SlideShare uma empresa Scribd logo

How to Build a Winning Cybersecurity Team

Transferir como PPTX, PDF
Global Knowledge Training
Global Knowledge Training

For every organization, effective cybersecurity is reliant on a careful deployment of technology, processes and people. The Global Knowledge cybersecurity perspective features a three-tiered organizational matrix, ranging from foundational to expert skills, coupled with eight functional specializations that encompass the features of a successful cybersecurity organization. Cybersecurity isn’t a one-person job—it’s dependent on several different factors within an organization. This webinar will show you how to build a strong cyber defense by focusing on: • The characteristics of winning cybersecurity teams • The Crown – Organizational map and career progression • The Castle – The eight functional specializations • Architecture and data policy • Data loss prevention • Governance, risk and compliance • Identity and access management • Incident response and forensic analysis • Penetration testing • Secure DevOps • Secure software development • Building a winning cybersecurity organization

Tecnologia
1 de 19
Building a Winning Cybersecurity Team
© Global Knowledge Training LLC. All rights reserved. Page 2 Defenseᵌ: Human Element and 3D Defense PROCESS PEOPLE TECHNOLOGY More than “Defense in depth,” organizations need Defenseᵌ because cyber attacks happen across three dimensions. Cyber attacks are people attacking people, not machines attacking machines, so an educated workforce is critical.
© Global Knowledge Training LLC. All rights reserved. Page 3 Building a Winning Team Acknowledge the people problem Address the human element Understand the specialties
© Global Knowledge Training LLC. All rights reserved. Page 4 Cybersecurity is a people problem, not a technology problem • Every cybersecurity attack ever performed was initiated by a human • Every cybersecurity defense was designed and deployed by humans Cybersecurity is people attacking people • Humans write security policies • Humans design security architecture • Humans configure and deploy security technology • Humans initiate cybersecurity threats The People Problem “If you think technology can solve your security problems, then you don’t understand the problems and you don’t understand the technology” - Bruce Schneier
© Global Knowledge Training LLC. All rights reserved. Page 5 The Human Element Perimeter Perimeter Perimeter Phase 1 • Firewall technology defense • Intruders blocked by perimeter policy • Internal users checked by virus scan • All credentialed users “trusted” Phase 2 • Firewall technology defense • Intruders blocked by perimeter policy • Intruders monitored by IPS/IDS • Internal network scanned for outside threats • Credentialed users “trusted” Phase 3 • Firewall and IPS/IDS technology defense • Intruders blocked by perimeter policy • Internal users checked by virus scan • Credentialed users “trusted” on “need-to-access” policies DiD ZTE “We have met the enemy and they are us” – Walt Kelly
© Global Knowledge Training LLC. All rights reserved. Page 6 Sophisticated operations now have specialists • Mechanics have transmission specialists, electrical specialists, fuel injector specialists, etc. • Doctors have internal specialists, orthopedic specialists, neuro specialists, etc. Modern cybersecurity organizations generally require specialization, as well • Architecture and Policy • Governance, Risk, and Compliance • Data Loss Prevention • Incident Response • Identity and Access Management • Penetration Testing • DevSecOps • Secure Programming The Cybersecurity Specialties
OUR CYBERSECURITY PORTFOLIO – THE “CROWN” AND “CASTLE” SKILLS MATRIX
© Global Knowledge Training LLC. All rights reserved. Page 8 The “Crown” Organizational Map/Career Progression How many employees are at each level in the organization? Has career progression been planned? SKILLS DEVELOPMENT CERTIFICATION PREP ARCHITECTURE Senior Architect, Compliance Auditor MANAGEMENT CISO TECHNICAL SME, Lead Engineer TECHNOLOGY SOLUTIONS NEW TO ROLE MID-CAREER “CASTLE” SPECIALIZATION SENIOR LEADERSHIP IT FOUNDATIONS CYBERSECURITY FOUNDATIONS
© Global Knowledge Training LLC. All rights reserved. Page 9 The “Castle” Functional Specialization ARCHITECTURE and POLICY DATA LOSS PREVENTION GOVERNANCE, RISK, and COMPLIANCE INDENTITY and ACCESS INCIDENT RESPONSE and FORENSIC ANALYSIS PENETRATION TESTING SECURE DEVOPS SECURE SOFTWARE DEVELOPMENT Designs and implements secure architectures, translates standards, business processes, and frameworks into internal policies Deploys and manages security applications such as malware detection on endpoints and servers Measures and quantifies risk, performs internal audits against best practices and standards, develops plans for business continuity and disaster recovery Manages identification, authorization, and permissions across all systems Detects and analyzes security events and correctly responds Intentionally attacks systems to expose vulnerabilities and probe weaknesses, Red Team Securely installs, configures, and operates systems and software Develops applications with minimal vulnerabilities, application security testing NIST FRAMEWORK Identify, Protect Protect, Detect Identify, Respond, Recover Protect Detect, Respond, Recover Protect Protect, Defend, Detect Protect
© Global Knowledge Training LLC. All rights reserved. Page 10 ARCHITECTURE and POLICY DATA LOSS PREVENTION GOVERNANCE, RISK, and COMPLIANCE INDENTITY and ACCESS INCIDENT RESPONSE and FORENSIC ANALYSIS PENETRATION TESTING SECURE DEVOPS SECURE SOFTWARE DEVELOPMENT SENIOR LEADERSHIP (Expert) 9719: CSFI: Introduction to Cyber Warfare and Operations Design 1638: CISSP Certification Prep Course 2951: CompTIA Advanced Security Practitioner (CASP) Prep Course 9803: CISSP Certification Prep Course 3796: Certified Information Privacy Technologist (CIPT) Prep Course 8251: Information Security Expert 8001: Privacy and Data Protection Practitioner - SECO 2951: CompTIA Advanced Security Practitioner (CASP) Prep Course 9803: CISSP Certification Prep Course 3796: Certified Information Privacy Technologist (CIPT) Prep Course 8283: Business Continuity Expert 8274: Business Continuity Practitioner 9803: CISSP Certification Prep Course 2951: CompTIA Advanced Security Practitioner (CASP) Prep Course 3401: Computer Hacking Forensic Investigator (CHFI) v9 9803: CISSP Certification Prep Course 8291: Crisis Management Expert 3617: Certified Ethical Hacker 9803: CISSP Certification Prep Course 1642: SSCP Certification Prep Course 9803: CISSP Certification Prep Course 1697: CSSLP Certification Prep Course 9803: CISSP Certification Prep Course MID-CAREER “CASTLE” SPECIALIZATION (Practitioner) 6972: Cybersecurity Specialization: Architecture and Policy 6864: Risk Management Framework (RMF) Implementation 4.0* 7437: PECB ISO 270001 Foundations 1697: CSSLP Certification Prep Course 8000: Information Security Practitioner 3404: CompTIA Security+ Prep Course 4935: Certified Network Defender (CND) 4495: Certified Information Privacy Professional Europe (CIPP/E) Prep Course** 5867: Cybersecurity Analyst+ (CySA+) Prep Course 7999: Data Protection Foundation 4935: Certified Network Defender (CND) 4495: Certified Information Privacy Professional Europe (CIPP/E) Prep Course** 5867: Cybersecurity Analyst+ (CySA+) Prep Course 9871: CISM Prep Course 7437: PECB ISO 270001 Foundations 8015: Business Continuity Foundation - SECO 6974: Cybersecurity Specialization: Governance Risk and Compliance 4935: Certified Network Defender (CND) 5867: Cybersecurity Analyst+ (CySA+) Prep Course 3404: CompTIA Security+ Prep Course 8018: Crisis Management Practitioner 2180: CyberSec First Responder: Threat Detection and Response 5867: Cybersecurity Analyst+ (CySA+) Prep Course 1967: Hacking Methodologies for Security Professionals 4935: Certified Network Defender (CND) 8300: CompTIA PenTest+ Prep Course 3404: CompTIA Security+ Prep Course 3404: CompTIA Security+ Prep Course 4935: Certified Network Defender (CND) 5867: Cybersecurity Analyst+ (CySA+) Prep Course 2046: Introduction to Python Scripting for the Security Analyst 1123: Securing Java Web Applications 8005: Secure Programming Foundation - SECO NEW TO ROLE (Foundation) CYBERSECURITY FOUNDATIONS 9701: Cybersecurity Foundations 4277: Introduction to Cybersecurity IT FOUNDATIONS 3150: Understanding Network Fundamentals 9025: TCP/IP Networking 3291: CompTIA Network+ Certification Prep (N10-007) = coming soon!
