Wolfpack Cyber Academy Training Catalogue

Transcription

1 Wolfpack Cyber Academy Training Catalogue IT GOVERNANCE I INFORMATION RISK I CYBERSECURITY I PRIVACY I FOUNDATION I INTERMEDIATE I ADVANCED 2017 WOLF PACK

2 Contents About Wolfpack Information Risk 3 Proposed Approach 3 Security Baseline Training 5 CompTIA Security+ 7 CompTIA CASP Certified Cyber Security First Responder 10 CISM (Certified Information Security Manager) 13 COBIT 5 Foundation 15 About Wolfpack Information Risk: Wolfpack Information Risk assists clients in managing their IT Governance, Information, Cyber security and Privacy programmes more efficiently. We help to predict the Cyber threats that affect particular industries. Wolfpack offers a range of assessments to determine where organisations have gaps in their people, process and technology areas. Our specialist staff utilise the latest research, threat intelligence, high-impact training, awareness, monitoring and advisory solutions, to address these gaps. We have a strong sense of community and a genuine interest in making a difference in the fight against cybercrime. With this aim in mind, we strive to drive strategic collaborative initiatives on the African continent. ISO Foundation 17 ISO Lead Implementer 1 ISO Lead Auditor 20 ISO 221 BCM Foundation 23 ISO 221 BCM Lead Implementer 24 ISO 221 BCM Lead Auditor 26 ISO Risk Foundation 29 ISO Risk Manager ISO Risk Assessment Techniques 32 ISO IT Risk Foundation 34 ISO IT Risk Manager 35 MONITOR TRAINING & AWARENESS THREAT & VULNERABILITY MANAGEMENT INFORMATION RISK ASSESSMENT & CYBER RISK ANALYSIS THREAT INTELLIGENCE REMEDIATION, SIMULATED ATTACKS & INCIDENT RESPONSE ADVISORY ASSESS ISO Lead Incident Response 37 PECB Certified Lead Pen Test Professional 39 Graduate Development IMPROVE PECB Certified Lead Privacy Implementer 40 2 Wolfpack Cyber Academy Wolfpack Cyber Academy 3

3 Wolfpack Cyber Academy Pricing Schedule 2017 Duration Price (ex Vat) Exams 2 Days Wolfpack Security Baseline Training R Days CompTIA Security+ R R Days CompTIA CASP R R Days Certified Cyber Security First Responder R $ 0.00 Security Baseline Training The purpose of the Wolfpack Cyber Academy Security Baseline Training is to provide students with a clear understanding of different security domains. Domains covered in this course are based on a consolidation of information and cyber security areas, derived from the Certified Information Systems Security Professional (CISSP) and the International Organisation for Standards (ISO) 27001/2:2013 domains. 4 Days CISM Exam Prep R $ Days COBIT 5 Foundation R R Days ISO Foundation R Days ISO Lead Implementer R days R Days ISO Lead Auditor R Days ISO 221 BCM Foundation R Days ISO 221 BCM Lead Implementer R Days ISO 221 BCM Lead Auditor R Days ISO Risk Foundation R Days ISO Risk Manager R Days ISO IT Risk Foundation R Days ISO IT Risk Manager R Days ISO Lead Incident Response R Days PECB Lead Pen Test Professional R Days PECB Certified Lead Privacy Implementer R Format This is a paper based course. No hardware and software will be required during the course. Modules Cyber Security Governance and Risk Management. Legal Regulations and Compliance. Incident Management, Business Continuity and Disaster Recovery Planning. Asset Management. Human Resource and Supplier Security. Physical (Environmental) Security. Security Architecture and Design. Access Control. Operations Security. Cryptography. Software Development and Application Software Security. Telecommunications and Network Security. 4 Wolfpack Cyber Academy Wolfpack Cyber Academy 5

