NRD Cyber Security has been named as one of the CoEs in Europe for the 2019-22 cycle. We will be providing training courses on areas such as national cybersecurity governance, cybersecurity incident management and Open Source Intelligence (OSINT).
By utilising the latest developments in telecommunications, ITU is aiming to develop the technical standards that ensure networks and technologies seamlessly interconnect and strive to improve access to ICTs to undeserved communities worldwide. However, with the advancement of technology, hand in hand go issues such as the speed of technology absorption or cyber security threats. Hence, constant training on technological skills and cyber resilience is required. For this purpose, ITU appoints CoEs in various regions which help to develop and improve the skills and competencies of ICT professionals worldwide. More information about the programme: ITU Centres of Excellence
Next available training
Course title: Building an effective cybersecurity team
Dates: 4-7th May, 2020
About: Continuous growth and reliance on Information Communication and Technologies (ICT) results not only in benefits to organizations, but also in cyber incidents, which threatens ICT infrastructure and sensitive data inside it. The ability to timely detect, mitigate and recover from cyber incidents is a crucial capability to organizations, established and managed within Computer Security Incident Response Teams (CSIRTs/CERTs/CIRTs) and Security Operation Centers (SOCs), thereafter - cybersecurity team.
The course dives deep into CSIRT/SOC establishment practice, where combination of theory, unique experience with lessons learned, and hands-on practice give attendees a clear and actionable picture on how to build an effective cybersecurity team. The training is designed for non-technical professionals who are or will be responsible for cybersecurity teams/CSIRT/CERT/SOC establishment, management and growth in governmental and private sectors.
Fourth optional day is an iteration of the course and is dedicated to look into the CSIRT/SOC technologies on the spot. During the site visit attendees are led through service desks / incident tracking systems, vulnerabilities assessment and penetration testing tools, stack for cyber threat intelligence.
This training helps to successively prepare for cyber security team establishment and answers the main questions raised before starting:
- How to build an effective cybersecurity team? Overview, discussion, and practice about a mandate, governance, team and its structure, timeline, lessons learned from similar establishments, financial planning.
- What services in addition to incident management to introduce and how? Applied mandatory and complimentary services, best international practice for services models, incident management, incident management workflows and variations.
- What is technology behind it? Scrutiny of principal architecture for CSIRT stack, integrations and managerial (not technical) look into technologies, automation vs manual, and technology trends.
- How to mature security services and when? Elaboration of KPIs, SLAs and related metrics, security briefings, weekly/monthly/quarterly/yearly reports, analysis of examples and exercises on how to plan improvements for security services provided.
- What is the baseline for it? Presentation of best international models measuring the maturity of cybersecurity team and its various components, advice on how to use them and how they help in operational environment.
Your tutors: Sigitas Rokas, Corporate Governance of Information Security Expert and the manager for CSIRT/SOC establishment projects and Vilius Benetis, CSIRT/SOC architect, cybersecurity incident handling expert, researcher practitioner, CEO of NRD Cyber Security