© Global Knowledge Training LLC. All rights reserved. Page 11 Cybersecurity Specialties Job Roles Define Functional Areas • Architecture and Policy Designs and implements secure architectures and forms policies • Governance, Risk, and Compliance Measures risk, perform auditing, plan for business continuity • Data Loss Prevention Deploys and manage security applications • Incident Response Runs Security Operations Center (SOC), perform threat detection • Identity and Access Management Manages identification, authorization, and permissions • Penetration Testing Intentionally attacks systems to expose vulnerabilities • DevSecOps Manages, installs, configures, and operates systems and software in the data center • Secure Programming Develops and test applications to have minimal vulnerabilities
© Global Knowledge Training LLC. All rights reserved. Page 12 Senior Leadership 9719: CSFI: Introduction to Cyber Warfare and Operations Design 9803: CISSP Certification Prep Course Mid-Career Specialization 2-3 years growth 6864: Risk Management Framework (RMF) Implementation 4.0* 7434: PECB ISO 270001 Foundations 6972: Cybersecurity Specialization: Architecture and Policy – New! 1697: CSSLP Certification Prep Course New to Role Cybersecurity Foundations 1 year growth 9701: Cybersecurity Foundations 4277: Introduction to Cybersecurity IT Foundations 0-3 Years growth 3150: Understanding Network Fundamentals 9025: TCP/IP Networking 3291: CompTIA Network+ Certification Prep (N10-007) Architecture and Policy
© Global Knowledge Training LLC. All rights reserved. Page 13 Senior Leadership 2951: CompTIA Advanced Security Practitioner (CASP) Prep Course 9803: CISSP Certification Prep Course 3796: Certified Information Privacy Technologist (CIPT) Prep Course 8251: Information Security Expert – Coming Soon 8001: Privacy and Data Protection Practitioner - SECO Mid-Career Specialization 2-3 years growth 8000: Information Security Practitioner 3404: CompTIA Security+ Prep Course 4935: Certified Network Defender (CND) 4495: Certified Information Privacy Professional Europe (CIPP/E) Prep Course* 5867: Cybersecurity Analyst+ (CySA+) Prep Course 7999: Data Protection Foundation New to Role Cybersecurity Foundations 1 year growth 9701: Cybersecurity Foundations 4277: Introduction to Cybersecurity IT Foundations 0-3 Years growth 3150: Understanding Network Fundamentals 9025: TCP/IP Networking 3291: CompTIA Network+ Certification Prep (N10-007) Data Loss Prevention
© Global Knowledge Training LLC. All rights reserved. Page 14 Senior Leadership 2951: CompTIAAdvanced Security Practitioner (CASP) Prep Course 9803: CISSP Certification Prep Course 3796: Certified Information Privacy Technologist (CIPT) Prep Course 8283: Business Continuity Expert – Coming Soon 8274: Business Continuity Practitioner – Coming Soon Mid-Career Specialization 2-3 years growth 3404: CompTIA Security+ Prep Course 4935: Certified Network Defender (CND) 4495: Certified Information Privacy Professional Europe (CIPP/E) Prep Course* 5867: Cybersecurity Analyst+ (CySA+) Prep Course 9871: CISM Prep Course 8015: Business Continuity Foundation - SECO 6974: Cybersecurity Specialization: Governance Risk and Compliance – Coming Soon New to Role Cybersecurity Foundations 1 year growth 9701: Cybersecurity Foundations 4277: Introduction to Cybersecurity IT Foundations 0-3 Years growth 3150: Understanding Network Fundamentals 9025: TCP/IP Networking 3291: CompTIA Network+ Certification Prep (N10-007) Governance, Risk, and Compliance (GRC)
© Global Knowledge Training LLC. All rights reserved. Page 15 Senior Leadership 2951: CompTIA Advanced Security Practitioner (CASP) Prep Course 9803: CISSP Certification Prep Course Mid-Career Specialization 2-3 years growth 3404: CompTIA Security+ Prep Course 4935: Certified Network Defender (CND) 5867: Cybersecurity Analyst+ (CySA+) Prep Course New to Role Cybersecurity Foundations 1 year growth 9701: Cybersecurity Foundations 4277: Introduction to Cybersecurity IT Foundations 0-3 Years growth 3150: Understanding Network Fundamentals 9025: TCP/IP Networking 3291: CompTIA Network+ Certification Prep (N10-007) Identity and Access Management
© Global Knowledge Training LLC. All rights reserved. Page 16 Senior Leadership 3401: Computer Hacking Forensic Investigator (CHFI) v9 9803: CISSP Certification Prep Course 8291: Crisis Management Expert – Coming Soon Mid-Career Specialization 2-3 years growth 8018: Crisis Management Practitioner – Coming Soon 3404: CompTIA Security+ Prep Course 2180: CyberSec First Responder: Threat Detection and Response 5867: Cybersecurity Analyst+ (CySA+) Prep Course New to Role Cybersecurity Foundations 1 year growth 9701: Cybersecurity Foundations 4277: Introduction to Cybersecurity IT Foundations 0-3 Years growth 3150: Understanding Network Fundamentals 9025: TCP/IP Networking 3291: CompTIA Network+ Certification Prep (N10-007) Incident Response and Forensic Analysis
© Global Knowledge Training LLC. All rights reserved. Page 17 Senior Leadership 3617: Certified Ethical Hacker 9803: CISSP Certification Prep Course Mid-Career Specialization 2-3 years growth 3404: CompTIA Security+ Prep Course 4935: Certified Network Defender (CND) 1967: Hacking Methodologies for Security Professionals 8300: CompTIA PenTest+ Prep Course – Coming Soon New to Role Cybersecurity Foundations 1 year growth 9701: Cybersecurity Foundations 4277: Introduction to Cybersecurity IT Foundations 0-3 Years growth 3150: Understanding Network Fundamentals 9025: TCP/IP Networking 3291: CompTIA Network+ Certification Prep (N10-007) Penetration Testing
© Global Knowledge Training LLC. All rights reserved. Page 18 Senior Leadership 1642: SSCP Certification Prep Course 9803: CISSP Certification Prep Course Mid-Career Specialization 2-3 years growth 3404: CompTIA Security+ Prep Course 4935: Certified Network Defender (CND) 5867: Cybersecurity Analyst+ (CySA+) Prep Course New to Role Cybersecurity Foundations 1 year growth 9701: Cybersecurity Foundations 4277: Introduction to Cybersecurity IT Foundations 0-3 Years growth 3150: Understanding Network Fundamentals 9025: TCP/IP Networking 3291: CompTIA Network+ Certification Prep (N10-007) 4666: CompTIA A+ Certification Prep Secure DevOps
© Global Knowledge Training LLC. All rights reserved. Page 19 Senior Leadership 1697: CSSLP Certification Prep Course 9803: CISSP Certification Prep Course Mid-Career Specialization 2-3 years growth 2046: Introduction to Python Scripting for the Security Analyst 1123: Securing Java Web Applications 8005: Secure Programming Foundation – Coming Soon New to Role Cybersecurity Foundations 1 year growth 9701: Cybersecurity Foundations 4277: Introduction to Cybersecurity IT Foundations 0-3 Years growth 3150: Understanding Network Fundamentals 9025: TCP/IP Networking 3291: CompTIA Network+ Certification Prep (N10-007) Secure Software Development

