Strengthening Cybersecurity Workforce Development December 2017
|
|
- Eric Short
- 6 years ago
- Views:
Transcription
1 Strengthening Cybersecurity Workforce Development December 2017
2 Agenda 1. Introduc3ons SANS GIAC Team 2. Goal: 2017 Execu3ve Order 3. SANS GIAC NICE Workforce Framework (NCWF) Mapping Overview 4. Workforce Development Discussion 5. Q&A
3
4 Presiden,al Execu,ve Order on Cybersecurity May 11, 2017: President Trump issued an Execu3ve Order to strengthen federal networks and cri3cal infrastructure cybersecurity President will hold agency heads accountable for managing cybersecurity risk Agency heads shall use the NIST Framework to manage their agency s cybersecurity risk framework U.S. seeks to support the growth and sustainment of a workforce that is skilled in cybersecurity and related fields
5 Broad Organiza,on of the NICE Framework hyps:// GIAC Cer3fica3ons 2017, Version 1.3
6 SANS/GIAC Quick Reference Guide Mapped SANS training courses and GIAC cer3fica3ons to the NCWF One slide/card per NICE job role Everything you need to know about that job role, specialty area, and mapped SANS/GIAC offerings in one page Includes SANS Course, GIAC Cer3fica3on, and Proficiency Levels High road approach Integrity in mapping IOW Not trying to fill in boxes where it doesn t make sense
7 About Proficiency Levels Basic - Training maps to many knowledge statements, simpler skills, and tasks that are pre-requisites to an employee being effec3ve in this job role Intermediate - Training maps to many mid-level knowledge, skills, abili3es and tasks. Employee can be reasonably effecave in this job role aaer receiving training Advanced - Maps to higher level knowledge, skills, abili3es, and tasks. Employee should be very effecave in this func3onal area aaer receiving training. However, some lower level, pre-requisite KSAs may not be covered by these courses Expert - Maps to few very specific KSAs or tasks in a highly focused area. This training assumes someone is already well trained and effecave in this job role overall. It focuses on experase in a very specific, narrow area.
8 Best Fit for Most People Other mapped offerings, may be more basic, advanced, or specialized than the majority will need.
9 Investigate (IN) Specialty Area: Digital Forensics (FOR) Collects, processes, preserves, analyzes, and presents computer-related evidence in support of network vulnerability mi3ga3on and/or criminal, fraud, counterintelligence, or law enforcement inves3ga3ons. Work Role: Cyber Defense Forensics Analyst (IN-FOR-002) Analyzes digital evidence and inves3gates computer security incidents to derive useful informa3on in support of system/network vulnerability mi3ga3on. SANS Training Course FOR500: Windows Forensics Analysis GIAC Certification GCFE: GIAC Cer3fied Forensic Examiner NICE Proficiency Level 3: Advanced FOR508: Advanced Digital Forensics, Incident Response, and Threat Hun3ng FOR572: Advanced Network Forensics and Analysis GCFA: GIAC Cer3fied Forensic Analyst GNFA: GIAC Network Forensic Analyst 3: Advanced 3: Advanced Other Mapped SANS Training and GIAC Certifications: SEC401: Security Essen3als Bootcamp /GSEC: GIAC Security Essen3als FOR585: Advanced Smartphone Forensics/ GASF: GIAC Advanced Smartphone Forensics FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques/ GREM:GIAC Reverse Engineering Malware FOR518: Mac Forensic Analysis FOR526: Memory Forensics In-Depth GIAC Cer3fica3ons 2017, Version 1.3
10 Protect and Defend (PR) Specialty Area: Vulnerability Assessment and Management (VAM) Conducts assessments of threats and vulnerabili,es; determines devia,ons from acceptable configura,ons, enterprise or local policy; assesses the level of risk; and develops and/or recommends appropriate mi,ga,on countermeasures in opera,onal and nonopera,onal situa,ons. Work Role: Vulnerability Assessment Analyst (PR-VAM-001) Performs assessments of systems and networks within the network environment or enclave and iden,fies where those systems/networks deviate from acceptable configura,ons, enclave policy, or local policy. Measures effec,veness of defense-in-depth architecture against known vulnerabili,es. SANS Training Course SEC542: Web App Penetra3on Tes3ng and Ethical Hacking SEC560: Network Penetra3on Tes3ng and Ethical Hacking SEC660: Advanced Penetra3on Tes3ng, Exploit Wri3ng, and Ethical Hacking SEC642: Advanced Web App Penetra3on Tes3ng, Ethical Hacking, and Exploita3on Techniques GIAC Certification GWAPT: GIAC Web Applica3on Penetra3on Tester GPEN: GIAC Cer3fied Penetra3on Tester GXPN: GIAC Exploit Researcher and Advanced Penetra3on Tester N/A NICE Proficiency Level 3: Advanced 3: Advanced 4: Expert 4: Expert Vulnerability Assessment Analyst Continued Next Page
