Tag: Security

DevSecOps Tool Chain: Integrating Security into the DevOps Pipeline

Leave a comment

Introduction

In today’s rapidly evolving digital landscape, the security of applications and services is paramount. With the rise of cloud computing, microservices, and containerised architectures, the traditional boundaries between development, operations, and security have blurred. This has led to the emergence of DevSecOps, a philosophy that emphasises the need to integrate security practices into every phase of the DevOps pipeline.

Rather than treating security as an afterthought, DevSecOps promotes “security as code” to ensure vulnerabilities are addressed early in the development cycle. One of the key enablers of this philosophy is the DevSecOps tool chain. This collection of tools ensures that security is embedded seamlessly within development workflows, from coding and testing to deployment and monitoring.

What is the DevSecOps Tool Chain?

The DevSecOps tool chain is a set of tools and practices designed to automate the integration of security into the software development lifecycle (SDLC). It spans multiple phases of the DevOps process, ensuring that security is considered from the initial coding stage through to production. The goal is to streamline security checks, reduce vulnerabilities, and maintain compliance without slowing down development or deployment speeds.

The tool chain typically includes:

  • Code Analysis Tools
  • Vulnerability Scanning Tools
  • CI/CD Pipeline Tools
  • Configuration Management Tools
  • Monitoring and Incident Response Tools

Each tool in the chain performs a specific function, contributing to the overall security posture of the software.

Key Components of the DevSecOps Tool Chain

Let’s break down the essential components of the DevSecOps tool chain and their roles in maintaining security across the SDLC.

1. Source Code Management (SCM) Tools

SCM tools are the foundation of the DevSecOps pipeline, as they manage and track changes to the source code. By integrating security checks at the SCM stage, vulnerabilities can be identified early in the development process.

  • Examples: Git, GitLab, Bitbucket, GitHub
  • Security Role: SCM tools support static code analysis (SCA) plugins that automatically scan code for vulnerabilities during commits. Integrating SAST (Static Application Security Testing) tools directly into SCM platforms helps detect coding errors, misconfigurations, or malicious code at an early stage.
2. Static Application Security Testing (SAST) Tools

SAST tools analyse the source code for potential vulnerabilities, such as insecure coding practices and known vulnerabilities in dependencies. These tools ensure security flaws are caught before the code is compiled or deployed.

  • Examples: SonarQube, Veracode, Checkmarx
  • Security Role: SAST tools scan the application code to identify security vulnerabilities, such as SQL injection, cross-site scripting (XSS), and buffer overflows, which can compromise the application if not addressed.
3. Dependency Management Tools

Modern applications are built using multiple third-party libraries and dependencies. These tools scan for vulnerabilities in dependencies, ensuring that known security flaws in external libraries are mitigated.

  • Examples: Snyk, WhiteSource, OWASP Dependency-Check
  • Security Role: These tools continuously monitor open-source libraries and third-party dependencies for vulnerabilities, ensuring that outdated or insecure components are flagged and updated in the CI/CD pipeline.
4. Container Security Tools

Containers are widely used in modern microservices architectures. Ensuring the security of containers requires specific tools that can scan container images for vulnerabilities and apply best practices in container management.

  • Examples: Aqua Security, Twistlock, Clair
  • Security Role: Container security tools scan container images for vulnerabilities, such as misconfigurations or exposed secrets. They also ensure that containers follow secure runtime practices, such as restricting privileges and minimising attack surfaces.
5. Continuous Integration/Continuous Deployment (CI/CD) Tools

CI/CD tools automate the process of building, testing, and deploying applications. In a DevSecOps pipeline, these tools also integrate security checks to ensure that every deployment adheres to security policies.

  • Examples: Jenkins, CircleCI, GitLab CI, Travis CI
  • Security Role: CI/CD tools are integrated with SAST and DAST tools to automatically trigger security scans with every build or deployment. If vulnerabilities are detected, they can block deployments or notify the development team.
6. Dynamic Application Security Testing (DAST) Tools

DAST tools focus on runtime security, scanning applications in their deployed state to identify vulnerabilities that may not be evident in the source code alone.