Recomendados

Business Continuity A Primer Andrews - September 2015
Business Continuity A Primer Andrews - September 2015Business Continuity A Primer Andrews - September 2015
Business Continuity A Primer Andrews - September 2015Ron Andrews
 
NIST CSF review - Essential Protections (a K12 perspective)
NIST CSF review - Essential Protections (a K12 perspective)NIST CSF review - Essential Protections (a K12 perspective)
NIST CSF review - Essential Protections (a K12 perspective)April Mardock CISSP
 
Risk Assessment Process NIST 800-30
Risk Assessment Process NIST 800-30Risk Assessment Process NIST 800-30
Risk Assessment Process NIST 800-30timmcguinness
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1Priyanka Aash
 
Introduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkIntroduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkPECB
 
SOC: Use cases and are we asking the right questions?
SOC: Use cases and are we asking the right questions?SOC: Use cases and are we asking the right questions?
SOC: Use cases and are we asking the right questions?Jonathan Sinclair
 
Enterprise Security Architecture Design
Enterprise Security Architecture DesignEnterprise Security Architecture Design
Enterprise Security Architecture DesignPriyanka Aash
 
10 Steps to Building an Effective Vulnerability Management Program
10 Steps to Building an Effective Vulnerability Management Program10 Steps to Building an Effective Vulnerability Management Program
10 Steps to Building an Effective Vulnerability Management ProgramBeyondTrust
 

Recomendados

Business Continuity A Primer Andrews - September 2015
Business Continuity A Primer Andrews - September 2015Business Continuity A Primer Andrews - September 2015
Business Continuity A Primer Andrews - September 2015Ron Andrews
 
NIST CSF review - Essential Protections (a K12 perspective)
NIST CSF review - Essential Protections (a K12 perspective)NIST CSF review - Essential Protections (a K12 perspective)
NIST CSF review - Essential Protections (a K12 perspective)April Mardock CISSP
 
Risk Assessment Process NIST 800-30
Risk Assessment Process NIST 800-30Risk Assessment Process NIST 800-30
Risk Assessment Process NIST 800-30timmcguinness
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1Priyanka Aash
 
Introduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkIntroduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkPECB
 
SOC: Use cases and are we asking the right questions?
SOC: Use cases and are we asking the right questions?SOC: Use cases and are we asking the right questions?
SOC: Use cases and are we asking the right questions?Jonathan Sinclair
 
Enterprise Security Architecture Design
Enterprise Security Architecture DesignEnterprise Security Architecture Design
Enterprise Security Architecture DesignPriyanka Aash
 
10 Steps to Building an Effective Vulnerability Management Program
10 Steps to Building an Effective Vulnerability Management Program10 Steps to Building an Effective Vulnerability Management Program
10 Steps to Building an Effective Vulnerability Management ProgramBeyondTrust
 
Cyber Security Maturity Assessment
Cyber Security Maturity Assessment Cyber Security Maturity Assessment
Cyber Security Maturity AssessmentDoreen Loeber
 
Security architecture
Security architectureSecurity architecture
Security architectureDuncan Unwin
 
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdfMicrosoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdfParishSummer
 
Effective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza AdinehEffective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza AdinehReZa AdineH
 
NIST 800-30 Intro to Conducting Risk Assessments - Part 1
NIST 800-30 Intro to Conducting Risk Assessments - Part 1NIST 800-30 Intro to Conducting Risk Assessments - Part 1
NIST 800-30 Intro to Conducting Risk Assessments - Part 1Denise Tawwab
 
Cybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation SlidesCybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation SlidesSlideTeam
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)Ahmad Haghighi
 
Security architecture, engineering and operations
Security architecture, engineering and operationsSecurity architecture, engineering and operations
Security architecture, engineering and operationsPiyush Jain
 
HIPAA Basics by Brian Fleetham
HIPAA Basics by Brian FleethamHIPAA Basics by Brian Fleetham
HIPAA Basics by Brian FleethamAtlantic Training, LLC.
 
Planning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management ProgramPlanning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management ProgramSasha Nunke
 
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architectureCybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecturePriyanka Aash
 
Bulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalBulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalMahmoud Yassin
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)Ahmed Ayman
 
Information Serurity Risk Assessment Basics
Information Serurity Risk Assessment BasicsInformation Serurity Risk Assessment Basics
Information Serurity Risk Assessment BasicsVidyalankar Institute of Technology
 
Control Standards for Information Security
Control Standards for Information SecurityControl Standards for Information Security
Control Standards for Information SecurityJohnHPazEMCPMPITIL5G
 
Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationMcKonly & Asbury, LLP
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to CybersecurityKrutarth Vasavada
 
Strategies for Managing OT Cybersecurity Risk
Strategies for Managing OT Cybersecurity RiskStrategies for Managing OT Cybersecurity Risk
Strategies for Managing OT Cybersecurity RiskMighty Guides, Inc.
 