4 CompTIA Security + CompTIA CASP CompTIA Security + The CompTIA Security+ Certification is a vendor neutral credential. The CompTIA Security+ exam is an internationally recognised validation of foundation level security skills and knowledge. Organisations and security professionals around the globe make use of it. 5 days R of exam: The CompTIA Security+ exam certifies that the successful candidate has obtained the required knowledge and skills in order to identify risks and participate in risk mitigation activities, as well as provide infrastructure, application, information and operational security. In addition, the successful candidate will apply security controls to maintain confidentiality, integrity, and availability, identify appropriate technologies and products, troubleshoot security events and incidents, and operate with an awareness of applicable policies, laws, and regulations. The CompTIA Security+ exam is an internationally recognised validation of foundation-level security skills and knowledge. IT Security Professionals with: A minimum of 2 years experience in IT Administration with a focus on security. Day to day technical information security experience. Broad knowledge of security concerns and implementation. Network Security. Compliance and Operational Security. Threats and Vulnerabilities. Application, Data and Host Security. Access Control and Identity Management. Cryptography. 6 Wolfpack Cyber Academy Wolfpack Cyber Academy 7

5 CompTIA CASP The CASP exam is an internationally targeted validation of advanced-level security skills and knowledge. While there is no required prerequisite, the CASP certification is intended to follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus at the enterprise level. Certified Cybersecurity First Responder 5 days R of exam: Successful candidates will gain the technical knowledge and skills required to conceptualise, engineer, integrate and implement secure solutions across complex environments. Candidates will apply critical thinking and judgment across a broad spectrum of security disciplines, propose and implement sustainable security solutions, map organisational strategies, translate business needs into security requirements, analyse risk impact and respond to security incidents. The CompTIA Advanced Security Practitioner (CASP) Certification is a vendorneutral credential. The CASP exam is an internationally targeted validation of advanced-level security skills and knowledge. IT Security Professionals who have: A minimum of 10 years of experience in IT administration. At least 5 years of hands-on technical security experience. Enterprise Security. Risk Management. Incident Response. Research and Analysis. Integration of Computing, Communications and Business Disciplines. Technical Integration of Enterprise Components. Wolfpack Cyber Academy Wolfpack Cyber Academy 9

6 Cyber Security First Responder Exam Specifications Certified Cyber Security First Responder introduces the strategies, frameworks, methodologies and tools, which are used to manage cybersecurity risks and identify various types of common threats. Delegates will learn to design and operate secure computing and networking environments, assess and audit the organisation s security, collect and analyse cybersecurity intelligence and handle incidents as they occur. The course also covers closely related information assurance topics, such as auditing and forensics in order to provide a sound basis for a comprehensive security based approach, aimed toward those on the front lines of defense Number if items: 126 Duration: 10 minutes Exam options: Online or in Person (Castle Worldwide) Item Formats: Multiple Choice / Multiple Response / True-False Prerequisites 5 days R of exam: $ 0 Two years work experience in computer network security technology or related field. Domains Assessing Information % of Examination Security Risk. Creating an Information Assurance Life cycle Process. Analysing Threats to Computing and Network Environments. Designing Secure Computing and Network Environments. Operating Secure Computing and Network Environments. Assessing the Security Posture Within a Risk Management Framework. Collecting Cybersecurity Intelligence Information. Analysing Cybersecurity Intelligence Information. Responding to Cybersecurity Incidents. Investigating Cybersecurity Incidents. Auditing Secure Computing and Network Environments. Cybersecurity Practitioners. Students preparing for the CyberSec First Responder: Threat Detection and Response (Exam CFR-101) certification examination. Students who are looking to fulfill DoD directive for information assurance (IA) training. Personnel performing IA functions, establishing IA policies and implementing security measures and procedures for the Department of Defence and affiliated information systems and networks. The ability to recognise information security vulnerabilities and threats in the context of risk management. Operate some of the common operating systems relevant to a computing environment at a foundation level. Primary knowledge of the concepts and operational framework relating to common assurance safeguards in computing environments. Operate some of the basic network environment concepts, such as routing and switching, at foundation level. Elemental knowledge of the concepts and operational framework relating to common assurance safeguards in network environments. You can obtain this level of skills and knowledge by taking the following Logical Operations courses CompTIA A+ : A Comprehensive Approach (Exams and ) CompTIA Network+ (Exam N10-005) CompTIA Security+ (Exam SY0-401) -specific Technical Requirements Assessing Information Security Risks. Creating an Information Assurance Life cycle Process. Analysing Threats to Computing and Network Environments. Designing Secure Computing and Network Environments. Operating Secure Computing and Network Environments. Assessing the Security Posture within a Risk Management Framework. Collecting Cybersecurity Intelligence Information. Analysing Cybersecurity Intelligence Information. Responding to Cybersecurity Incidents. Investigating Cybersecurity Incidents. Auditing Secure Computing and Network Environment. 10 Wolfpack Cyber Academy Wolfpack Cyber Academy 11