  • Examples: OWASP ZAP, Burp Suite, AppScan
  • Security Role: DAST tools simulate attacks on the running application to detect issues like improper authentication, insecure APIs, or misconfigured web servers. These tools help detect vulnerabilities that only surface when the application is running.
7. Infrastructure as Code (IaC) Security Tools

As infrastructure management shifts towards automation and code-based deployments, ensuring the security of Infrastructure as Code (IaC) becomes critical. These tools validate that cloud resources are configured securely.

  • Examples: Terraform, Pulumi, Chef, Puppet, Ansible
  • Security Role: IaC security tools analyse infrastructure code to identify potential security misconfigurations, such as open network ports or improperly set access controls, which could lead to data breaches or unauthorised access.
8. Vulnerability Scanning Tools

Vulnerability scanning tools scan the application and infrastructure for known security flaws. These scans can be performed on code repositories, container images, and cloud environments.

  • Examples: Qualys, Nessus, OpenVAS
  • Security Role: These tools continuously monitor for known vulnerabilities across the entire environment, including applications, containers, and cloud services, providing comprehensive reports on security risks.
9. Security Information and Event Management (SIEM) Tools

SIEM tools monitor application logs and event data in real-time, helping security teams detect potential threats and respond to incidents quickly.

  • Examples: Splunk, LogRhythm, ELK Stack
  • Security Role: SIEM tools aggregate and analyse security-related data from various sources, helping identify and mitigate potential security incidents by providing centralised visibility.
10. Security Orchestration, Automation, and Response (SOAR) Tools

SOAR tools go beyond simple monitoring by automating incident response and threat mitigation. They help organisations respond quickly to security incidents by integrating security workflows and automating repetitive tasks.

  • Examples: Phantom, Demisto, IBM Resilient
  • Security Role: SOAR tools improve incident response times by automating threat detection and response processes. These tools can trigger automatic mitigation steps, such as isolating compromised systems or triggering vulnerability scans.
11. Cloud Security Posture Management (CSPM) Tools

With cloud environments being a significant part of modern infrastructures, CSPM tools ensure that cloud configurations are secure and adhere to compliance standards.

  • Examples: Prisma Cloud, Dome9, Lacework
  • Security Role: CSPM tools continuously monitor cloud environments for misconfigurations, ensuring compliance with security policies like encryption and access controls, and preventing exposure to potential threats.
The Benefits of a Robust DevSecOps Tool Chain

By integrating a comprehensive DevSecOps tool chain into your SDLC, organisations gain several key advantages:

  1. Shift-Left Security: Security is integrated early in the development process, reducing the risk of vulnerabilities making it into production.
  2. Automated Security: Automation ensures security checks happen consistently and without manual intervention, leading to faster and more reliable results.
  3. Continuous Compliance: With built-in compliance checks, the DevSecOps tool chain helps organisations adhere to industry standards and regulatory requirements.
  4. Faster Time-to-Market: Automated security processes reduce delays, allowing organisations to innovate and deliver faster without compromising on security.
  5. Reduced Costs: Catching vulnerabilities early in the development lifecycle reduces the costs associated with fixing security flaws in production.

Conclusion

The DevSecOps tool chain is essential for organisations seeking to integrate security into their DevOps practices seamlessly. By leveraging a combination of automated tools that address various aspects of security—from code analysis and vulnerability scanning to infrastructure monitoring and incident response—organisations can build and deploy secure applications at scale.

DevSecOps is not just about tools; it’s a cultural shift that ensures security is everyone’s responsibility. With the right tool chain in place, teams can ensure that security is embedded into every stage of the development lifecycle, enabling faster, safer, and more reliable software delivery.