HITRUST 101: All the basics you need to know
HITRUST 101: All the basics you need to knowHITRUST 101: All the basics you need to know
HITRUST 101: All the basics you need to know➲ Stella Bridges
 
SOC 2 and You
SOC 2 and YouSOC 2 and You
SOC 2 and YouSchellman & Company
 
Starting your Career in Information Security
Starting your Career in Information SecurityStarting your Career in Information Security
Starting your Career in Information SecurityAhmed Sayed-
 
Cyber Security for Non-Technical Executives (SC GMIS) Columbia, SC
Cyber Security for Non-Technical Executives (SC GMIS) Columbia, SCCyber Security for Non-Technical Executives (SC GMIS) Columbia, SC
Cyber Security for Non-Technical Executives (SC GMIS) Columbia, SCAT-NET Services, Inc. - Charleston Division
 

Mais conteúdo relacionado

Mais procurados

Cyber Security Maturity Assessment
Cyber Security Maturity Assessment Cyber Security Maturity Assessment
Cyber Security Maturity AssessmentDoreen Loeber
 
Security architecture
Security architectureSecurity architecture
Security architectureDuncan Unwin
 
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdfMicrosoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdfParishSummer
 
Effective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza AdinehEffective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza AdinehReZa AdineH
 
NIST 800-30 Intro to Conducting Risk Assessments - Part 1
NIST 800-30 Intro to Conducting Risk Assessments - Part 1NIST 800-30 Intro to Conducting Risk Assessments - Part 1
NIST 800-30 Intro to Conducting Risk Assessments - Part 1Denise Tawwab
 
Cybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation SlidesCybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation SlidesSlideTeam
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)Ahmad Haghighi
 
Security architecture, engineering and operations
Security architecture, engineering and operationsSecurity architecture, engineering and operations
Security architecture, engineering and operationsPiyush Jain
 
Planning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management ProgramPlanning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management ProgramSasha Nunke
 
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architectureCybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecturePriyanka Aash
 
Bulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalBulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalMahmoud Yassin
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)Ahmed Ayman
 
Control Standards for Information Security
Control Standards for Information SecurityControl Standards for Information Security
Control Standards for Information SecurityJohnHPazEMCPMPITIL5G
 
Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationMcKonly & Asbury, LLP
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to CybersecurityKrutarth Vasavada
 
Strategies for Managing OT Cybersecurity Risk
Strategies for Managing OT Cybersecurity RiskStrategies for Managing OT Cybersecurity Risk
Strategies for Managing OT Cybersecurity RiskMighty Guides, Inc.
 
HITRUST 101: All the basics you need to know
HITRUST 101: All the basics you need to knowHITRUST 101: All the basics you need to know
HITRUST 101: All the basics you need to know➲ Stella Bridges
 

Mais procurados (20)

Cyber Security Maturity Assessment
Cyber Security Maturity Assessment Cyber Security Maturity Assessment
Cyber Security Maturity Assessment
 
Security architecture
Security architectureSecurity architecture
Security architecture
 
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdfMicrosoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
 
Effective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza AdinehEffective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza Adineh
 
NIST 800-30 Intro to Conducting Risk Assessments - Part 1
NIST 800-30 Intro to Conducting Risk Assessments - Part 1NIST 800-30 Intro to Conducting Risk Assessments - Part 1
NIST 800-30 Intro to Conducting Risk Assessments - Part 1
 
Cybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation SlidesCybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation Slides
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
 
Security architecture, engineering and operations
Security architecture, engineering and operationsSecurity architecture, engineering and operations
Security architecture, engineering and operations
 
HIPAA Basics by Brian Fleetham
HIPAA Basics by Brian FleethamHIPAA Basics by Brian Fleetham
HIPAA Basics by Brian Fleetham
 
Planning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management ProgramPlanning and Deploying an Effective Vulnerability Management Program
Planning and Deploying an Effective Vulnerability Management Program
 
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architectureCybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecture
 
Bulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalBulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat Landscapefinal
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)
 
Information Serurity Risk Assessment Basics
Information Serurity Risk Assessment BasicsInformation Serurity Risk Assessment Basics
Information Serurity Risk Assessment Basics
 
Control Standards for Information Security
Control Standards for Information SecurityControl Standards for Information Security
Control Standards for Information Security
 
Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your Organization
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
 
Strategies for Managing OT Cybersecurity Risk
Strategies for Managing OT Cybersecurity RiskStrategies for Managing OT Cybersecurity Risk
Strategies for Managing OT Cybersecurity Risk
 
HITRUST 101: All the basics you need to know
HITRUST 101: All the basics you need to knowHITRUST 101: All the basics you need to know
HITRUST 101: All the basics you need to know
 
SOC 2 and You
SOC 2 and YouSOC 2 and You
SOC 2 and You
 

Semelhante a How to Build a Winning Cybersecurity Team

Starting your Career in Information Security
Starting your Career in Information SecurityStarting your Career in Information Security
Starting your Career in Information SecurityAhmed Sayed-
 
Cyber_Services_2015_company_intro_ENG_v2p0
Cyber_Services_2015_company_intro_ENG_v2p0Cyber_Services_2015_company_intro_ENG_v2p0
Cyber_Services_2015_company_intro_ENG_v2p0Ferenc Fresz
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032PECB
 
CISSP Certification Training Course
CISSP Certification Training CourseCISSP Certification Training Course
CISSP Certification Training CourseRicky Lionel Vaz
 
What Cybersecurity Certifications Make You The Most Money Today.pptx
What Cybersecurity Certifications Make You The Most Money Today.pptxWhat Cybersecurity Certifications Make You The Most Money Today.pptx
What Cybersecurity Certifications Make You The Most Money Today.pptxinfosec train
 
Crush Cloud Complexity, Simplify Security - Shield X
Crush Cloud Complexity, Simplify Security - Shield XCrush Cloud Complexity, Simplify Security - Shield X
Crush Cloud Complexity, Simplify Security - Shield XPrime Infoserv
 
cissp-course content.pdf & cissp description
cissp-course content.pdf & cissp descriptioncissp-course content.pdf & cissp description
cissp-course content.pdf & cissp descriptionInfosec train
 
CISSP _Course _Description and course overview
CISSP _Course _Description and course overviewCISSP _Course _Description and course overview
CISSP _Course _Description and course overviewpriyanshamadhwal2
 
Certified Information Systems Security Professional
Certified Information Systems Security ProfessionalCertified Information Systems Security Professional
Certified Information Systems Security ProfessionalHelen Njuguna
 
My CV-Jan-2016
My CV-Jan-2016My CV-Jan-2016
My CV-Jan-2016Adel Zayed
 
List of cybersecurity training courses by Tonex
List of cybersecurity training courses by TonexList of cybersecurity training courses by Tonex
List of cybersecurity training courses by TonexWesley Comal
 
How to Create Plan-of-Action to Secure Critical Information
How to Create Plan-of-Action to Secure Critical InformationHow to Create Plan-of-Action to Secure Critical Information
How to Create Plan-of-Action to Secure Critical InformationKoenig Solutions Ltd.
 