7 CISM (Certified Information Security Manager) CISM Around the world, the demand for skilled information security management professionals is on the rise. CISM certification is the globally accepted standard of achievement in this area. This uniquely management-focused CISM certification ensures holders understand business, and know how to manage and adapt technology to their enterprise and industry. Since 2002, thousands of professionals worldwide have earned the industry-leading CISM to affirm both their high level of technical competence and qualifications for top-caliber leadership and management roles. 4 days R of exam: $ Outline Demonstrates your understanding of the relationship between an information security program and broader business goals and objectives. Distinguishes you as having not only information security expertise, but also knowledge and experience in the development and management of an information security program. Establishes you in an elite peer network. Is considered essential to ongoing education, career progression and value delivery to enterprises. ISACA certifications are globally accepted and recognised. Designed specifically for Information Security Professionals who are preparing to sit for the CISM exam, the course focuses on the four content areas of the Certified Information Security Manager (CISM) job practice: Information Security Governance. Risk Management and Compliance. Information Security Program Development and Management. Information Security Incident Management. Information Security Managers. Aspiring Information Security Managers. IS/IT Consultants. Chief Information Officers. 12 Wolfpack Cyber Academy Wolfpack Cyber Academy 13

8 COBIT 5 Foundation Cobit 5 Foundation This course exposes attendees to the integration of COBIT 5 with the KING III Code of Governance and other Best Practices, more specifically ISO 3500, ISO and ISO 20000/ ITIL. Cobit 5 Foundation forms a maturity model which will provide a wealth of insight and understanding on practical issues of IT Governance. The course on this page is offered by RMS Africa, an Affiliate of Quint Wellington Redwood, an Accredited Training Organisation of The APM Group Ltd. 3 days R of exam: R At the conclusion of the course the attendees will understand: The major drivers for the development of a framework. The business benefits of using COBIT 5. The COBIT 5 architecture. The IT management issues and challenges that affect enterprises. The 5 key principles of COBIT 5 for the governance and management of Enterprise IT. How COBIT 5 enables IT to be governed and managed in a holistic manner for the entire enterprise. The key concepts in a Process Capability Assessment. This is a paper based course. No hardware or software is required. The exam is written on the 3rd day and is included in the course price. The key features of COBIT 5. COBIT 5 Principles. COBIT 5 Enablers. Introduction to COBIT 5 Implementation. Chief Information Officers. Heads of Regulatory Compliance. Chief Technology Officers. Heads of Service Management. Chief Information Operational Security Officers. Managers. Information Aspiring Security Information Managers Security Risk Managers. and Compliance Officers. IT/Internal IS/IT Consultants. Auditors. IT Directors/Managers. Chief Information Officers. Business Continuity Managers. Heads of IT Governance. IT Consultants. Heads of Risk Management. 14 Wolfpack Cyber Academy Wolfpack Cyber Academy 15

9 PECB IS Foundation PECB ISO Lead Implementer PECB ISO Lead Auditor ISO Foundation This course enables the participants to learn about the best practices for implementing and managing an Information Security Management System (ISMS) as specified in ISO/IEC 27001, as well as the best practices for implementing the Information Security controls of the domains of the ISO/IEC days R of exam: $ 120 Understand the implementation of an Information Security Management System in accordance with ISO/IEC Understand the relationship between an Information Security Management System, including risk management, controls and compliance with the requirements of different stakeholders of the organisation. Know the concepts, approaches, standards, methods and techniques allowing to effectively manage an Information Security Management System. Acquire the necessary Knowledge to contribute in implementing an Information Security. Management System (ISMS) as specified in ISO/IEC This is a paper based course. Certification fees are included in the exam price. Fundamental Principles and Concepts of Information Security. Information Security Management System (ISMS). Members of an information security team. IT Professionals who would like to gain a comprehensive knowledge of the main processes of an Information Security Management System (ISMS). Staff involved in the implementation of the ISO/IEC standard. Technicians involved in operations related to an ISMS. Auditors. CxO and Senior Managers responsible for the IT governance and risk management of an enterprise. 16 Wolfpack Cyber Academy Wolfpack Cyber Academy 17