11 Protect and Defend (PR) Vulnerability Assessment Analyst Continued Specialty Area: Vulnerability Assessment and Management (VAM) Conducts assessments of threats and vulnerabili,es; determines devia,ons from acceptable configura,ons, enterprise or local policy; assesses the level of risk; and develops and/or recommends appropriate mi,ga,on countermeasures in opera,onal and nonopera,onal situa,ons. Work Role: Vulnerability Assessment Analyst (PR-VAM-001) Performs assessments of systems and networks within the network environment or enclave and iden,fies where those systems/networks deviate from acceptable configura,ons, enclave policy, or local policy. Measures effec,veness of defense-in-depth architecture against known vulnerabili,es. Other Mapped SANS Training and GIAC Certifications: SEC401: Security Essen3als Bootcamp /GSEC: GIAC Security Essen3als SEC501: Advanced Security Essen3als - Enterprise Defender/ GCED: GIAC Cer3fied Enterprise Defender SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling/ GCIH: GIAC Cer3fied Incident Handler AUD507: Audi3ng & Monitoring Networks, Perimeters & Systems/ GSNA: GIAC Systems and Network Auditor ICS410: ICS/SCADA Security Essen3als/ GICSP: Global Industrial Cyber Security Professional ICS515: ICS Ac3ve Defense and Incident Response/ GRID: GIAC Response and Industrial Defense SEC617: Wireless Penetra3on Tes3ng and Ethical Hacking/ GAWN: GIAC Assessing Wireless Networks SEC561: Immersive Hands-on Hacking Techniques SEC562: CyberCity Hands-on Kine3c Cyber Range Exercise SEC760: Advanced Exploit Development for Penetra3on Testers
12 Interagency Best Prac,ces Discussion What is your agency doing to meet the EO requirements? OSD Update Other examples?
13 SANS Workforce Development Capabili,es How Our Capabili8es Are Helping Clients Recruit Develop Assessing ApAtude C-suite understanding remains weak Rarely CyberStart has something been so important and so talked about with less clarity and less Academies understanding Assessing Skills SANS Training (mapped to NCWF) GIAC Cer8fica8ons (mapped to NCWF) Retain Roadmaps Cyber Ranges and Exercises Master s Degree/CerAficate Programs
14 Ques,ons? SANS Federal Team Daryl Gilbertson (US Army, USAF): MaY Beaghley (US Navy, USCG, USMC, DOE): Mike Foros3ak (Federal Civilian Agencies): Jim Yacone (Intel/Law Enforcement Community): John Nix: Download this presenta?on at
15 Appendix
16 What is SANS? Global, trusted leader in Informa3on Security training, cer3fica3on, educa3on, and research 30,000+ individuals trained annually 70 courses across mul?ple curriculums Deep, comprehensive offering Expert instructors (teachers) à Excep3onal course content Focus: Applied Skills Validated Quality Proven, flexible learning formats (live in-classroom or online)
17
18 SANS Suite of offerings SANS
SANS and GIAC Certifications in alignment with the NICE Cyber Security Workforce Framework
SANS and s in alignment with the NICE Cyber Security Workforce Framework NIST Special Publication 800-181 Ensuring a trained and certified cyber security workforce Using the NICE Framework Newhouse, William,
More informationBuilding new cybersecurity pipelines. NICE Conference 2017 November 8, Strengthening Cyber Workforce Development sans.
Building new cybersecurity pipelines NICE Conference 2017 November 8, 2017 Strengthening Cyber Workforce Development sans.org/cybertalent Cybersecurity: The Current State Skills Mismatch Emphasis on theory
More informationPlaying Security Poker I match your degree and raise you by a certification or 2 Grumpy Old Security Men What s up Cert?
Playing Security Poker I match your degree and raise you by a certification or 2 Grumpy Old Security Men What s up Cert? Presented by: Curtis Coats, CISSP, CAP Kelley P. Archer, CISSR MN ISSA Agenda Types
More informationThe fast track to top skills and top jobs in cyber. Guaranteed.