Strengthening Cybersecurity in an Era of Increasing Threats

Leave a comment

Day 2 of Renier Botha’s 10-Day Blog Series on Navigating the Future: The Evolving Role of the CTO

Daily the frequency and sophistication of cyber-attacks are rising at an alarming rate. As businesses become increasingly reliant on digital technologies, the need for robust cybersecurity measures has never been more critical. For Chief Technology Officers (CTOs), safeguarding sensitive data and maintaining trust is a top priority. This blog post explores the latest strategies to strengthen cybersecurity and provides insights from industry leaders along with real-world examples.

The Growing Cybersecurity Threat

Cyber-attacks are evolving rapidly, targeting organizations of all sizes and across various sectors. The cost of cybercrime is expected to reach $10.5 trillion annually by 2025, according to a report by Cybersecurity Ventures. As Satya Nadella, CEO of Microsoft, remarked, “Cybersecurity is the central challenge of the digital age.”

Key Cybersecurity Challenges

  • Advanced Persistent Threats (APTs): These prolonged and targeted cyber-attacks aim to steal data or sabotage systems. APTs are challenging to detect and mitigate due to their sophisticated nature.
  • Ransomware: This malicious software encrypts a victim’s data, demanding a ransom for its release. High-profile ransomware attacks, like the one on Colonial Pipeline, have highlighted the devastating impact of such threats.
  • Phishing and Social Engineering: Cybercriminals use deceptive tactics to trick individuals into divulging sensitive information. Phishing attacks have become more sophisticated, making them harder to identify.

Strategies for Strengthening Cybersecurity

To combat these threats, CTOs must implement comprehensive and proactive cybersecurity strategies. Here are some of the latest approaches:

1. Zero Trust Architecture

Zero Trust is a security model that assumes that threats can come from both outside and inside the network. It operates on the principle of “never trust, always verify.” Every request for access is authenticated, authorized, and encrypted before being granted.

“Zero Trust is the future of security,” says John Kindervag, the creator of the Zero Trust model. Implementing Zero Trust requires segmenting the network, enforcing strict access controls, and continuously monitoring for anomalies.

2. Multi-Factor Authentication (MFA)

MFA adds an extra layer of security by requiring users to provide multiple forms of verification before accessing systems. This significantly reduces the risk of unauthorized access, even if login credentials are compromised.

For example, Google reported a 99.9% reduction in automated phishing attacks when MFA was implemented. MFA should be used alongside strong password policies and regular user training.

3. Advanced Threat Detection and Response

Leveraging AI and machine learning for threat detection can help identify and respond to cyber threats more quickly and accurately. These technologies analyze vast amounts of data to detect patterns and anomalies that may indicate a cyber-attack.

IBM’s Watson for Cyber Security uses AI to analyze and respond to threats in real-time. By correlating data from various sources, it can identify and mitigate threats faster than traditional methods.

4. Endpoint Protection

With the rise of remote work, securing endpoints (laptops, smartphones, tablets) has become crucial. Endpoint protection platforms (EPP) and endpoint detection and response (EDR) solutions help secure devices against malware, ransomware, and other threats.

CrowdStrike’s Falcon platform, for instance, provides real-time endpoint protection, detecting and preventing breaches before they cause damage.

5. Employee Training and Awareness

Human error remains one of the weakest links in cybersecurity. Regular training and awareness programs can help employees recognize and respond to potential threats.

Kevin Mitnick, a renowned cybersecurity expert, states, “Companies spend millions of dollars on firewalls, encryption, and secure access devices, and it’s money wasted because none of these measures address the weakest link in the security chain: the people who use, administer, and operate computer systems.”

6. Regular Security Audits and Penetration Testing

Conducting regular security audits and penetration testing helps identify vulnerabilities before cybercriminals can exploit them. This proactive approach ensures that security measures are up to date and effective.

7. Executive Ownership and Board-Level Focus

To ensure cybersecurity is prioritized, executive ownership and adding security as a board agenda point are crucial. This top-down approach emphasizes the importance of cybersecurity across the entire organization.

“Cybersecurity must be a priority at the highest levels of an organization. Leadership commitment is key to creating a culture of security,” says Mary Barra, CEO of General Motors.