10 ISO Lead Implementer ISO Lead Implementer This five-day intensive course enables participants to develop the necessary expertise to support an organisation in implementing and managing an Information Security Management System (ISMS) based on ISO/IEC 27001:2013. Participants will gain a thorough understanding of best practices used to implement information security controls from all areas of ISO/IEC This training is consistent with the project management practices established in ISO This training is also fully compatible with ISO/IEC (Guidelines for the Implementation of an ISMS), ISO/IEC (Measurement of Information Security) and ISO/IEC (Risk Management in Information Security). 5 days R of exam: Understand the implementation of an Information Security Management System in accordance with ISO/IEC Gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques required for the effective management of an Information Security Management System. Understand the relationship between the components of an Information Security Management System, including risk management, controls and compliance with the requirements of different stakeholders of the organisation. Acquire the necessary expertise to support an organisation in implementing, managing and maintaining an ISMS as specified in ISO/IEC Receive the necessary expertise to manage a team implementing ISO/IEC Develop the knowledge and skills required to advise organisation s on best practices in the management of information security. Improve the capacity for analysis and decision making in the context of information security management. Exam Duration: 10 minutes Certification Fees included in exam price This is a paper based course. Project Managers or Consultants wanting to prepare and to support an organisation in the implementation of an Information Security Management System (ISMS). ISO/IEC Auditors who wish to fully understand the Information Security Management System implementation process. CxO and Senior Managers responsible for the IT governance and risk management of an enterprise and the management of its risks. Members of an Information Security team. Expert Advisors in information technology. Technical Experts who would like to prepare for an information security function or for an ISMS project management function. Certification fees are included in the exam price. The PECB Certified ISO/IEC Lead Implementer exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competence domains: Fundamental Principles and Concepts of Information Security. Information Security Control best practice based on ISO Planning an ISMS based on ISO/ IEC Implementing an ISMS based on ISO/IEC Performance Evaluation, Monitoring and Measurement of an ISMS based on ISO/IEC Continual Improvement of an ISMS based on ISO/IEC Preparing for an ISMS certification audit A certificate related to the selected credential, will be issued to participants who successfully pass the exam and comply with all the other requirements. 1 Wolfpack Cyber Academy Wolfpack Cyber Academy 19

11 ISO Lead Auditor ISO Lead Auditor This five-day intensive course enables participants to develop the necessary expertise to audit an Information Security Management System (ISMS), as well as to manage a team of auditors by applying widely recognised audit principles, procedures and techniques. During this training, the participant will acquire the necessary knowledge and skills to proficiently plan and perform internal and external audits in compliance with ISO Based on practical exercises, the participant will develop the skills (mastering audit techniques) and competencies (managing audit teams and audit program, communicating with customers, conflict resolution, etc.) necessary to efficiently conduct an audit. 5 days R of exam: Acquire the expertise to perform an ISO/IEC internal audit following ISO guidelines. Gain the expertise to perform an ISO/IEC certification audit following ISO guidelines and the specifications of ISO and ISO Receive the necessary expertise to manage an ISMS audit team. Understand the operation of an ISO/IEC conformant information security management. Understand the relationship between an Information Security Management System, including risk management, controls and compliance with the requirements of different stakeholders of the organisation. Improve the ability to analyse the internal and external environment of an organisation, its risk assessment and audit decision-making. Certification fees are included in the exam price. The PECB Certified ISO/IEC Lead Auditor exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competence domains: Fundamental Principles and Concepts of Information Security. Information Security Management System (ISMS). Fundamental Audit Concepts and Principles. Preparation of an ISO/IEC audit. Conducting an audit. Closing an ISO/IEC audit. Managing an ISO/IEC audit program. A certificate will be issued to participants who successfully pass the exam and comply with all the other requirements related to the selected credential. After successfully completing the exam, participants can apply for the credentials of PECB Certified ISO/IEC Provisional Auditor, PECB Certified ISO/IEC Auditor or PECB Certified ISO/IEC Lead Auditor depending on their level of experience. Those credentials are available for internal and external auditors. Exam Duration: 10 minutes Certification Fees included in exam price. This is a paper based course. Internal Auditors. Auditors who would like to perform and lead Information Security Management System (ISMS) certification audits. Project Managers or consultants who want to master the Information Security Management System audit process. CxO and Senior Managers responsible for the IT governance of an enterprise and the management of its risks. Members of an Information security team. Expert Advisors in information technology. Technical Experts who would like to prepare for an Information security audit. 20 Wolfpack Cyber Academy Wolfpack Cyber Academy 21