The fast track to top skills and top jobs in cyber. Guaranteed. NO COST TO SELECTED PARTICIPANTS WELCOME The SANS Institute is presenting the SANS CyberTalent Immersion Academy for Women to encourage women
More informationKeeping Your SOCs Full. May 26, Strengthening Capacity in Cyber Talent sans.org/cybertalent
Keeping Your SOCs Full May 26, 2016 Strengthening Capacity in Cyber Talent sans.org/cybertalent Cybersecurity: The Current State Skills Mismatch Emphasis on theory over practice Education focus on theoretical
More informationUPDATED: 10/17/16. Senior Level. Senior Specialty Threat, Consultant, Engineer, Manager. Mid Level Analyst
WORKFORCE COLLABORATIVE: CYBERSECURITY BUILDING THE TALENT PIPELINE SECURITY ANALYST CAREER PATHWAY UPDATED: 10/17/16 CYBERSECURITY SECURITY ANALYST CAREER PATHWAY Senior Level Senior Specialty Threat,
More informationImmersion Academy Annual Report 2018
Immersion Academy Annual Report 2018 An accelerated, intensive training and certification program that develops the real-world knowledge and hands-on skills needed to defend today s information security
More informationStrengthening Capacity in Cyber Talent sans.org/cybertalent
SANS Security Awareness Summit August 4th, 2016 Strengthening Capacity in Cyber Talent sans.org/cybertalent Cybersecurity: The Current State Skills Mismatch Emphasis on theory over practice Education focus
More informationCyberSecurity Training and Capacity Building: A Starting Point for Collaboration and Partnerships. from the most trusted name in information security
CyberSecurity Training and Capacity Building: A Starting Point for Collaboration and Partnerships About SANS The SANS (SysAdmin, Audit, Network, Security) Institute Established in 1989 Cooperative research
More informationImmersion Academy Annual Report 2017
Immersion Academy Annual Report 2017 Accelerated, intensive training and certification program that develops the real-world knowledge and hands-on skills needed to defend today s information security systems.
More informationCareer Paths In Cybersecurity
Career Paths In Cybersecurity Introductions Rob Ashcraft Sr. Technical Advisor 26-yrs in Information Technology 14-yrs in Information Security Held positions as Technician, IT Management, IT Sales Double
More informationBusiness Case Components
How to Build A SOC Agenda Mission Business Case Components Regulatory requirements SOC Terminology Technology Components Events categories Staff Requirements Organiza>on s Considera>ons Training Requirements
More informationSecurity. Protect your business from security threats with Pearl Technology. The Connection That Matters Most
Security Protect your business from security threats with Pearl Technology The Connection That Matters Most Committed to Your Future When it comes to your business, security can mean many things. But to
More informationNational Initiative for Cyber Education (NICE) and the Cybersecurity Workforce Framework: Attract and Retain the Best in InfoSec.
National Initiative for Cyber Education (NICE) and the Cybersecurity Workforce Framework: Attract and Retain the Best in InfoSec April 12, 2018 1 Introduction to NICE - The National Initiative for Cybersecurity
More informationNISTCSF.COM. NIST Cybersecurity Framework (NCSF) Workforce Development Solutions
NISTCSF.COM NIST Cybersecurity Framework (NCSF) Workforce Development Solutions AGENDA The Cybersecurity Threat Landscape The Cybersecurity Challenge NIST Cybersecurity Framework NICE Cybersecurity Workforce
More informationThe fast track to top skills and top jobs in cyber. Guaranteed. FREE TO TRANSITIONING VETERANS
The fast track to top skills and top jobs in cyber. Guaranteed. FREE TO TRANSITIONING VETERANS WELCOME SANS Institute is presenting the SANS VetSuccess Immersion Academy in the DC Metro area. For transitioning
More informationNISTCSF.COM. NIST Cybersecurity Framework (NCSF) Workforce Development Solutions
NISTCSF.COM NIST Cybersecurity Framework (NCSF) Workforce Development Solutions AGENDA The Cybersecurity Threat Landscape The Cybersecurity Challenge NIST Cybersecurity Framework NICE Cybersecurity Workforce
More informationThe fast track to top skills and top jobs in cyber. Guaranteed. FREE TO TRANSITIONING VETERANS
The fast track to top skills and top jobs in cyber. Guaranteed. FREE TO TRANSITIONING VETERANS WELCOME SANS Institute, in collaboration with RP6, is presenting the SANS VetSuccess CyberTalent Immersion
More informationDoD Directive (DoDD) 8570 & GIAC Certification
DoD Directive (DoDD) 8570 & GIAC Certification Date Updated: October 2010 What is DoDD 8570? Department of Defense Directive 8570 provides guidance and procedures for the training, certification, and management
More informationThe fast track to top skills and top jobs in cyber. FREE TO TRANSITIONING VETERANS
The fast track to top skills and top jobs in cyber. FREE TO TRANSITIONING VETERANS FAST TRACK Three steps to a cybersecurity career QUALIFY Take the qualifying exam, complete the application process, and
More informationA United States Cyber Academy Program
The GIAC certifications I earned in the Academy really helped open doors for me as a cybersecurity professional. Justin Sappington, Information Security Analyst at Umpqua Bank A United States Cyber Academy
More informationCYBER APPRENTICESHIP. Dr. Leigh Armistead, President
CYBER APPRENTICESHIP Dr. Leigh Armistead, President 1 OVERVIEW Peregrine Technical Solutions, LLC. (Peregrine) is a SBA certified 8(a) business with core competencies in IT security, IA and cyber warfare.