Actionable Advice for CTOs:

  • Assign Executive Ownership: Designate a C-suite executive responsible for cybersecurity to ensure accountability and focus.
  • Board Involvement: Regularly update the board on cybersecurity risks, strategies, and progress. Incorporate cybersecurity as a standing agenda item in board meetings.
  • Develop a Cybersecurity Framework: Create a comprehensive cybersecurity framework that aligns with business objectives and regulatory requirements.
  • Encourage Cross-Department Collaboration: Ensure that cybersecurity is integrated across all departments, promoting a unified approach to risk management.

By implementing these strategies, organizations can build a robust cybersecurity posture that not only protects their assets but also fosters trust and confidence among stakeholders.

The cybersecurity firm, FireEye, emphasizes the importance of penetration testing: “Penetration testing should be part of any mature cybersecurity program. It provides an opportunity to identify and fix security weaknesses before they can be exploited.”

Real-World Examples

Example 1: Maersk

In 2017, Maersk, a global shipping giant, was hit by the NotPetya ransomware attack, causing over $300 million in damages. The attack disrupted operations across 76 ports worldwide. Maersk responded by rebuilding its entire IT infrastructure, emphasizing the importance of robust backup and disaster recovery plans.

Example 2: Equifax

The 2017 Equifax data breach exposed the personal information of 147 million people. The breach was attributed to unpatched vulnerabilities in their web application. In response, Equifax implemented comprehensive security measures, including a bug bounty program and enhanced patch management processes.

Example 3: Target

In 2013, Target suffered a data breach that compromised 40 million credit and debit card accounts. The breach was traced to network credentials stolen from a third-party vendor. Target has since invested heavily in cybersecurity, adopting advanced threat detection systems and implementing stricter access controls for vendors.

Conclusion

Strengthening cybersecurity in an era of increasing threats requires a multifaceted approach. By adopting strategies such as Zero Trust Architecture, Multi-Factor Authentication, advanced threat detection, and comprehensive employee training, CTOs can protect their organizations from evolving cyber threats.

As Brad Smith, President of Microsoft, aptly puts it, “Cybersecurity is an urgent challenge for everyone. We need to come together to address this and ensure that we create a safer digital world for all.”

Read more blog posts on Cyber and information Security here : https://renierbotha.com/tag/security/

Stay tuned as we continue to explore these critical topics in our 10-day blog series, “Navigating the Future: A 10-Day Blog Series on the Evolving Role of the CTO” by Renier Botha.

Visit www.renierbotha.com for more insights and expert advice.

Navigating the Labyrinth: A Comprehensive Guide to Data Management for Executives

Leave a comment

As a consultant focussed to helping organisations maximise their efficiency and strategic advantage, I cannot overstate the importance of effective data management. “Navigating the Labyrinth: An Executive Guide to Data Management” by Laura Sebastian-Coleman is an invaluable resource that provides a detailed and insightful roadmap for executives to understand the complexities and significance of data management within their organisations. The book’s guidance is essential for ensuring that your data is accurate, accessible, and actionable, thus enabling better decision-making and organisational efficiency. Here’s a summary of the key points covered in this highly recommended book covering core data management practices.

Introduction

Sebastian-Coleman begins by highlighting the importance of data in the modern business environment. She compares data to physical or financial assets, underscoring that it requires proper management to extract its full value.

Part I: The Case for Data Management

The book makes a compelling case for the necessity of data management. Poor data quality can lead to significant business issues, including faulty decision-making, inefficiencies, and increased costs. Conversely, effective data management provides a competitive edge by enabling more precise analytics and insights.

Part II: Foundations of Data Management

The foundational concepts and principles of data management are thoroughly explained. Key topics include:

  • Data Governance: Establishing policies, procedures, and standards to ensure data quality and compliance.
  • Data Quality: Ensuring the accuracy, completeness, reliability, and timeliness of data.
  • Metadata Management: Managing data about data to improve its usability and understanding.
  • Master Data Management (MDM): Creating a single source of truth for key business entities like customers, products, and employees.