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...Emrah Alpa, CISSP CEH CCSK
 

Semelhante a How to Build a Winning Cybersecurity Team (20)

Starting your Career in Information Security
Starting your Career in Information SecurityStarting your Career in Information Security
Starting your Career in Information Security
 
Cyber Security for Non-Technical Executives (SC GMIS) Columbia, SC
Cyber Security for Non-Technical Executives (SC GMIS) Columbia, SCCyber Security for Non-Technical Executives (SC GMIS) Columbia, SC
Cyber Security for Non-Technical Executives (SC GMIS) Columbia, SC
 
Cyber_Services_2015_company_intro_ENG_v2p0
Cyber_Services_2015_company_intro_ENG_v2p0Cyber_Services_2015_company_intro_ENG_v2p0
Cyber_Services_2015_company_intro_ENG_v2p0
 
New Horizons SCYBER Presentation
New Horizons SCYBER PresentationNew Horizons SCYBER Presentation
New Horizons SCYBER Presentation
 
CSO CXO Series Breakfast
CSO CXO Series BreakfastCSO CXO Series Breakfast
CSO CXO Series Breakfast
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032
 
CISSP Certification Training Course
CISSP Certification Training CourseCISSP Certification Training Course
CISSP Certification Training Course
 
What Cybersecurity Certifications Make You The Most Money Today.pptx
What Cybersecurity Certifications Make You The Most Money Today.pptxWhat Cybersecurity Certifications Make You The Most Money Today.pptx
What Cybersecurity Certifications Make You The Most Money Today.pptx
 
Zero Trust and Data Security
Zero Trust and Data SecurityZero Trust and Data Security
Zero Trust and Data Security
 
ITrust Cybersecurity Services - Datasheet EN
ITrust Cybersecurity Services - Datasheet ENITrust Cybersecurity Services - Datasheet EN
ITrust Cybersecurity Services - Datasheet EN
 
Crush Cloud Complexity, Simplify Security - Shield X
Crush Cloud Complexity, Simplify Security - Shield XCrush Cloud Complexity, Simplify Security - Shield X
Crush Cloud Complexity, Simplify Security - Shield X
 
cissp-course content.pdf & cissp description
cissp-course content.pdf & cissp descriptioncissp-course content.pdf & cissp description
cissp-course content.pdf & cissp description
 
CISSP _Course _Description and course overview
CISSP _Course _Description and course overviewCISSP _Course _Description and course overview
CISSP _Course _Description and course overview
 
Certified Information Systems Security Professional
Certified Information Systems Security ProfessionalCertified Information Systems Security Professional
Certified Information Systems Security Professional
 
My CV-Jan-2016
My CV-Jan-2016My CV-Jan-2016
My CV-Jan-2016
 
List of cybersecurity training courses by Tonex
List of cybersecurity training courses by TonexList of cybersecurity training courses by Tonex
List of cybersecurity training courses by Tonex
 
How to Create Plan-of-Action to Secure Critical Information
How to Create Plan-of-Action to Secure Critical InformationHow to Create Plan-of-Action to Secure Critical Information
How to Create Plan-of-Action to Secure Critical Information
 
SOC Analyst Course
SOC Analyst CourseSOC Analyst Course
SOC Analyst Course
 
Soc analyst course
Soc analyst courseSoc analyst course
Soc analyst course
 
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
 

Mais de Global Knowledge Training

PAN-OS - Network Security/Prevention Everywhere
PAN-OS - Network Security/Prevention EverywherePAN-OS - Network Security/Prevention Everywhere
PAN-OS - Network Security/Prevention EverywhereGlobal Knowledge Training
 
How To Troubleshoot Group Policy in Windows 10
How To Troubleshoot Group Policy in Windows 10How To Troubleshoot Group Policy in Windows 10
How To Troubleshoot Group Policy in Windows 10Global Knowledge Training
 
Why Pentesting is Vital to the Modern DoD Workforce
Why Pentesting is Vital to the Modern DoD WorkforceWhy Pentesting is Vital to the Modern DoD Workforce
Why Pentesting is Vital to the Modern DoD WorkforceGlobal Knowledge Training
 
Develop Your Skills with Unlimited Access to Red Hat Online Learning
Develop Your Skills with Unlimited Access to Red Hat Online LearningDevelop Your Skills with Unlimited Access to Red Hat Online Learning
Develop Your Skills with Unlimited Access to Red Hat Online LearningGlobal Knowledge Training
 
Exploring the Upgrade from VMware vSphere: Install, Configure, Manage 6 5 to 6 7
Exploring the Upgrade from VMware vSphere: Install, Configure, Manage 6 5 to 6 7Exploring the Upgrade from VMware vSphere: Install, Configure, Manage 6 5 to 6 7
Exploring the Upgrade from VMware vSphere: Install, Configure, Manage 6 5 to 6 7Global Knowledge Training
 
What’s Next For Your Azure Certification Journey
What’s Next For Your Azure Certification JourneyWhat’s Next For Your Azure Certification Journey
What’s Next For Your Azure Certification JourneyGlobal Knowledge Training
 
Cisco's Intent-Based Networking and the Journey to Software Defined Networks
Cisco's Intent-Based Networking and the Journey to Software Defined NetworksCisco's Intent-Based Networking and the Journey to Software Defined Networks
Cisco's Intent-Based Networking and the Journey to Software Defined NetworksGlobal Knowledge Training
 
Why It’s Critical to Apply the Risk Management Framework to Your IT Moderniza...
Why It’s Critical to Apply the Risk Management Framework to Your IT Moderniza...Why It’s Critical to Apply the Risk Management Framework to Your IT Moderniza...
Why It’s Critical to Apply the Risk Management Framework to Your IT Moderniza...Global Knowledge Training
 
The Essence of DevOps: What it Can Mean for You and Your Organization
The Essence of DevOps: What it Can Mean for You and Your OrganizationThe Essence of DevOps: What it Can Mean for You and Your Organization
The Essence of DevOps: What it Can Mean for You and Your OrganizationGlobal Knowledge Training
 
How to Make Agile Project Management Work in Your Organization
How to Make Agile Project Management Work in Your OrganizationHow to Make Agile Project Management Work in Your Organization
How to Make Agile Project Management Work in Your OrganizationGlobal Knowledge Training
 
What is Cryptojacking and How Can I Protect Myself?
What is Cryptojacking and How Can I Protect Myself?What is Cryptojacking and How Can I Protect Myself?
What is Cryptojacking and How Can I Protect Myself?Global Knowledge Training
 
How the Channel Can Break Down the Barriers to Cloud Success
How the Channel Can Break Down the Barriers to Cloud Success How the Channel Can Break Down the Barriers to Cloud Success
How the Channel Can Break Down the Barriers to Cloud Success Global Knowledge Training
 
Tackling 5 Taboo Topics in Cybersecurity People Management
Tackling 5 Taboo Topics in Cybersecurity People ManagementTackling 5 Taboo Topics in Cybersecurity People Management
Tackling 5 Taboo Topics in Cybersecurity People ManagementGlobal Knowledge Training
 

Mais de Global Knowledge Training (20)