More informationThe fast track to top skills and top jobs in cyber. Guaranteed. FREE TO TRANSITIONING VETERANS
The fast track to top skills and top jobs in cyber. Guaranteed. FREE TO TRANSITIONING VETERANS WELCOME SANS Institute is presenting the SANS VetSuccess Immersion Academy in San Diego. For transitioning
More informationBuild Your Cybersecurity Team: Create a Strong Cybersecurity Workforce Using Best Practices in Development
Build Your Cybersecurity Team: Create a Strong Cybersecurity Workforce Using Best Practices in Development Noel Kyle, Program Manager Department of Homeland Security (DHS) National Cybersecurity Education
More informationThe National Initiative for Cybersecurity Education (NICE) The NICE Workforce Framework, NIST SP , Overview October 4, 2017
The National Initiative for Cybersecurity Education (NICE) The NICE Workforce Framework, NIST SP 800-181, Overview October 4, 2017 NICE Strategic Goals - http://csrc.nist.gov/nice/about/strategicplan.html
More informationSTUDENT LEARNING OUTCOMES Beacom College of Computer and Cyber Sciences
STUDENT LEARNING OUTCOMES Beacom College of Computer and Cyber Sciences Undergraduate Programs - Bachelor B.S. Computer Game Design Upon completion of the B.S. degree in Computer Game Design, students
More informationThe fast track to top skills and top jobs in cyber. Guaranteed. FREE TO TRANSITIONING VETERANS
The fast track to top skills and top jobs in cyber. Guaranteed. FREE TO TRANSITIONING VETERANS WELCOME SANS Institute, in collaboration with Augusta Warrior Project and Augusta University, is presenting
More informationTRAINING CATALOGUE 2017/ 18
The Largest and Most Trusted Source of Cyber Security Training, Certification, and Research in the World CATALOGUE 2017/ 18 www.sans.org @EMEA SEE INSIDE FOR EVENTS ACROSS EUROPE AND MIDDLE EAST CURRICULUM
More informationWhat is the CISSP? Certified Ethical Hacker v8 or higher Certified Forensic Computer Examiner (CFCE) Certified Fraud Examiner (CFE)
What is the CISSP? (ISC)2 s Certified Information Systems Security Professional (CISSP ) is the gold standard professional certification for experienced information security and related professionals worldwide.
More informationCyber Analyst Academy. Closing the Cyber Security Skills Gap.
Cyber Analyst Academy Closing the Cyber Security Skills Gap. Why do the Cyber Analyst Academy? Why QA? There is a huge gap in the market for this skills set and QA are excited to deliver a new hands-on
More informationSANS OFFERS HANDS -ON, IMMERSION-STYLE INFORMATION SECURITY TRAINING
T H E M O S T T R U S T E D S O U R C E F O R I N F O R M AT I O N S E C U R I T Y T R A I N I N G, C E R T I F I C AT I O N, A N D R E S E A R C H October Singapore 2 016 24 October 5 November Grand Copthorne
More informationDEEPER KNOWLEDGE. ADVANCED SECURITY.
DEEPER KNOWLEDGE. ADVANCED SECURITY. Global Information Assurance Certification (GIAC) develops and administers the premier certifications for information security professionals. More than 30 certifications
More informationCyber Security Capabilities
Cyber Security Capabilities Informa:on Assurance ü Vulnerability Assessment ü Penetra8on Tes8ng ü Informa8on Security Assessment ü Applica8on Security Evalua8on ü Network Traffic Assessment ü Cri8cality
More informationLarge-scale Testbed and Cyber Range Organiza6on and Design
CYBER RANGE ORGANIZATION AND DESIGN Large-scale Testbed and Cyber Range Organiza6on and Design Razvan Beuran, Ken-ichi Chinen Outline 1. Mo9va9on & overview 2. Making use of StarBED 3. Case studies 4.