Part III: Implementing Data Management

Sebastian-Coleman offers practical advice on implementing data management practices within an organisation. She stresses the importance of having a clear strategy, aligning data management efforts with business objectives, and securing executive sponsorship. The book also covers:

  • Data Management Frameworks: Structured approaches to implementing data management.
  • Technology and Tools: Leveraging software and tools to support data management activities.
  • Change Management: Ensuring that data management initiatives are adopted and sustained across the organisation.

Part IV: Measuring Data Management Success

Measuring and monitoring the success of data management initiatives is crucial. The author introduces various metrics and KPIs (Key Performance Indicators) that organisations can use to assess data quality, governance, and overall data management effectiveness.

Part V: Case Studies and Examples

The book includes real-world case studies and examples to illustrate how different organisations have successfully implemented data management practices. These examples provide practical insights and lessons learned, demonstrating the tangible benefits of effective data management.

Conclusion

Sebastian-Coleman concludes by reiterating the importance of data management as a strategic priority for organisations. While the journey to effective data management can be complex and challenging, the rewards in terms of improved decision-making, efficiency, and competitive advantage make it a worthwhile endeavour.

Key Takeaways for Executives

  1. Strategic Importance: Data management is essential for leveraging data as a strategic asset.
  2. Foundational Elements: Effective data management relies on strong governance, quality, and metadata practices.
  3. Implementation: A clear strategy, proper tools, and change management are crucial for successful data management initiatives.
  4. Measurement: Regular assessment through metrics and KPIs is necessary to ensure the effectiveness of data management.
  5. Real-world Application: Learning from case studies and practical examples can guide organisations in their data management efforts.

In conclusion, “Navigating the Labyrinth” is an essential guide that equips executives and data professionals with the knowledge and tools needed to manage data effectively. By following the structured and strategic data management practices outlined in the book, your organisation can unlock the full potential of its data, leading to improved business outcomes. I highly recommend this book for any executive looking to understand and improve their data management capabilities and to better understand the importance of data management within their organisation, as it provides essential insights and practical guidance to navigate the complexities of this crucial field.

Cyber-Security 101 for Business Owners

Leave a comment

Running a business require skill with multiple things happening simultaneously that require your attention. One of those critical things is cyber-security – critical today to have your focus on.

In the digital world today, all businesses have a dependency on the Internet in one way or the other… For SMEs (Small Medium Enterprise) that uses the Internet exclusively as their sales channel the Internet is not only a source of opportunity but the lifeblood of the organisation. An enterprise has the ability, through the Internet, to operate 24×7 with digitally an enabled workforce bringing unprecedented business value.

Like any opportunity though, this also comes with a level of risk that must be mitigated and continuously governed, not just by the board but also by every member within the team. Some of these risks can have a seriously detrimental impact to the business, ranging from financial and data loss to downtime and reputational damage. It is therefore your duty ensuring your IT network is fully protected and secure to protect your business.

Statistics show that cybercrime is exponentially rising. This is mainly due to enhancements in technology enabling and giving access to inexpensive but sophisticated tools. Used by experienced and inexperienced cyber criminals alike, this is causing havoc across networks resulting in business downtime that costs the economy millions every year.

If your business is not trading for 100 hours, what is the financial and reputational impact? That could be the downtime caused by, for example, a ransomware attack – yes, that’s almost 5 days of no business, costly for any business!

Understanding the threat

Cyber threats take many forms and is an academic subject on it’s own. So where do you start?

First you need to understand the threat before you can take preventative action.

Definition: Cyber security or information technology security are the techniques of protecting computers, networks, programs and data from unauthorized access or attacks that are aimed for exploitation.

A good start is to understand the following cyber threats:

  • Malware
  • Worms
  • Trojans
  • IoT (Internet of Things)
  • Crypto-jacking

Malware

Definition:Malware (a portmanteau for malicious software) is any software intentionally designed to cause damage to a computer, server, client, or computer network.

