Corsi SECO Institute Information Security Foundation
Corsi di certificazione Information Security Foundation offerti da iLEARN
SECO INSTITUTE INFORMATION SECURITY FOUNDATION
Information security demands something from all of us, regardless of job title. We can’t (only) depend on our cyber defenders and security products to keep us out of harm’s way. The information security chain is as strong at its weakest link. The vast amount of our employees, line managers and directors don’t have security top of mind by default and nor can we expect that from them without proper awareness and education.
SECO INSTITUTE INFORMATION SECURITY FOUNDATION CERTIFICATION
In a world where information is key to any successful business, demonstrable information security awareness and knowledge can considerably improve your career prospects.
If you have a general IT background and you would like to transition to information security management, S-ISF is a sure way to set yourself on the path. The certification validates your ability to approach information security from an executive management point of view, and provides you with a sufficient basis for following more advanced security management trainings. Depending on your interests and background, S-ISF may be your first step towards a career as an information security manager, a cybersecurity consultant, or an information risk manager.
If you work with information in any other field, ISF is an excellent means to give yourself a competitive advantage over your fellow professionals and improve your career prospects. With cyberattacks and data breaches becoming more frequent, employers attach greater importance to their employees’ information security awareness. An ISF certificate demonstrates to potential employers that you have a responsible attitude to information security.
SECO INSTITUTE INFORMATION SECURITY FOUNDATION COURSE
This course has been designed to introduce you into the world of information security. You will learn its basic concepts and building blocks and how they relate to one another. You’ll familiarize yourself with ISO 27001, the most widely used information security standard. You’ll understand what focus areas need to be addressed to ensure appropriate protection against threats, and gain insight into commonly accepted information security controls.
Here below you can read the course sheet with information about SECO Institute's Information Security Foundation course.
Obiettivi
By passing the ISF certification exam and earning a SECO-Information Security Foundation (S-ISF) certificate, you demonstrate your ability to
- Adopt a holistic approach to information security;
- Understand fundamental security and risk management concepts;
- Understand quality improvement cycles and their importance for management systems;
- Understand and apply the main objectives of information security (confidentiality, integrity and availability or ‘the CIA triad’);
- Understand the importance and scope of influence of information security;
- Understand the importance of effective information security governance;
- Understand information security roles and responsibilities;
- Describe common information security threats and identify effective preventive, detective, repressive and corrective countermeasures;
- Describe best-practice physical, technical and organisational security measures;
- Grasp the basics of information security incident management;
- Understand the relationship between information security and business continuity management;
- Understand legal and regulatory requirements relevant to information security.
A chi è rivolto
S-ISF is intended for all those who have a general interest in protecting systems and networks against information security threats and raising security awareness across their organisation. The course and the certificate are ideal for you, if:
- You are a system or network administrator, programmer or security analyst with ambitions to start a career in information security or cybersecurity management;
- You would like to enhance your value to employers by demonstrating a high degree of security awareness;
- You are a start-up founder or an SME owner, and you wish to remain competitive in a digital ecosystem.
Contenuti
Module 1: Code of Information Security ISO / IEC 27001/27002
- What is a standard and what is the difference between a standard and a framework?
- ISO / IEC 27001 and ISO / IEC 27002: 2013 in a nutshell
- Continuous improvement Plan – Do – Check – Act
- Implementation of the ISO / IEC 27001 and ISO / IEC 27002
- Management objectives and control measures
Module 2: Information and security
- Information and security: The concept, value, importance and dependence of information
- The cornerstones of information security: availability, integrity and confidentiality
- The influence of information security on operational processes, information architecture and information management
- Different types of information and information systems
Module 3: Threats and Risks
- The concept of threat and risk and its relationship to the reliability of information
- Different types of risk analysis and risk assessment
- Different types of threats and ways to deal with threats
- Various types of damage
- Different ways to deal with risks
- Information security measures
- Preventing risks and performing security procedures
Module 4: Approach and organization
- Information security policy, organization of information security and the management of security incidents
- What is a code of conduct?
- Tasks and responsibilities in an organization
Module 5: Measures
- The importance of physical, technical and organizational measures
- Different types and categories of security procedures
- The importance of access control
- Identification, authentication and authorization
- Business continuity management (BCM) aspects
Module 6: Laws and regulations
- The most important laws and regulations in relation to information security
- The importance of compliance
- Different types of compliance
Practice Exam
The last day of training students will take a test exam, followed up with an evaluation and discussion.
Prerequisiti
This is an entry-level course. No previous knowledge or experience is required.
Durata
- Virtual course duration: 2 days