More informationDeveloping the Next Generation Cyber Army VINCENT NESTLER, PH. D., CALIFORNIA STATE UNIVERSITY, SAN BERNARDINO
Developing the Next Generation Cyber Army VINCENT NESTLER, PH. D., CALIFORNIA STATE UNIVERSITY, SAN BERNARDINO Bio Assistant Director, Cybersecurity Center California State University, San Bernardino Professor,
More informationCYBER APPRENTICESHIP. Dr Leigh Armistead, President
CYBER APPRENTICESHIP Dr Leigh Armistead, President 1 EVERYBODY HAS THE SAME ISSUE 2 OVERVIEW Peregrine Technical Solutions, LLC. (Peregrine) is a SBA certified 8(a), SB with core competencies in IT security,
More informationCybersecurity Curricular Guidelines
Cybersecurity Curricular Guidelines Ma2 Bishop, University of California Davis, co-chair Diana Burley The George Washington University, co-chair Sco2 Buck, Intel Corp. Joseph J. Ekstrom, Brigham Young
More informationDefense in Depth for Systems Administrators
Defense in Depth for Systems Administrators #whoami Jayme Hancock Currently: Penetra?on Tester with AppSec Consul?ng Previously: Systems Administrator for Small & Med Business Systems Administrator for
More informationTraining Catalogue THE LARGEST AND MOST TRUSTED SOURCE OF CYBER SECURITY EMEA PRIVATE TRAINING TRAINING EVENTS
Training Catalogue 2018 THE LARGEST AND MOST TRUSTED SOURCE OF CYBER URITY TRAINING, C E RT I F I C AT I O N, A N D R E S E A R C H I N T H E W O R L D @SANSEMEA ON DEMAND EMEA WWW.SANS.ORG 4 Choose your
More informationImproving the cyber security posture of New Zealand Barry Brailey NZITF Chair
New Zealand Internet Task Force Improving the cyber security posture of New Zealand Barry Brailey NZITF Chair Programme Introduc7on Background The Birth of a Trust Group Ongoing work Q&A Who Am I? Manager,
More informationApprenticeships CYBER SECURITY HIGHER APPRENTICESHIP FROM IT TECHNICIAN TO SKILLED INFORMATION SECURITY PROFESSIONAL
Apprenticeships CYBER SECURITY HIGHER APPRENTICESHIP FROM IT TECHNICIAN TO SKILLED INFORMATION SECURITY PROFESSIONAL WHY CHOOSE QA? There are lots of apprenticeship providers out there but we think we
More informationEC-Council Certified Incident Handler v2. Prepare to Handle and Respond to Security Incidents EC-COUNCIL CERTIFIED INCIDENT HANDLER 1
EC-Council Certified Incident Handler v2 Prepare to Handle and Respond to Security Incidents EC-COUNCIL CERTIFIED INCIDENT HANDLER 1 THE CRITICAL NATURE OF INCIDENT HANDLING READINESS An organized and
More informationNICE Curriculum and Certification Mapping
NICE Curriculum and Certification Mapping Thomas Trevethan Academy Training Engineer Cybersecurity Academy - Mission The Palo Alto Networks Cybersecurity Academy prepares students with next-generation
More informationCYBER SECURITY TRAINING
CYBER Security skills for the digital age. Cyber Crime has never been more predominant. The number of breaches is exponentially rising year on year leading to an ever increasing Cyber Security threat.
More informationEC-Council C EH. Certified Ethical Hacker. Program Brochure
EC-Council TM C EH Program Brochure Target Audience This course will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the
More informationPanelists. Moderator: Dr. John H. Saunders, MITRE Corporation
SCADA/IOT Panel This panel will focus on innovative & emerging solutions and remaining challenges in the cybersecurity of industrial control systems ICS/SCADA. Representatives from government and infrastructure
More informationVendor Management: SSAE 18. Presented by Joseph Kirkpatrick CISSP, CISA, CGEIT, CRISC, QSA Managing Partner
Vendor Management: SSAE 18 Presented by Joseph Kirkpatrick CISSP, CISA, CGEIT, CRISC, QSA Managing Partner Audio Handouts Questions Welcome Joseph Kirkpatrick is the Managing Partner at KirkpatrickPrice
More informationITU CBS. Digital Security Capacity Building: Role of the University GLOBAL ICT CAPACITY BUILDING SYMPOSIUM SANTO DOMINGO 2018
GLOBAL ICT CAPACITY BUILDING SYMPOSIUM ITU CBS SANTO DOMINGO 2018 Digital Capacity Building: Role of the University 18 20 June 2018 Santo Domingo, Dominican Republic Dr. Nizar Ben Neji Faculty of Sciences
More informationCYBER SOLUTIONS & THREAT INTELLIGENCE
