This Cybersecurity Self-assessment course is intended for those wishing to self-assess their organization's ability to respond to a range of potential cybersecurity threats following established methodologies. Self-assessment allows you to make informed decisions about your security spend rather than relying only on compliance requirements or vendor statements.
This course covers several best practice cybersecurity self-assessment tools suitable for both small and large organisations. The course covers how these tools can be used to document or establish cybersecurity maturity or ability to achieve compliance (for example for financial organisations). The course also includes adapting these existing frameworks to match the needs of a specific organisation with experienced professional guidance.
This course includes a range of interactive scenarios, case studies, videos and activities using real life examples so learners can obtain hands-on experience with the principles that are taught.
Target audience and course prerequisites
This Cybersecurity Self-assessment, Compliance and Maturity course is aimed at professionals from organisations with existing technical teams.
Previous networking and IT knowledge is helpful, but not required for this course.
It is recommended that you have the following knowledge and experience before starting this course:
- Are aware of the general compliance requirements for your industry
- Have experience with organisation-specific IT infrastructure and practices.
- Have an interest in developing an organisation-wide self-assessment ability that extends beyond only technical staff
This course will teach you the fundamentals of use established frameworks to assess the cybersecurity maturity level(s) of an organisation. It covers distinct methodologies - one from the Open Source Web Security Project, one from the US Government and two from New Zealand Government. It also covers which aspects of these are or are not suitable for particular organisations and how to use these to build evidence of cybersecurity maturity in an organisation.
On course completion, you will be able to:
- Use at least three different methodologies to evaluate the cybersecurity of an organisation
- Understand the strengths and weaknesses of each approach, and make an informed decision as to which approach(es) would suit your organisation
- Understand the core similarities between all assessment approaches
- Critique existing cybersecurity tools or reporting based on their ability to provide information relevant to these self-assessment tools
The course consists of a study volume, containing indexed notes and review questions, a series of supervised practical lab exercises and a comprehensive glossary.
Module 1 / General Cybersecurity Assessments
Asset Management • Vulnerability Management • Risk Management • Training • Governance Processes • Incident Management
Reporting on Access Control and Identity Management • Automating data gathering
Module 2 / Self-Assessment Tools
OWASP SAMM • CRR • FMA Security Audit • NZCERT Critical Controls and the NZISM • ASD Essential Eight • Developing 'Maturity'
Comparing results to compliance standards (such as ISO27001)
Please note that this session may be video or audio recorded for viewing by other members at a later date. As it is possible that audience members may be incidentally recorded, please let us know if you specifically want to be excluded and we will ensure you are not shown.
|All ITP Financial Members||$300.00 + GST / $345.00 incl GST|
|Staff of Corporate Partners (20% Discount)||$344.35 + GST / $396.00 incl GST|
|Non-Members||$430.43 + GST / $495.00 incl GST|