12 PECB ISO 221 BCM Foundation PECB ISO 221 BCM Lead Implementer PECB ISO 221 BCM Lead Auditor ISO 221 BCM Foundation This course enables participants to learn about the best practices for implementing and managing a Business Continuity Management System (BCMS) as specified in ISO 221:2010, as well as the best practices for implementing the business continuity processes based on the ISO/PAS This training is fully compatible with BS (Business continuity management specification) and ISO (Guidelines for information and communication technology readiness for business continuity). 2 days R of exam: Understand the implementation of a Business Continuity Management System in accordance with ISO 221, ISO or BS Discern the relationship between a Business Continuity Management System and the requirements of different stakeholders within the organisation. This includes risk management, controls and compliance. Know the concepts, approaches, standards, methods and techniques allowing to effectively manage a Business Continuity Management System. Acquire the necessary expertise to contribute in implementing a Business Continuity Management System (BCMS) as specified in ISO221, ISO or BS Members of a business continuity team. IT Professionals who desire to gain a comprehensive knowledge of the main processes of a Business Continuity Management System (BCMS). Staff involved in the implementation of the ISO 221 standard. Technicians involved in operations related to a BCMS. Fundamental Principles and Concepts of Business Continuity. Business Continuity Management System (BCMS). This is a paper based course. 22 Wolfpack Cyber Academy Wolfpack Cyber Academy 23

13 ISO 221 BCM Lead Implementer ISO 221 BCM Lead Implementer This five-day intensive course enables participants to develop the necessary expertise to support an organisation in implementing and managing a Business Continuity Management System (BCMS) based on ISO 221:2010. Participants will also gain a thorough understanding of best practices used to implement business continuity processes from the ISO This training is consistent with the project management practices established in ISO (Quality Management Systems - Guidelines for Quality Management in Projects). It is fully compatible with BS (Business continuity management specification) and ISO (Guidelines for information and communication technology readiness for business continuity). 5 days R Understand the implementation of a Business Continuity Management System (BCMS) in accordance with ISO 221, ISO or BS Gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques required for the effective management of a Business Continuity Management System. Grasp the relationship between the components of a Business Continuity Management System and the compliance with the requirements of different stakeholders within the organisation. of exam: Acquire the necessary expertise to manage a team, through implementing ISO221 or BS Develop the knowledge and skills required to advise organisations on best practices in the management of business continuity. Improve the capacity for analysis and decision making in the context of business continuity management. Obtain the necessary expertise to support an organisation in implementing, managing and maintaining a BCMS as specified in ISO221 or BS Certification fees are included in the exam price. The exam covers the following competence domains: Fundamental principles and concepts of business continuity. Business continuity Control Best Practice. Planning a BCMS based on ISO 221 Implementing a BCMS based on ISO 221. Performance evaluation, monitoring and measurement of a BCMS based on ISO 221. Continual improvement of a BCMS based on ISO 221. Preparing for a BCMS certification audit. Additional Information: This is a paper based course. No additional hardware or software will be required. The duration of the exam is three hours. For more information about exam, refer to PECB section on ISO 221 Lead Implementer Exam. A certificate will be issued to participants who successfully pass the exam and comply with all the other requirements related to the selected credential. Exam Duration: 10 minutes Certification Fees included in exam price This is a paper based course. Project Managers or Consultants who would like to prepare and to support an organisation in the implementation of a Business Continuity Management System (BCMS). Business Continuity Auditors who wish to fully understand the implementation of a Business Continuity Management System. Individuals responsible for the business continuity conformity in an organisation. Members of a business continuity team. Expert Advisors in business continuity. Members of an organisation who are preparing for a business continuity function or for a BCMS project management function. 24 Wolfpack Cyber Academy Wolfpack Cyber Academy 25