CYBER SOLUTIONS & THREAT INTELLIGENCE STRENGTHEN YOUR DEFENSE DarkTower is a global advisory firm focused on security for some of the world s leading organizations. Our security services, along with real-world
More informationCompTIA Cybersecurity Analyst+
CompTIA Cybersecurity Analyst+ Course CT-04 Five days Instructor-Led, Hands-on Introduction This five-day, instructor-led course is intended for those wishing to qualify with CompTIA CSA+ Cybersecurity
More informationM.S. IN INFORMATION ASSURANCE MAJOR: CYBERSECURITY. Graduate Program
Detroit Mercy s Master of Science in Information Assurance with a major in Cybersecurity is a multi-disciplinary 30-credit-hour graduate degree. It is designed to produce a comprehensively knowledgeable
More informationSECURITY+ COMPETITIVE ANALYSIS 1. GIAC GSEC 2. (ISC)2 SSCP 3. EC-COUNCIL CEH
SECURITY+ COMPETITIVE ANALYSIS 1. GIAC GSEC 2. (ISC)2 SSCP 3. EC-COUNCIL CEH 1 SECURITY+ VS GIAC GSEC Where does GSEC fit? 3 CompTIA Security+ and GIAC Security Essentials (GSEC) Feature CompTIA Security+
More informationCALENDAR FOR THE YEAR 2018
27 Dubai 08-12 Jan 1 Advance Budgeting Workshop 386 Istanbul 11-1 Mar 396 London 13-17 May 2 Advance Business Writing 296 Abu Dhabi 1-19 Jan 3 Contract Management 396 London 22-26 Jan 27 Dubai 18-22 Mar
More informationCyber Security Technologies
1 / Cyber Security Technologies International Seminar on Cyber Security: An Action to Establish the National Cyber Security Center Lisbon, 12 th September 2013 23 / Key highlights - Thales Group Thales
More informationHow Breaches Really Happen
How Breaches Really Happen www.10dsecurity.com About Dedicated Information Security Firm Clients Nationwide, primarily in financial industry Services Penetration Testing Social Engineering Vulnerability
More informationCertified Cyber Security Analyst VS-1160
VS-1160 Certified Cyber Security Analyst Certification Code VS-1160 Vskills certification for Cyber Security Analyst assesses the candidate as per the company s need for cyber security and forensics. The
More informationCybersecurity Risk Mitigation: Protect Your Member Data. Introduction
Cybersecurity Risk Mitigation: Protect Your Member Data Presented by Matt Mitchell, CISSP Knowledge Consulting Group Introduction Matt Mitchell- Director Risk Assurance 17 years information security experience
More informationHacking to Get Caught. (Updated) Thoughts About Adversary Replica?on and Penetra?on Tes?ng
Hacking to Get Caught (Updated) Thoughts About Adversary Replica?on and Penetra?on Tes?ng Overview Personal Introduc?on Hacking to Get Caught The Conversa?on Adversary Simula?on Challenges Personal Introduc?on
More informationSOC Summit June 6, Strengthening Capacity in Cyber Talent sans.org/cybertalent
SOC Summit 2017 June 6, 2017 Strengthening Capacity in Cyber Talent sans.org/cybertalent Increasing Sense of Urgency Cyber threats to U.S. national and economic security are increasing in frequency, scale,
More informationCyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS
Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Continual disclosed and reported
More informationBreaking Out the Cybersecurity Workforce Framework
Breaking Out the Cybersecurity Workforce Framework Ray Trygstad Industry Professor of Information Technology & Management; Associate Director, IIT Center for Cyber Security & Forensics Education The Framework:
More informationSage Data Security Services Directory
Sage Data Security Services Directory PROTECTING INFORMATION ASSETS ENSURING REGULATORY COMPLIANCE FIGHTING CYBERCRIME Discover the Sage Difference Protecting your business from cyber attacks is a full-time
More informationNational Initiative for Cybersecurity Education
National Initiative for Cybersecurity Education NIST Special Publication, 800-181 NICE Cybersecurity Workforce Framework Douglas Rausch Cybersecurity Program Director, Bellevue University Lead Skills-based
More informationBuilding the Cybersecurity Workforce. November 2017
Building the Cybersecurity Workforce November 2017 Our Global Footprint Measuring Kaplan University s Educational Impact For every career path +1MM students annually served Facilities in 30+ countries
More informationCyber Security Occupations. in San Diego County