During 2nd Q’18, the VPNFilter malware reportedly infected more than half a million small business routers and NAS devices and malware is still one of the top risks for SMEs. With the ability of data exfiltration back to the attackers, businesses are at risk of the loss of sensitive information such as usernames and passwords.

Potentially these attacks can remain hidden and undetected. Businesses can overcome these styles of attacks by employing an advanced threat prevention solution for their endpoints (i.e. user PCs). A layered approach with multiple detection techniques will give businesses full attack chain protection as well as reducing the complexity and costs associated with the deployment of multiple individual solutions.

Worms

Definition:A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. Often, it uses a computer network to spread itself, relying on security failures on the target computer to access it.

Recent attacks, including WannaCry and Trickbot, used worm functionality to spread malware. The worm approach tends to make more noise and can be detected faster, but it has the ability to affect a large number of victims very quickly.For businesses, this may mean your entire team can be impacted (spreading to every endpoint in the network) before the attack can be stopped.

Approximately 20% of UK businesses that had been infected with malware had to cease business operations immediately resulting in lost revenue.

Internet of Things (IoT)

Definition:The Internet of things (IoT) is the network of devices such as vehicles, and home appliances that contain electronics, software, actuators, and connectivity.

More devices are able to connect directly to the web, which has a number of benefits, including greater connectivity, meaning better data and analytics. However, various threats and business risks are lurking in the use of these devices, including data loss, data manipulation and unauthorised access to devices leading to access to the network, etc.

To mitigate this threat, devices should have strict authentication, limited access and heavily monitored device-to-device communications. Crucially, these devices will need to be encrypted – a responsibility that is likely to be driven by third-party security providers but should to be enforced by businesses as part of their cyber-security policies and standard operating procedures.

Cryptojacking

Definition:Cryptojacking is defined as the secret use of your computing device to mine cryptocurrency. Cryptojacking used to be confined to the victim unknowingly installing a program that secretly mines cryptocurrency.

With the introduction and rise in popularity and value of crypto currencies, cryptojacking emerged as a cyber-security threat. On the surface, cryptomining may not seem particularly malicious or damaging, however, the costs that it can incur are. If the cryptomining script gets into servers, it can send energy bills through the roof or, if you find it has reached your cloud servers, can hike up usage bills (the biggest commercial concern for IT operations utilising cloud computing). It can also pose a potential threat to your computer hardware from overloading CPUs.

A recent survey, 1 in 3 of all UK businesses were hit by cryptojacking with statistics rising.

Mitigating the risk 

With these few simple and easy steps you can make a good start in protecting your business:

  • Education: At the core of any cyber-security protection plan, there needs to be an education campaign for all in the business. They must understand the gravity of the threat posed – regular training sessions can help here. And this shouldn’t be viewed as a one-off box-ticking exercise then forgotten about. Having rolling, regularly updated training sessions will ensure that staff members are aware of the changing threats and how they can best be avoided.
  • Endpoint protection: Adopt a layered approach to cyber security and deploy endpoint protection that monitor processes in real-time and seek out suspicious patterns, enhancing threat hunting capabilities that eliminate threats (quarantine or delete), and reducing the downtime and impact of attacks.
  • Lead by example: Cyber-security awareness should come from the top down. The time is long gone where cyber-security has been the domain of IT teams. If you are a business stakeholder, you need to lead by example by promoting and practicing a security-first mindset.

O-ISM3 BASED HIGHLY MATURE ISMS MANAGEMENT

Leave a comment

SPHERE invests in knowledge training…

This course is specifically designed to improve your skills as an information security manager. Using O-ISM3 as a framework, you will master process management, and you will be able to:

  • Prioritize security efforts using business significant criteria
  • Communicate the value that Information Security Department brings to the organization
  • Design, implement and use information security metrics proven in the field, enabling short cycle continuous improvement
  • Simplify ISO27001 compliance
  • Complement ITIL security
  • Manage outsourced security services with SLA’s
  • Implement TOGAF and SABSA architectures.