Taking Advantage of Microsoft PowerShell
Taking Advantage of Microsoft PowerShell Taking Advantage of Microsoft PowerShell
Taking Advantage of Microsoft PowerShell
 
PAN-OS - Network Security/Prevention Everywhere
PAN-OS - Network Security/Prevention EverywherePAN-OS - Network Security/Prevention Everywhere
PAN-OS - Network Security/Prevention Everywhere
 
The Basics of Computer Networking
The Basics of Computer NetworkingThe Basics of Computer Networking
The Basics of Computer Networking
 
How To Troubleshoot Group Policy in Windows 10
How To Troubleshoot Group Policy in Windows 10How To Troubleshoot Group Policy in Windows 10
How To Troubleshoot Group Policy in Windows 10
 
Accelerating with Ansible
Accelerating with AnsibleAccelerating with Ansible
Accelerating with Ansible
 
Why Pentesting is Vital to the Modern DoD Workforce
Why Pentesting is Vital to the Modern DoD WorkforceWhy Pentesting is Vital to the Modern DoD Workforce
Why Pentesting is Vital to the Modern DoD Workforce
 
How to Maximize Your Training Budget
How to Maximize Your Training BudgetHow to Maximize Your Training Budget
How to Maximize Your Training Budget
 
Develop Your Skills with Unlimited Access to Red Hat Online Learning
Develop Your Skills with Unlimited Access to Red Hat Online LearningDevelop Your Skills with Unlimited Access to Red Hat Online Learning
Develop Your Skills with Unlimited Access to Red Hat Online Learning
 
Exploring the Upgrade from VMware vSphere: Install, Configure, Manage 6 5 to 6 7
Exploring the Upgrade from VMware vSphere: Install, Configure, Manage 6 5 to 6 7Exploring the Upgrade from VMware vSphere: Install, Configure, Manage 6 5 to 6 7
Exploring the Upgrade from VMware vSphere: Install, Configure, Manage 6 5 to 6 7
 
What’s Next For Your Azure Certification Journey
What’s Next For Your Azure Certification JourneyWhat’s Next For Your Azure Certification Journey
What’s Next For Your Azure Certification Journey
 
Cisco's Intent-Based Networking and the Journey to Software Defined Networks
Cisco's Intent-Based Networking and the Journey to Software Defined NetworksCisco's Intent-Based Networking and the Journey to Software Defined Networks
Cisco's Intent-Based Networking and the Journey to Software Defined Networks
 
Why It’s Critical to Apply the Risk Management Framework to Your IT Moderniza...
Why It’s Critical to Apply the Risk Management Framework to Your IT Moderniza...Why It’s Critical to Apply the Risk Management Framework to Your IT Moderniza...
Why It’s Critical to Apply the Risk Management Framework to Your IT Moderniza...
 
How to Build a Web Server with AWS Lambda
How to Build a Web Server with AWS LambdaHow to Build a Web Server with AWS Lambda
How to Build a Web Server with AWS Lambda
 
The Essence of DevOps: What it Can Mean for You and Your Organization
The Essence of DevOps: What it Can Mean for You and Your OrganizationThe Essence of DevOps: What it Can Mean for You and Your Organization
The Essence of DevOps: What it Can Mean for You and Your Organization
 
How to Migrate a Web App to AWS
How to Migrate a Web App to AWSHow to Migrate a Web App to AWS
How to Migrate a Web App to AWS
 
How to Make Agile Project Management Work in Your Organization
How to Make Agile Project Management Work in Your OrganizationHow to Make Agile Project Management Work in Your Organization
How to Make Agile Project Management Work in Your Organization
 
What is Cryptojacking and How Can I Protect Myself?
What is Cryptojacking and How Can I Protect Myself?What is Cryptojacking and How Can I Protect Myself?
What is Cryptojacking and How Can I Protect Myself?
 
How the Channel Can Break Down the Barriers to Cloud Success
How the Channel Can Break Down the Barriers to Cloud Success How the Channel Can Break Down the Barriers to Cloud Success
How the Channel Can Break Down the Barriers to Cloud Success
 
How to Avoid Cloud Migration Pitfalls
How to Avoid Cloud Migration PitfallsHow to Avoid Cloud Migration Pitfalls
How to Avoid Cloud Migration Pitfalls
 
Tackling 5 Taboo Topics in Cybersecurity People Management
Tackling 5 Taboo Topics in Cybersecurity People ManagementTackling 5 Taboo Topics in Cybersecurity People Management
Tackling 5 Taboo Topics in Cybersecurity People Management
 

Último

Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 

Último (20)

Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 

How to Build a Winning Cybersecurity Team

  • 2. © Global Knowledge Training LLC. All rights reserved. Page 2 Defenseᵌ: Human Element and 3D Defense PROCESS PEOPLE TECHNOLOGY More than “Defense in depth,” organizations need Defenseᵌ because cyber attacks happen across three dimensions. Cyber attacks are people attacking people, not machines attacking machines, so an educated workforce is critical.
  • 3. © Global Knowledge Training LLC. All rights reserved. Page 3 Building a Winning Team Acknowledge the people problem Address the human element Understand the specialties
  • 4. © Global Knowledge Training LLC. All rights reserved. Page 4 Cybersecurity is a people problem, not a technology problem • Every cybersecurity attack ever performed was initiated by a human • Every cybersecurity defense was designed and deployed by humans Cybersecurity is people attacking people • Humans write security policies • Humans design security architecture • Humans configure and deploy security technology • Humans initiate cybersecurity threats The People Problem “If you think technology can solve your security problems, then you don’t understand the problems and you don’t understand the technology” - Bruce Schneier
  • 5. © Global Knowledge Training LLC. All rights reserved. Page 5 The Human Element Perimeter Perimeter Perimeter Phase 1 • Firewall technology defense • Intruders blocked by perimeter policy • Internal users checked by virus scan • All credentialed users “trusted” Phase 2 • Firewall technology defense • Intruders blocked by perimeter policy • Intruders monitored by IPS/IDS • Internal network scanned for outside threats • Credentialed users “trusted” Phase 3 • Firewall and IPS/IDS technology defense • Intruders blocked by perimeter policy • Internal users checked by virus scan • Credentialed users “trusted” on “need-to-access” policies DiD ZTE “We have met the enemy and they are us” – Walt Kelly
  • 6. © Global Knowledge Training LLC. All rights reserved. Page 6 Sophisticated operations now have specialists • Mechanics have transmission specialists, electrical specialists, fuel injector specialists, etc. • Doctors have internal specialists, orthopedic specialists, neuro specialists, etc. Modern cybersecurity organizations generally require specialization, as well • Architecture and Policy • Governance, Risk, and Compliance • Data Loss Prevention • Incident Response • Identity and Access Management • Penetration Testing • DevSecOps • Secure Programming The Cybersecurity Specialties
  • 7. OUR CYBERSECURITY PORTFOLIO – THE “CROWN” AND “CASTLE” SKILLS MATRIX
  • 8. © Global Knowledge Training LLC. All rights reserved. Page 8 The “Crown” Organizational Map/Career Progression How many employees are at each level in the organization? Has career progression been planned? SKILLS DEVELOPMENT CERTIFICATION PREP ARCHITECTURE Senior Architect, Compliance Auditor MANAGEMENT CISO TECHNICAL SME, Lead Engineer TECHNOLOGY SOLUTIONS NEW TO ROLE MID-CAREER “CASTLE” SPECIALIZATION SENIOR LEADERSHIP IT FOUNDATIONS CYBERSECURITY FOUNDATIONS
  • 9. © Global Knowledge Training LLC. All rights reserved. Page 9 The “Castle” Functional Specialization ARCHITECTURE and POLICY DATA LOSS PREVENTION GOVERNANCE, RISK, and COMPLIANCE INDENTITY and ACCESS INCIDENT RESPONSE and FORENSIC ANALYSIS PENETRATION TESTING SECURE DEVOPS SECURE SOFTWARE DEVELOPMENT Designs and implements secure architectures, translates standards, business processes, and frameworks into internal policies Deploys and manages security applications such as malware detection on endpoints and servers Measures and quantifies risk, performs internal audits against best practices and standards, develops plans for business continuity and disaster recovery Manages identification, authorization, and permissions across all systems Detects and analyzes security events and correctly responds Intentionally attacks systems to expose vulnerabilities and probe weaknesses, Red Team Securely installs, configures, and operates systems and software Develops applications with minimal vulnerabilities, application security testing NIST FRAMEWORK Identify, Protect Protect, Detect Identify, Respond, Recover Protect Detect, Respond, Recover Protect Protect, Defend, Detect Protect
  • 10. © Global Knowledge Training LLC. All rights reserved. Page 10 ARCHITECTURE and POLICY DATA LOSS PREVENTION GOVERNANCE, RISK, and COMPLIANCE INDENTITY and ACCESS INCIDENT RESPONSE and FORENSIC ANALYSIS PENETRATION TESTING SECURE DEVOPS SECURE SOFTWARE DEVELOPMENT SENIOR LEADERSHIP (Expert) 9719: CSFI: Introduction to Cyber Warfare and Operations Design 1638: CISSP Certification Prep Course 2951: CompTIA Advanced Security Practitioner (CASP) Prep Course 9803: CISSP Certification Prep Course 3796: Certified Information Privacy Technologist (CIPT) Prep Course 8251: Information Security Expert 8001: Privacy and Data Protection Practitioner - SECO 2951: CompTIA Advanced Security Practitioner (CASP) Prep Course 9803: CISSP Certification Prep Course 3796: Certified Information Privacy Technologist (CIPT) Prep Course 8283: Business Continuity Expert 8274: Business Continuity Practitioner 9803: CISSP Certification Prep Course 2951: CompTIA Advanced Security Practitioner (CASP) Prep Course 3401: Computer Hacking Forensic Investigator (CHFI) v9 9803: CISSP Certification Prep Course 8291: Crisis Management Expert 3617: Certified Ethical Hacker 9803: CISSP Certification Prep Course 1642: SSCP Certification Prep Course 9803: CISSP Certification Prep Course 1697: CSSLP Certification Prep Course 9803: CISSP Certification Prep Course MID-CAREER “CASTLE” SPECIALIZATION (Practitioner) 6972: Cybersecurity Specialization: Architecture and Policy 6864: Risk Management Framework (RMF) Implementation 4.0* 7437: PECB ISO 270001 Foundations 1697: CSSLP Certification Prep Course 8000: Information Security Practitioner 3404: CompTIA Security+ Prep Course 4935: Certified Network Defender (CND) 4495: Certified Information Privacy Professional Europe (CIPP/E) Prep Course** 5867: Cybersecurity Analyst+ (CySA+) Prep Course 7999: Data Protection Foundation 4935: Certified Network Defender (CND) 4495: Certified Information Privacy Professional Europe (CIPP/E) Prep Course** 5867: Cybersecurity Analyst+ (CySA+) Prep Course 9871: CISM Prep Course 7437: PECB ISO 270001 Foundations 8015: Business Continuity Foundation - SECO 6974: Cybersecurity Specialization: Governance Risk and Compliance 4935: Certified Network Defender (CND) 5867: Cybersecurity Analyst+ (CySA+) Prep Course 3404: CompTIA Security+ Prep Course 8018: Crisis Management Practitioner 2180: CyberSec First Responder: Threat Detection and Response 5867: Cybersecurity Analyst+ (CySA+) Prep Course 1967: Hacking Methodologies for Security Professionals 4935: Certified Network Defender (CND) 8300: CompTIA PenTest+ Prep Course 3404: CompTIA Security+ Prep Course 3404: CompTIA Security+ Prep Course 4935: Certified Network Defender (CND) 5867: Cybersecurity Analyst+ (CySA+) Prep Course 2046: Introduction to Python Scripting for the Security Analyst 1123: Securing Java Web Applications 8005: Secure Programming Foundation - SECO NEW TO ROLE (Foundation) CYBERSECURITY FOUNDATIONS 9701: Cybersecurity Foundations 4277: Introduction to Cybersecurity IT FOUNDATIONS 3150: Understanding Network Fundamentals 9025: TCP/IP Networking 3291: CompTIA Network+ Certification Prep (N10-007) = coming soon!
  • 11. © Global Knowledge Training LLC. All rights reserved. Page 11 Cybersecurity Specialties Job Roles Define Functional Areas • Architecture and Policy Designs and implements secure architectures and forms policies • Governance, Risk, and Compliance Measures risk, perform auditing, plan for business continuity • Data Loss Prevention Deploys and manage security applications • Incident Response Runs Security Operations Center (SOC), perform threat detection • Identity and Access Management Manages identification, authorization, and permissions • Penetration Testing Intentionally attacks systems to expose vulnerabilities • DevSecOps Manages, installs, configures, and operates systems and software in the data center • Secure Programming Develops and test applications to have minimal vulnerabilities
  • 12. © Global Knowledge Training LLC. All rights reserved. Page 12 Senior Leadership 9719: CSFI: Introduction to Cyber Warfare and Operations Design 9803: CISSP Certification Prep Course Mid-Career Specialization 2-3 years growth 6864: Risk Management Framework (RMF) Implementation 4.0* 7434: PECB ISO 270001 Foundations 6972: Cybersecurity Specialization: Architecture and Policy – New! 1697: CSSLP Certification Prep Course New to Role Cybersecurity Foundations 1 year growth 9701: Cybersecurity Foundations 4277: Introduction to Cybersecurity IT Foundations 0-3 Years growth 3150: Understanding Network Fundamentals 9025: TCP/IP Networking 3291: CompTIA Network+ Certification Prep (N10-007) Architecture and Policy
  • 13. © Global Knowledge Training LLC. All rights reserved. Page 13 Senior Leadership 2951: CompTIA Advanced Security Practitioner (CASP) Prep Course 9803: CISSP Certification Prep Course 3796: Certified Information Privacy Technologist (CIPT) Prep Course 8251: Information Security Expert – Coming Soon 8001: Privacy and Data Protection Practitioner - SECO Mid-Career Specialization 2-3 years growth 8000: Information Security Practitioner 3404: CompTIA Security+ Prep Course 4935: Certified Network Defender (CND) 4495: Certified Information Privacy Professional Europe (CIPP/E) Prep Course* 5867: Cybersecurity Analyst+ (CySA+) Prep Course 7999: Data Protection Foundation New to Role Cybersecurity Foundations 1 year growth 9701: Cybersecurity Foundations 4277: Introduction to Cybersecurity IT Foundations 0-3 Years growth 3150: Understanding Network Fundamentals 9025: TCP/IP Networking 3291: CompTIA Network+ Certification Prep (N10-007) Data Loss Prevention
  • 14. © Global Knowledge Training LLC. All rights reserved. Page 14 Senior Leadership 2951: CompTIAAdvanced Security Practitioner (CASP) Prep Course 9803: CISSP Certification Prep Course 3796: Certified Information Privacy Technologist (CIPT) Prep Course 8283: Business Continuity Expert – Coming Soon 8274: Business Continuity Practitioner – Coming Soon Mid-Career Specialization 2-3 years growth 3404: CompTIA Security+ Prep Course 4935: Certified Network Defender (CND) 4495: Certified Information Privacy Professional Europe (CIPP/E) Prep Course* 5867: Cybersecurity Analyst+ (CySA+) Prep Course 9871: CISM Prep Course 8015: Business Continuity Foundation - SECO 6974: Cybersecurity Specialization: Governance Risk and Compliance – Coming Soon New to Role Cybersecurity Foundations 1 year growth 9701: Cybersecurity Foundations 4277: Introduction to Cybersecurity IT Foundations 0-3 Years growth 3150: Understanding Network Fundamentals 9025: TCP/IP Networking 3291: CompTIA Network+ Certification Prep (N10-007) Governance, Risk, and Compliance (GRC)
  • 15. © Global Knowledge Training LLC. All rights reserved. Page 15 Senior Leadership 2951: CompTIA Advanced Security Practitioner (CASP) Prep Course 9803: CISSP Certification Prep Course Mid-Career Specialization 2-3 years growth 3404: CompTIA Security+ Prep Course 4935: Certified Network Defender (CND) 5867: Cybersecurity Analyst+ (CySA+) Prep Course New to Role Cybersecurity Foundations 1 year growth 9701: Cybersecurity Foundations 4277: Introduction to Cybersecurity IT Foundations 0-3 Years growth 3150: Understanding Network Fundamentals 9025: TCP/IP Networking 3291: CompTIA Network+ Certification Prep (N10-007) Identity and Access Management
  • 16. © Global Knowledge Training LLC. All rights reserved. Page 16 Senior Leadership 3401: Computer Hacking Forensic Investigator (CHFI) v9 9803: CISSP Certification Prep Course 8291: Crisis Management Expert – Coming Soon Mid-Career Specialization 2-3 years growth 8018: Crisis Management Practitioner – Coming Soon 3404: CompTIA Security+ Prep Course 2180: CyberSec First Responder: Threat Detection and Response 5867: Cybersecurity Analyst+ (CySA+) Prep Course New to Role Cybersecurity Foundations 1 year growth 9701: Cybersecurity Foundations 4277: Introduction to Cybersecurity IT Foundations 0-3 Years growth 3150: Understanding Network Fundamentals 9025: TCP/IP Networking 3291: CompTIA Network+ Certification Prep (N10-007) Incident Response and Forensic Analysis
  • 17. © Global Knowledge Training LLC. All rights reserved. Page 17 Senior Leadership 3617: Certified Ethical Hacker 9803: CISSP Certification Prep Course Mid-Career Specialization 2-3 years growth 3404: CompTIA Security+ Prep Course 4935: Certified Network Defender (CND) 1967: Hacking Methodologies for Security Professionals 8300: CompTIA PenTest+ Prep Course – Coming Soon New to Role Cybersecurity Foundations 1 year growth 9701: Cybersecurity Foundations 4277: Introduction to Cybersecurity IT Foundations 0-3 Years growth 3150: Understanding Network Fundamentals 9025: TCP/IP Networking 3291: CompTIA Network+ Certification Prep (N10-007) Penetration Testing
  • 18. © Global Knowledge Training LLC. All rights reserved. Page 18 Senior Leadership 1642: SSCP Certification Prep Course 9803: CISSP Certification Prep Course Mid-Career Specialization 2-3 years growth 3404: CompTIA Security+ Prep Course 4935: Certified Network Defender (CND) 5867: Cybersecurity Analyst+ (CySA+) Prep Course New to Role Cybersecurity Foundations 1 year growth 9701: Cybersecurity Foundations 4277: Introduction to Cybersecurity IT Foundations 0-3 Years growth 3150: Understanding Network Fundamentals 9025: TCP/IP Networking 3291: CompTIA Network+ Certification Prep (N10-007) 4666: CompTIA A+ Certification Prep Secure DevOps
  • 19. © Global Knowledge Training LLC. All rights reserved. Page 19 Senior Leadership 1697: CSSLP Certification Prep Course 9803: CISSP Certification Prep Course Mid-Career Specialization 2-3 years growth 2046: Introduction to Python Scripting for the Security Analyst 1123: Securing Java Web Applications 8005: Secure Programming Foundation – Coming Soon New to Role Cybersecurity Foundations 1 year growth 9701: Cybersecurity Foundations 4277: Introduction to Cybersecurity IT Foundations 0-3 Years growth 3150: Understanding Network Fundamentals 9025: TCP/IP Networking 3291: CompTIA Network+ Certification Prep (N10-007) Secure Software Development

