Course Information
Cybersecurity Audit School
Parking for SAO, Professional Development courses is in Garage B (1511 San Jacinto Blvd.). The Garage signage may read 1511 San Jacinto or Garage B. The elevator in Garage B is not reliable. If you are unable to walk the stairs, please contact the professionaldevelopment@sao.texas.gov for alternate parking arrangements. Handicapped parking is free at the meters around the downtown area.
A course coordinator will email you a parking permit prior to the course start date. A permit must be displayed or you will be ticketed.
Course Description
This course covers cybersecurity risks, control design and protection measures, cybersecurity program execution, warning signs, audit, and investigative techniques.
Course Objectives
Upon completion of this course, participants will be able to:
Understand security fundamentals, including core security principles, critical security controls, and best practices for securing information technologies, operations, and data.
Assess common cybersecurity risks, threats, and vulnerabilities in the management of cybersecurity and IT audit programs. Assess common cybersecurity risks, threats, and vulnerabilities in the management of cybersecurity and IT audit programs.
Evaluate an organization’s technical, operational, and management infrastructure against common security principles and compliance controls
Detailed Course Outline
Lecture format due to volume of content. Agenda items can be removed or deprioritized to provide a more interactive learning experience.
1. Cybersecurity Overview
• Cybersecurity key concepts
• Cybersecurity history and breaches
• Types of cyber-attacks - human
• Types of cyber-attacks – technical
• Cybersecurity frameworks, standards, and regulations
• NIST framework and standards
• Industry frameworks (PCI, HIPAA, CIS CSC, ISO/IEC)
• Cybersecurity oversight, governance, and compliance
• Security policies
• Security risk management overview
• Threat analysis
• Security risk management in practice
2. Asset Management
• Asset Identification and Inventory
• Third-party/service provider management
• Business impact assessment
• Configuration management and change control
3. Cybersecurity Protection Techniques
• Defending business assets overview
• Identity and access management
• Authentication and authorization
• Vulnerability and patch management
• Security awareness
• Physical security
• Personnel security
• Computer networking fundamentals
• Network defenses
• Network security access controls
• Endpoint and system security configuration
• Endpoint and system security protection
• Application security
• Cloud and virtualization security
4. Encryption, Digital Signatures, and Data Protection
• Encryption concepts
• Cryptographic algorithms
• Encryption – public key infrastructure
• Data protection techniques
• Data privacy controls
5. Event Detection, Incident Response, and Recovery
• Logging, monitoring, and alerting
• Incident response (IR) planning
• Incident response (IR) testing
• Digital forensics
• Recovering data and systems
• Business continuity and contingency planning
6. Auditing Cybersecurity
• The auditor’s role
• CISO’s role
• Establishing audit scope
• Building the audit plan
• Cybersecurity evaluation methods
• Vulnerability assessments, scanning and testing
• Penetration testing
• Security maturity models (CMMI)
• Auditing using NIST frameworks
• Auditing with other security frameworks and standards
• Auditing cybersecurity using the payment card industry (PCI)
• Cybersecurity auditing examples
7. Audit Evidence and Reporting
• Collecting and organizing cybersecurity evidence
• NIST reporting requirements
• Prioritizing risks and influencing decisions
8. Course Wrap-up
• Course summary and conclusion
Prerequisites
Prerequisite not required.
Instructors
Joshua is an entrepreneur and advisor to many of the Fortune 100 on Information and Physical Security, as well as Compliance and Risk Management.? He honed his skills in police, fire, and surveillance industries, as well as the Federal Reserve Bank system.?
Joshua is a current faculty member for IANS, the Institute for Applied Network Security, a co-host of Paul’s Security Weekly (one of the top Infosec Podcasts worldwide), a CMMC (Cybersecurity Maturity Model Certification) author for the DoD, a member of the SPDX standards committee for the Linux Foundation, and author of a patent-pending invention around blockchain and forensic files.?He also manages a growth acceleration startup, MJM Growth. With two kids, he occasionally sleeps. Occasionally.
Joshua is a board member of BSidesDE and BSidesDC, and a global BSides council member. He has been honored as one of the top 10 most influential people in the entire BSides movement.