O-ISM3 is an information security management maturity standard published by The Open Group, a leader in the development of open, vendor-neutral IT standards and certifications.

SPHERE, and other organizations like the Swiss Armed Forces, the National Bank of Panama and Bankia use O-ISM3. Our student, Pedro Valcárcel, a professional with 15 years’ experience in security said about the course: “This course opened my eyes. I wish I had taken it sooner”

Trainer Profile
Vicente Aceituno is the Senior Information Security Manager of SPHERE. He is leader of the standard Open Information Security Management Maturity Model; he has broad experience in outsourcing of security services and research. His focus is information security outsourcing, management and related fields like metrics and certification of ISMS.

Mark your calendar

London Course – Monday 12th to Wednesday 14th December 2016

What you will learn:

  • Deep understanding of complex security and management concepts
  • Alignment of security objectives with an organization’s mission
  • Classifying and setting requirements for information systems that satisfy security objectives
  • Communication of the value of information security
  • Access control management concepts
  • Implementation of security processes
  • Process management activities
  • Design, implementation and use of information security metrics
  • Understanding of the relationship between metrics, management practices, capability and maturity
  • Techniques for visualization of security metrics
  • Understanding of distribution of responsibilities concepts
  • ISM3-RA Risk Assessment
  • Management of Outsourced Security processes.

Course Outline

Day 1 – 9:00 – 17:00

  • Concepts: You will gain a deeper understanding of complex security concepts.
  • Assets & Goals: You will be able to set security objectives aligned with your organization’s mission, and you will be able to communicate what is the value that the information security department brings to the organization.
  • Security Objectives: You will be able to set requirements for information systems that satisfy security objectives.
  • Access Control: You will gain an understanding of the management ramifications of access control.
  • Classification of Systems: You will be able to prioritize efforts using business significant criteria for systems classification.
  • Activities & Deliverables: You will gain an understanding of the relationship between activity and achievement of goals.
  • Bottom-up Process Implementation: You will learn how to apply O-ISM3 to processes under your own responsibility.
  • Top-down Security Program: You will learn how to apply O-ISM3 when you have support from top IT management.

Day 2 – 9:00 – 17:00

  • General Processes: You will familiarize yourself with auxiliary but essential processes.
  • Strategic Processes: You will familiarize yourself with processes related to goals definition and provision of resources.
  • Tactical Processes: You will familiarize yourself with processes related to continuous improvement and resource distribution.
  • Operational Processes: You will familiarize yourself with technical hands-on processes.
  • Management Practices: You will learn the basics about process management activities.
  • Metrics: You will learn in detail how to design, implement and use information security metrics.
  • Maturity: You will become familiar with the relationship between metrics, management practices, capability and maturity.
  • Reports, Dashboards & Visualization: You will learn how to make the best of metrics, enabling interpretation and communication.

Day 3 – 9:00 – 17:00

  • Security Organization: You will understand how the distribution of responsibilities make processes tick, and how to avoid related risks.
  • Security Modelling: You will gain a working knowledge of advanced security models.
  • O-ISM3-RA: You will learn to perform a simple yet meaningful Risk Assessment.
  • ISO27001: You will learn how to make O-ISM3 help you with ISO27001 compliance.
  • IT Architecture: You will learn how to use O-ISM3 effectively with SABSA and TOGAF.
  • ITIL & SLA’s: You will learn how to complement ITIL with O-ISM3, and how to design SLA in order to manage outsourced security processes.
  • Certification: You will peek at O-ISM3’s certification process.
  • Techniques & References: You will learn general security techniques in order to treat security threats.
  • Recapitulation: You will look back at the last three days highlighting the most important ideas and concepts.

Who should attend
This course is designed for security professionals who are or have the goal to acquire management level responsibilities in their organizations.

Student/Instructor ratio
The maximum number of students is 10.

Book now
Contact security@sphere.services for details.

https://www.systemspoweringhealthcare.com/the-news/first-article/