Notas do Editor

  1. At Global Knowledge, we deliver a skills solution to the cybersecurity challenge that is three-dimensional and built on the unique insight we’ve gained as the point of convergence for cybersecurity expertise. Our Crown and Castle Skills Matrix helps organizations address the human element of defense through dedicated learning paths across each cybersecurity function and at every career level.
  2. Simplifying skills development planning, the “Crown” provides a high-level view for managers, directors and any other leaders responsible for cybersecurity people management and/or professional development. The “Crown” outlines and organizes cybersecurity career progression from foundational IT skills all the way up through the three branches of cybersecurity senior leadership. Leaders can use the “Crown” to measure, track, and develop optimal depth and breadth of skills within their department or team, while individual contributors can use “the Crown” to define and evaluate their personal career goals.
  3. Designed to be implemented along with the “Crown”, the “Castle” describes the discrete functions within cybersecurity. These are the individual pieces that make up the cybersecurity whole and one job role may cover several functions or one function might be manned by several professionals depending on the size and scope of the organization. As Cybersecurity professionals reach the Mid-Career Specialization level in the “Crown,” the “Castle” helps focus activity on for maximum return on training investments.
  4. *6867 is the DoD version of 6864 … teaches the same content as (ISC)2 Certified Authorization Professional (CAP)
  5. *Most relevant GDPR course
  6. *Most relevant GDPR course