14 ISO 221 BCM Lead Auditor ISO 221 BCM Lead Auditor This five-day intensive course enables participants to develop the necessary expertise to audit a Business Continuity Management System (BCMS) and to manage a team of auditors by applying widely recognised audit principles, procedures and techniques. During this training, the participant will acquire the necessary knowledge and skills to proficiently plan and perform internal and external audits in compliance with ISO the certification process according to Based on practical exercises, the participant will develop the skills and competencies necessary to efficiently conduct an audit. The skill set includes mastering audit techniques, managing audit teams and -programs, communicating with customers and conflict resolution. This training is compatible with BS audit (Business continuity management specification) and ISO (Guidelines for information and communication technology readiness for business continuity). 5 days R Gain the prowess to perform an ISO 221 or BS internal audit following ISO guidelines. Acquire the expertise to perform an ISO 221 or BS certification audit following ISO guidelines and the specifications of ISO Receive the expert skills necessary to manage a BCMS audit team. Understand the operation of the Business Continuity Management System in accordance with ISO221, ISO or BS of exam: Grasp the relationship between a Business Continuity Management System and the requirements of different stakeholders within the organisation. This includes risk management, compliance and controls. Improve the ability to analyse the internal and external environment of an organisation, risk assessment and audit decision-making in the context of a BCMS. Certification fees are included in the exam price. The exam covers the following competence domains: Fundamental Principles and Concepts of Business Continuity. Business Continuity Management System (BCMS). Fundamental Audit Concepts and Principles. Preparation of an ISO 221 audit. Conducting of an ISO 221 audit. Closing an ISO 221 audit. Managing an ISO 221 Audit Program. Additional Information The duration of the exam is 3 hours. This is a paper based course and no additional hardware or software is required. For more information about the exam, refer to PECB section on ISO 221 Lead Auditor Exam. A certificate will be issued to participants who successfully pass the exam and comply with all the other requirements related to the selected credential. Exam Duration: 10 minutes Certification Fees included in exam price This is a paper based course. Internal Auditors. Auditors who would like to perform and lead Business Continuity Management System (BCMS) certification audits. Project Managers or Consultants who desire to master the Business Continuity Management System audit process. Individuals responsible for the Business continuity conformity in an organisation. Members of a business continuity team. Expert Advisors in information technology. Technical Experts preparing for a Business continuity audit function. 26 Wolfpack Cyber Academy Wolfpack Cyber Academy 27

15 PECB ISO Risk Foundation PECB ISO Risk Manager ISO ISO Risk Risk Foundation Foundation This course enables participants to learn about the best practices in Risk Management as specified in ISO The participant will learn the essential concepts and processes that are considered most effective in risk management. This training will help participants understand an optimal risk assessment and manage risks promptly, through familiarising themselves with their life cycle. 2 days R of exam: Successful delegates will gain the following skill set: Understand Risk Management in accordance with ISO Grasp the relationship between the components of Risk Management and the compliance with the requirements of different stakeholders of an organisation. Know the concepts, approaches, standards, methods and techniques allowing to effectively manage risk. Acquire the necessary knowledge to contribute in managing risk as specified in ISO Delegates will complete a certification exam. Members of a Risk Management Team. Risk Managers. Project Managers. Professionals who would like to gain a comprehensive knowledge of the main concepts and processes in Risk Management. Auditors. Format This is a paper based course. No additional hardware or software will be required. 2 Wolfpack Cyber Academy Wolfpack Cyber Academy 29

16 ISO Risk Manager PECB ISO Risk Assessment Techniques In this two-day intensive course participants develop the competence to master a model for implementing risk management processes throughout their organisation, using the ISO 31000:2009 standard as a reference framework. Based on practical exercises, participants acquire the necessary knowledge and skills to perform an optimal risk assessment and manage risks in time by being familiar with their life cycle. During this training, we will present the ISO general risk management standard, the process model it recommends, and how companies may use the standard. This training is also fully compatible with IEC/ISO which supports ISO by providing guidance for risk assessment. 2 days R of exam: Discern the concepts, approaches, methods, tools and techniques which allow effective risk management according to ISO and IEC/ISO Understand the relationship between risk management and compliance with the requirements of different stakeholders of an organisation. Acquire the competence to implement, maintain and manage an ongoing risk management program according to ISO Gain the competence to effectively advise organisations on the best practices in risk management. This is a paper based course. No additional hardware or software will be required. Risk and Business Risk managers. Business Process Owners. Business Finance Managers. Regulatory Compliance Managers. Project Management. Individuals responsible for information security or conformity within an organisation. Fundamental Principles and Concepts in Risk Management. Risk Management, Assessment and Treatment Program. Risk Communication, Monitoring and Improvement. Wolfpack Cyber Academy Wolfpack Cyber Academy 31