Cyber Security s in San Diego County February 2017 Prepared by Center of Excellence for Labor Market Research San Diego & Imperial Counties Region Labor Market Demand & Wages Currently, there is only one
More informationCOMPUTER FORENSICS (CFRS)
Computer Forensics (CFRS) 1 COMPUTER FORENSICS (CFRS) 500 Level Courses CFRS 500: Introduction to Forensic Technology and Analysis. 3 credits. Presents an overview of technologies of interest to forensics
More informationINFORMATION SECURITY TRAINING
The most trusted source for information security training, certification, and research. INFORMATION SECURITY TRAINING 2018 Asia-Pacific COURSE CATALOG 80+ Certified instructors 200+ Live events globally,
More informationInteragency Advisory Board Meeting Agenda, Wednesday, December 5, 2012
Interagency Advisory Board Meeting Agenda, Wednesday, December 5, 2012 1. Opening Remarks 2. The State Identity Credential and Access Management Guidance and Roadmap (SICAM) (Chad Grant, NASCIO) 3. PIV
More informationShon Harris s Newly Updated CISSP Materials
Shon Harris s Newly Updated CISSP Materials WHY PURSUE A CISSP? Many companies are beginning to regard a CISSP certification as a requirement for their technical, mid-management, and senior IT management
More informationINFORMATION SECURITY TRAINING
The most trusted source for information security training, certification, and research. INFORMATION SECURITY TRAINING 2018 Asia-Pacific COURSE CATALOG 80+ Certified instructors 200+ Live events globally,
More informationSANS MUNICH #SANSMunich
THE WORLD S LARGEST & MOST TRUSTED PROVIDER OF CYBER SECURITY TRAINING Immersive Training World Class Instructors GIAC Certification SANS@Night evening talks and networking Social Functions MON 15 - SAT
More informationAssessing Medical Device. Cyber Risks in a Healthcare. Environment
Assessing Medical Device Medical Devices Security Cyber Risks in a Healthcare Phil Englert Director Technology Operations Environment Catholic Health Ini
More informationBLACK HAT USA 2013 ADD A CLASS REQUEST FORM INSTRUCTIONS
Use one form per registrant. BLACK HAT USA 2013 ADD A CLASS REQUEST FORM INSTRUCTIONS This form is for those who have existing USA 2013 Training Registration and have an existing Confirmation Number. If
More informationLeadership. 25 years leading in cyber. 165,000 trained since ,000+ students annually
1 Leadership SANS is the most trusted, and the largest source for information security training and security certification in the world. No one is more trusted in cyber 25 years leading in cyber 165,000
More informationShaping the Future of Cybersecurity Education
Shaping the Future of Cybersecurity Education Is N.I.C.E. NATIONAL INITIATIVE FOR CYBERSECURITY EDUCATION (NICE) November 2010 THEPRESENT Comprehensive National Cybersecurity Initiative Training the existing
More informationEnterprise Risk Management (ERM) and Cybersecurity. Na9onal Science Founda9on March 14, 2018
Enterprise Risk Management (ERM) and Cybersecurity Na9onal Science Founda9on March 14, 2018 Agenda Guiding Principles for Implementing ERM at NSF (Based on COSO) NSF s ERM Framework ERM Cybersecurity Risk
More informationGIAC Certifications. u Validate real-world competency. u Focus on hands-on concepts
Range from fondational to highly focsed areas of specialization and expertise. GIAC offer certifications in secrity fndamentals and architectre to reverse engineering malware and advanced smartphone forensics
More informationCourse 831 EC-Council Certified Ethical Hacker v10 (CEH)
Course 831 EC-Council Certified Ethical Hacker v10 (CEH) Duration: 5 days What You Get: CEH v10 Certification exam voucher 5 days of high quality classroom training 18 comprehensive modules 40% of class
More information2018 Cyber Mission Training Course Catalog
2018 Cyber Mission Training Catalog 7740 Milestone Parkway, Suite 150 Hanover, Maryland 21076 2018 copyrighted by the KeyW Corp. All rights reserved. KeyWCorp.com/cyber-mission-training TABLE OF CONTENTS
More informationLunarline s School of Cyber Security Course Catalog
Lunarline s School of Cyber Security Course Catalog 3300 N Fairfax Drive, Suite #308, Arlington, Virginia 22201 Phone: 571.481.9300 Fax: 202.315.3003 www.schoolofcybersecurity.com Table of Contents RISK
More informationPenetration testing.
