority (SIA) licenced Close<br />
Protection security officer for US and UK-based Olympics organisers and sponsor companies, including<br />
the London 2012 Olympics and Russia’s 2014 Winter Olympics.<br />
Richard has lectured regularly at UK security agencies including the National Counter-Terrorism <strong>Security</strong><br />
Office (NACTSO), the UK Defence Academy and theUK Foreign Office. He was Secretary to the Police<br />
Business Advisory Group, the preeminent Metropolitan Police and City of London business policing<br />
body during 2007 to 2009. He served as Chief Executive Officer of City <strong>Security</strong> and Resilience Networks<br />
(CSARN) from 2009 to 2012 and Executive Director of London First (2007-09). In this post he led on the<br />
development of a counter-terrorism focussed Business Policing Model in central London, in partnership<br />
with the Commissioner of the City of London Police and Cardiff University.
Approved Training Provider<br />
NO: 989498 T<br />
REGISTRATION FORM<br />
<strong>Cyber</strong> <strong>Security</strong> Management & Operations<br />
3 & 4 July 2017<br />
Venue<br />
Le Meridian Hotel<br />
Kota Kinabalu<br />
Please register the following people from my organization<br />
1. Name: Dept:<br />
NRIC:<br />
HP No:<br />
2. Name: Dept:<br />
NRIC:<br />
HP No:<br />
3. Name: Dept:<br />
NRIC:<br />
HP No:<br />
Contact Person<br />
Name:<br />
Position:<br />
Dept:<br />
Organisation:<br />
Address:<br />
Tel:<br />
Email:<br />
Fax:<br />
Website:<br />
HRDF CONTRIBUTOR: YES NO<br />
If YES (Please provide contact details of Officer In-Charge<br />
for HRDF claimable).<br />
Name:<br />
Position:<br />
Tel:<br />
Fax:<br />
Email:<br />
REGISTRATION FEE<br />
• RM 3,000/= nett per person include GST. Payment in<br />
advance.<br />
• Early bird rate is RM2,850.00 who register before or on<br />
15 June 2017.<br />
PAYMENT<br />
All payment should be made payable to<br />
SUNRISE TRAINING CONSULTANCY SDN BHD.<br />
CIMB BANK A/C No 8007940547<br />
Registration made by fax must be followed up immediately by payment<br />
or kindly advise us if you would like us to claim via SBL-KHAS SCHEME<br />
CONFIRMATION<br />
Signature & Company Stamp<br />
You will receive e-mail order confirmation one week prior to the<br />
workshop.<br />
CANCELLATION<br />
Cancellations received less than 10 business days prior to the start of<br />
the seminar is subject to a RM600.00 service charge. You may send a<br />
substitute. Participants who do not attend a scheduled session without<br />
notifying us less than 3 day before the seminar will be charged the entire<br />
seminar fee.<br />
CHANGES<br />
The organisers reserve the right to cancel or change the date of Workshop<br />
due to unforeseen circumstances. Every effort will be made to inform the<br />
registered participants of the change.<br />
Please contact for registration or for further information the following officers:<br />
Ms Prisca Totu 019-8070070 | Mr. S. Chandra 012-2926563