Session Highlights:
This seminar will focus on the risk, security and control issues related to cyber security and emerging technologies.
Key Learning Objectives:
-
Understand cyber security risk and control issues
-
Understand emerging risk areas
-
Discussion of security and audit tools and techniques
-
Understand current assessment frameworks and tools
Specific Topic Areas Include:
Understanding Cyber Security
-
Overview of Threat Landscape / Organization use of emerging technologies
-
Advanced Persistent Threats (APT)
-
Kill Chain Analysis / Attack Frameworks
-
Client Endpoint / Mobile Device Security Risks
-
Malware / Ransomware
-
Command and Control; Remote Access Trojans; Keystroke Loggers
-
Distributed Denial of Service Attacks (DDoS)
-
USB / Removable Media
-
Internet of Things (IoT)
-
Social Engineering
-
Web / Mobile Application Threats
-
Social Media Risks
-
Supply Chain Risks
Risk & Control Areas
-
NIST Cyber Security Framework
-
Mapping of NIST Framework Control Categories and Sub-Categories to Critical Security Controls, ISO/IEC 2700-2013
-
Cyber Security Governance
-
Risk Management
-
Key Cyber Security Controls:
-
Network Perimeter Security / Next Generation Firewalls
-
Network Access Control
-
Network Isolation & Segmentation
-
Security Configuration
-
Patch Management
-
Privilege Management
-
Vulnerability Management
-
Endpoint Protection
-
Malware management and Application Whitelisting
-
Threat Intelligence
-
SIEM
-
Data Loss Prevention
-
Incident Management
-
Security Awareness
-
Penetration Testing and Red Team Exercises
Cybersecurity Assessment Tools & Techniques
Speaker Profile:
JOHN G. TANNAHILL, CA, CISM, CGEIT, CRISC, CSXP
John is an independent Information Security and Audit Services Consultant. His current consulting work areas are focused on information security in large information systems environments and networks, requiring detailed knowledge of the major operating systems encountered. Particular areas of technical security expertise include:
John is a frequent speaker in Canada, the United States, Europe, Africa and Asia on the subject of Information Security. He is a member of the Institute of Chartered Accountants of Scotland.
Please Note: There is a cancellation policy in effect