What should participants learn in the training?
Participants learn about the big picture of enterprise IT security: What could be done, what is state of the art, and how to decide for yourself what makes sense and what doesn’t? How can you really protect your own organization effectively against attacks and what needs to be implemented?
We also take an in-depth look at the attacker side: Participants learn about attacker types and their strategies, the phases of different attack strategies, and what activities attackers carry out during each step. Equipped with this knowledge, participants understand far better who their adversaries are and how they act – and can therefore adapt to them much better.
Problems that participants know from their own professional practice and that are unclear to them can be discussed in open question sessions.
After completing the training, participants are familiar with the state of the art, the most important and most common technical and organizational measures, have a good overview of the topic of corporate IT security and infrastructure security, understand important hardening measures, recognize current attackers and their different strategies. Participants are capable of (co-)deciding and internally advising on which of the presented measures, processes and components should be implemented in their own organization. They are able to weigh up various suitable security measures and to understand their strengths and weaknesses. Knowledge of attacker approaches and defense measures enables participants to holistically and significantly improve the security of their organizations from the inside.
What are the contents?
The topics also cover the following points:
- Secure enterprise and infrastructure concepts
- Components of an organization-wide IT security program
- Domains of organizational IT security
- The most important technical and organizational measures
- Standards, catalogs and compendia for enterprise IT security
- General best practices
- Attacker types, their different strategies and how to protect against them
- Policies, guidelines, baselines
- Security testing
- Prioritization of measures
- Risk and protection levels
- Security management processes (change management, patch management, inventory, dual control processes, oversight and approval processes etc.)
- How to embed security organizationally
- Access rights
- Economics of attacks and attackers
- Typical attack phases and attacker activities they include
- Open question and answer session with the trainer, where participants’ concerns can be discussed
What is the target audience (prior knowledge etc.)?
IT security managers, IT security officers, chief information security officers (CISOs), information security officers (ISOs), blue team members, network administrators and system administrators with influence on IT security decisions, enterprise and network architects, interested IT staff.
How long does the enterprise security training take?
Duration: 3 days