Date 5-8 October 2020
Location Vilnius, Lithuania
NRD Cyber Security has been named as one of the ITU CoEs in Europe for the 2019-22 cycle. We will be providing training courses on areas such as national cyber security governance, cyber security incident management and Open Source Intelligence (OSINT). The topic and dates for the spring 2020 training course have been announced and the registration is now live!
Continuous growth and reliance on Information Communication and Technologies (ICT) results not only in benefits to organizations, but also in cyber incidents, which threatens ICT infrastructure and sensitive data inside it. The ability to timely detect, mitigate and recover from cyber incidents is a crucial capability to organizations, established and managed within Computer Security Incident Response Teams (CSIRTs/CERTs/CIRTs) and Security Operation Centers (SOCs), thereafter - cybersecurity team.
The course dives deep into CSIRT/SOC establishment practice, where combination of theory, unique experience with lessons learned, and hands-on practice give attendees a clear and actionable picture on how to build an effective cybersecurity team. The training is designed for non-technical professionals who are or will be responsible for cybersecurity teams/CSIRT/CERT/SOC establishment, management and growth in governmental and private sectors.
Fourth optional day is an iteration of the course and is dedicated to look into the CSIRT/SOC technologies on the spot. During the site visit attendees are led through service desks / incident tracking systems, vulnerabilities assessment and penetration testing tools, stack for cyber threat intelligence.
This training helps to successively prepare for cyber security team establishment and answers the main questions raised before starting:
- How to build an effective cybersecurity team? Overview, discussion, and practice about a mandate, governance, team and its structure, timeline, lessons learned from similar establishments, financial planning.
- What services in addition to incident management to introduce and how? Applied mandatory and complimentary services, best international practice for services models, incident management, incident management workflows and variations.
- What is technology behind it? Scrutiny of principal architecture for CSIRT stack, integrations and managerial (not technical) look into technologies, automation vs manual, and technology trends.
- How to mature security services and when? Elaboration of KPIs, SLAs and related metrics, security briefings, weekly/monthly/quarterly/yearly reports, analysis of examples and exercises on how to plan improvements for security services provided.
- What is the baseline for it? Presentation of best international models measuring the maturity of cybersecurity team and its various components, advice on how to use them and how they help in operational environment.
Your tutor: Vilius Benetis, CSIRT/SOC architect, cybersecurity incident handling expert, researcher practitioner, CEO of NRD Cyber Security