Penetration testing Penetration testing is a globally recognized security measure that can help provide assurances that a company s critical business infrastructure is protected from internal or external
More informationGEORGIA CYBERSECURITY WORKFORCE ACADEMY. NASCIO 2018 State IT Recognition Awards
GEORGIA CYBERSECURITY WORKFORCE ACADEMY NASCIO 2018 State IT Recognition Awards Title: Georgia Cybersecurity Workforce Academy Category: Cybersecurity State: Georgia Contact: Stanton Gatewood Stan.Gatewood@gta.ga.gov
More informationCYBERSECURITY: Scholarship and Job Opportunities
CYBERSECURITY: Scholarship and Job Opportunities Malware Invasion in Cyberspace Blackhole Malware Exploit Kit (2012) Shamoon Virus (2012) Stuxnet Worm (2010) Operation Aurora (2009) and many others Job
More informationIntroducing Maryville University s CYBER SECURITY ONLINE PROGRAMS. Bachelor of Science in Cyber Security & Master of Science in Cyber Security
Introducing Maryville University s CYBER SECURITY ONLINE PROGRAMS Bachelor of Science in Cyber Security & Master of Science in Cyber Security The cyber security industry is calling for more experts. And
More informationQuali&es of an Effec&ve CISO
Quali&es of an Effec&ve CISO Miguel (Mike) O. Villegas CISA, CISSP, GSEC, CEH, PCI QSA, PA-QSA Vice President- K3DES LLC mike.villegas@k3des.com November 13, 2015 1 Abstract Hiring a Chief Informa?on Security
More informationLONDON SUMMER 2016 SAT 9 SAT 16 JULY, 2016 #SANSLONDON. 14 SANS COURSES SEC566 Implementing and Auditing the Critical Security Controls- In Depth
THE WORLD S LARGEST & MOST TRUSTED PROVIDER OF CYBER URITY TRAINING LONDON SUMMER 201 SAT 9 SAT 1 JULY, 201 #SANSLONDON 401 Security Essentials Bootcamp Style 03 Intrusion Detection In-Depth 0 Securing
More informationEC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led
EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led Certification: Certified Network Defender Exam: 312-38 Course Description This course is a vendor-neutral, hands-on,
More informationInformation Systems and Tech (IST)
Information Systems and Tech (IST) 1 Information Systems and Tech (IST) Courses IST 101. Introduction to Information Technology. 4 Introduction to information technology concepts and skills. Survey of
More informationMarket Drivers. About Clear Skies Security. Our Business Strategy
Market Drivers About Clear Skies Security Our Business Strategy Con9nual growth in crime, espionage, fraud, malicious threats o Cyber criminals are now focused on financial gain Most successful aaacks
More informationA Passage to Penetration Testing!
A Passage to Penetration Testing! EC-Council Cyber Research This paper is from EC-Council s site. Reposting is not permitted without express written permission. What Is Penetration Testing? A penetration
More informationCompTIA Security+ Pre-approved Training for CompTIA Security+ Continuing Education Units (CEUs)
CompTIA Security+ Pre-approved Training for CompTIA Security+ Continuing Education Units (CEUs) Note: Approved training courses in this document are subject to change without prior notification. Training
More informationEC-Council - EC-Council Certified Security Analyst (ECSA) v8
EC-Council - EC-Council Certified Security Analyst (ECSA) v8 Code: 3402 Lengt h: URL: 5 days View Online The EC-Council Certified Security Analyst (ECSA) program teaches information security professionals
More informationCybersecurity Education for Enterprise Cloud Services
Cybersecurity Education for Enterprise Cloud Services Casimer DeCusatis, Ph.D. The New York State Cloud Computing & Analytics Center at Marist College Poughkeepsie, NY (casimer.decusatis@marist..edu @Dr_Casimer
More informationCyber Security Summit 2014 USCENTCOM Cybersecurity Cooperation
Cyber Security Summit 2014 USCENTCOM Cybersecurity Cooperation COL Michael R. Corpening Deputy Chief, Operations Division (CCJ6-O) 1 December 2014 The overall classification of this brief is UNCLASSIFIED
More informationCurriculum Vitae Detective Paul A. Lindvay #5497 Arizona Department of Public Safety Computer Forensics Unit
Computer Forensics Training (1005 Hours) Cybercop 315 Windows Artifacts Attended: May 2014 (32 hours) in Phoenix, AZ Advanced Computer Forensic Analysis and Incident Response Attended: February 2014 (36
More informationIndustrial Control Systems November 18, 2015
Industrial Control Systems November 18, 2015 ABOUT SANS - TRAINING SANS provides intensive, hands-on, immersion training Highest quality 70+ courses covering basic security skills to cutting edge topics
More informationCyber Security: It s all about TRUST
www.pwc.com/vn Cyber Security: It s all about TRUST 29 th March 2017 Robert Tran Cybersecurity leader, Vietnam Content s Digital IQ Survey 1 Current state of Cybersecurity in Vietnam 2 2 Our global team
More informationStrengthening the Cybersecurity of Federal Networks and Critical Infrastructure
Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure Executive Order 13800 Update July 2017 In Brief On May 11, 2017, President Trump issued Executive Order 13800, Strengthening
More informationINFORMATION SECURITY TRAINING
The most trusted source for information security training, certification, and research INFORMATION SECURITY TRAINING Winter/Spring 2018 Course Catalog 200+ Live events globally, plus multiple online options
More informationBRING EXPERT TRAINING TO YOUR WORKPLACE.
BRING EXPERT TRAINING TO YOUR WORKPLACE. ISACA s globally respected training and certification programs inspire confidence that enables innovation in the workplace. ISACA s On-Site Training brings a unique
More information