17 ISO Risk Assessment Techniques Risk Management is return on investment. Organisations of all types and sizes face a range of risks that may affect the achievement of their objectives. The ISO/IEC Standard is a supporting standard for ISO Risk Management. It provides guidance on the selection and application of systematic techniques for Risk Assessment. In an intensive two-days course, participants will learn about 31 techniques in Risk Assessment such as: Checklists, Delphi-technique, SWIFT (structured what-if technique), Root Cause Analysis (RCA), Business Impact Analysis (BIA), FMEA and FMECA, HAZOP, HACCP, Layers of Protection Analysis (LOPA), Bow Tie Analysis, Markov, Monte-Carlo and Bayesian Analysis. The course combines all these techniques. It aims at demystifying the complexity of the various techniques that can be used by private and public organizations of any size, industry and sector. PECB ISO IT Risk Foundation PECB ISO IT Risk Manager 2 days R of exam: Understand the concepts, approaches, methods, tools and techniques, which allow for effective risk management according to ISO 31000and IEC/ISO Grasp the relationship between risk management and compliance with the requirements of different stakeholders within an organization. Gain the competence to implement, maintain and manage an ongoing risk management program according to ISO Acquire the acumen to effectively advise organizations on the best practices in risk management. This course is a must for Professionals in the field of Risk Assessment and valuable for everyone involved in decision-making. Information Certification fees are included in the exam price. A certificate will be issued to participants who successfully pass the exam and comply with all the other requirements related to the selected credential. This is a paper based course and no hardware or software is required. 32 Wolfpack Cyber Academy Wolfpack Cyber Academy 33

18 ISO IT Risk Foundation ISO IT Risk Manager This course enables participants to learn about the best practices in risk management based on ISO/IEC 27005, as well as understanding how different parts of a risk management program and the implementation stages of an optimal risk assessment are synchronised. This two-day intensive course develops the competence to master the basic risk management elements related to all assets of relevance for information security using the ISO/IEC 27005:2011 standard as a reference framework. Based on practical exercises and case studies, participants acquire the necessary knowledge and skills to perform an optimal information security risk assessment and manage risks promptly, by being familiar with their life cycle. During this training, we will also present other risk assessment methods such as OCTAVE, EBIOS, MEHARI and Harmonized TRA. 2 days R of exam: 2 days R of exam: Understand risk management approaches in accordance with ISO/IEC Know the concepts, approaches, standards, methods and techniques, which allow for effective risk management (based on ISO/IEC 27005). Additional information Certification fees are included in the exam price. This is a paper based course. No additional hardware or software is required. A certificate of PECB Certified ISO/IEC Foundation will be issued to participants who successfully passed the exam and comply with all the other requirements related to this credential. Members of an Information Security Team. IT Professionals who would like to gain a comprehensive knowledge of Risk Management within an organisation. Staff involved in the implementation of the ISO/IEC standard. CxO and Senior Managers responsible for the IT governance of an enterprise and the management of its risks. Fundamental Principles and Concepts of Risk Management in Information Security. Information Security Risk Management methods. The exam duration is one hour. Understand the concepts, approaches, methods and techniques, which allow for effective risk management according to ISO/ IEC Interpret the requirements of ISO/IEC on information security risk management. Discern the relationship between the information security risk management, the security controls. and the compliance with the requirements of different stakeholders of an organisation. Acquire the competence to implement, maintain and manage an ongoing information security risk management program according to ISO/IEC Gain the competence to effectively advise organisations on the best practices in information security risk management. Risk Managers. Members of the information security team. Individuals responsible for Information Security or Conformity within an organisation. Staff implementing or seeking to comply with ISO/IEC or involved in a Risk Management Program. IT Consultants. Format This is a paper based course. No additional hardware or software will be required. 34 Wolfpack Cyber Academy Wolfpack Cyber Academy 35

19 PECB ISO Lead Incident Response ISO Lead Incident Response In this five-day intensive course participants develop the competence to master an implementation model for an incident management process throughout their organisation, using the ISO/IEC standard as a reference framework. Based on practical exercises, participants acquire the necessary knowledge and skills to manage information security incidents in time by being familiar with their life cycle. During this training, we will present the ISO/IEC information security incident management standard, a process model for designing and developing an organisational incident management process, as well as how companies may apply the standard. This training is also fully compatible with ISO/ IEC which supports ISO by providing guidance for incident management. 5 days R of exam: Grasp the concepts, approaches, methods, tools and techniques, which allow for effective information security incident management, according to ISO/IEC Understand, interpret and provide guidance on how to implement and manage incident management processes based on best practices of ISO/IEC and other relevant standards. Gain the proficiency to implement, maintain and manage an ongoing information security incident management program according to ISO/IEC Acquire the competence to effectively advise organisations on the best practices in information security management. Incident Managers. Business Process Owners. Information Security Risk Managers. Regulatory Compliance Managers. Members of Incident Response Team. Persons responsible for information security or conformity within an organisation. Additional Information Exam and certification fees are included in the training price. This is a paper based course. The exam duration is three hours. 36 Wolfpack Cyber Academy Wolfpack Cyber Academy 37

20 PECB Certified Lead Pen Test Professional PECB Certified Lead Pen Test Professional This five-day intensive course enables participants to develop the necessary expertise to lead a professional penetration test using a mix of practical techniques and management skills. The course has been designed by Industry experts with in-depth experience in the Penetration Testing fields. Unlike other certifications, this course focuses specifically on the knowledge and skills needed by a professional looking to lead or take part in a penetration test. We drill down into the latest technical knowledge, tools and techniques in key areas including Infrastructure, Web Application and Mobile security, as well as Social Engineering. In addition, the course focuses on how to practically apply what has been learned during current day-to-day penetration testing. 5 days R of exam: Be able to interpret and illustrate the main Penetration Testing Concepts and Principles. Understand the core technical knowledge needed to organize and carry out an effective set of tests. Learn how to effectively plan a penetration test and identify a scope which is suitable and risk appropriate. Master the practical hands on skills, as well as the relevant tools and techniques in order to conduct penetration testing effectively. Effectively manage the time and resources needed to scale a specific Penetration Test. Security Professionals who need to gain formal Penetration Testing skills. IT Staff enhancing their technical skills and knowledge. Auditors who would like to understand the Penetration Testing processes. IT and Risk Managers seeking a more detailed understanding of the appropriate and beneficial use of Penetration Tests. Incident Handlers and Business Continuity Professionals exploring the use of testing as part of their regimes. 3 Wolfpack Cyber Academy Wolfpack Cyber Academy 39

21 PECB Certified Lead Privacy Implementer PECB Lead Privacy Implementer This five-day intensive course enables participants to develop the necessary expertise to support an organization in implementing and managing a Privacy Framework based on ISO Participants will gain a thorough understanding of how to design, build and lead organizations privacy programs covering business processes, ICT systems and services, through the use of best practices. The training provides a privacy framework which specifies a common privacy terminology, defines the actors and their roles in processing personally identifiable information (PII), describes privacy safeguarding considerations and provides references to known privacy principles for information technology. Based on this knowledge delegates will have the skills to build privacy frameworks that allow their organisation to maintain compliance to the many privacy directives and laws worldwide. 5 days R of exam: Understand the core competences on the Privacy Framework. Gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques required for the effective protection of personally identifiable information (PII). Define privacy safeguarding requirements related to PII. Understand the relationship between the components of Privacy Framework with existing security standards and various applicable laws. Acquire the necessary expertise in privacy governance and risk management compliance. Project Managers or Consultants. Security Auditors who would like to understand the privacy framework implementation processes. Experienced IT Security Manager professionals. Privacy Officers, Data Protection Officers and Compliance Professionals. Security Professionals with frontline experience. Information Security staff. Expert Advisors in Information technology. Legal Practitioners who would like to gain a deeper understanding. 40 Wolfpack Cyber Academy Wolfpack Cyber Academy 41

22 BE STRONG ENOUGH TO STAND ALONE BUT BE WISE ENOUGH TO STAND TOGETHER WHEN THE TIME COMES PROTECTION IN THE PACK