29 Cissp courses delivered Live Online

Duration 3 Days 18 CPD hours This course is intended for This course is ideal for Professionals preparing to become CRISC certified. Risk practitioners Students or recent graduates Overview At course completions, students will understand the essential concepts in the 4 ISACA CRISC domains: Governance IT Risk Assessment Risk Response and Reporting Information Technology and Security This 3 Day CRISC course is geared towards preparing students to pass the ISACA Certified in Risk and Information Systems Control examination. The course covers all four of the CRISC domains, and each section corresponds directly to the CRISC job practice. CRISC validates your experience in building a well-defined, agile risk-management program, based on best practices to identify, analyze, evaluate, assess, prioritize and respond to risks. This enhances benefits realization and delivers optimal value to stakeholders. GOVERNANCE - A. ORGANIZATIONAL GOVERNANCE * Organizational Strategy, Goals, and Objectives * Organizational Structure, Roles, and Responsibilities * Organizational Culture * Policies and Standards * Business Processes * Organizational Assets GOVERNANCE - B. RISK GOVERNANCE * Enterprise Risk Management and Risk Management Framework * Three Lines of Defense * Risk Profile * Risk Appetite and Risk Tolerance * Legal, Regulatory, and Contractual Requirements * Professional Ethics of Risk Management IT RISK ASSESSMENT - A. IT RISK IDENTIFICATION * Risk Events (e.g., contributing conditions, loss result) * Threat Modelling and Threat Landscape * Vulnerability and Control Deficiency Analysis (e.g., root cause analysis) * Risk Scenario Development IT RISK ASSESSMENT - B. IT RISK ANALYSIS AND EVALUATION * Risk Assessment Concepts, Standards, and Frameworks * Risk Register * Risk Analysis Methodologies * Business Impact Analysis * Inherent and Residual Risk RISK RESPONSE AND REPORTING - A. RISK RESPONSE * Risk Treatment / Risk Response Options * Risk and Control Ownership * Third-Party Risk Management * Issue, Finding, and Exception Management * Management of Emerging Risk RISK RESPONSE AND REPORTING - B. CONTROL DESIGN AND IMPLEMENTATION * Control Types, Standards, and Frameworks * Control Design, Selection, and Analysis * Control Implementation * Control Testing and Effectiveness Evaluation RISK RESPONSE AND REPORTING - C. RISK MONITORING AND REPORTING * Risk Treatment Plans * Data Collection, Aggregation, Analysis, and Validation * Risk and Control Monitoring Techniques * Risk and Control Reporting Techniques (heatmap, scorecards, dashboards) * Key Performance Indicators * Key Risk Indicators (KRIs) * Key Control Indicators (KCIs) INFORMATION TECHNOLOGY AND SECURITY - A. INFORMATION TECHNOLOGY PRINCIPLES * Enterprise Architecture * IT Operations Management (e.g., change management, IT assets, problems, incidents) * Project Management * Disaster Recovery Management (DRM) * Data Lifecycle Management * System Development Life Cycle (SDLC) * Emerging Technologies INFORMATION TECHNOLOGY AND SECURITY - B. INFORMATION SECURITY PRINCIPLES * Information Security Concepts, Frameworks, and Standards * Information Security Awareness Training * Business Continuity Management * Data Privacy and Data Protection Principles

Duration 5 Days 30 CPD hours This course is intended for This course is intended for experienced IT security-related practitioners, auditors, consultants, investigators, or instructors, including network or security analysts and engineers, network administrators, information security specialists, and risk management professionals, who are pursuing CISSP training and certification to acquire the credibility and mobility to advance within their current computer security careers or to migrate to a related career. Through the study of all eight CISSP Common Body of Knowledge (CBK) domains, students will validate their knowledge by meeting the necessary preparation requirements to qualify to sit for the CISSP certification exam. Additional CISSP certification requirements include a minimum of five years of direct professional work experience in two or more fields related to the eight CBK security domains, or a college degree and four years of experience. Overview #NAME? In this course, students will expand upon their knowledge by addressing the essential elements of the 8 domains that comprise a Common Body of Knowledge (CBK)© for information systems security professionals. Prerequisites * CompTIA Network+ Certification 1 - SECURITY AND RISK MANAGEMENT * Security Governance Principles * Compliance * Professional Ethics * Security Documentation * Risk Management * Threat Modeling * Business Continuity Plan Fundamentals * Acquisition Strategy and Practice * Personnel Security Policies * Security Awareness and Training 2 - ASSET SECURITY * Asset Classification * Privacy Protection * Asset Retention * Data Security Controls * Secure Data Handling 3 - SECURITY ENGINEERING * Security in the Engineering Lifecycle * System Component Security * Security Models * Controls and Countermeasures in Enterprise Security * Information System Security Capabilities * Design and Architecture Vulnerability Mitigation * Vulnerability Mitigation in Embedded, Mobile, and Web-Based Systems * Cryptography Concepts * Cryptography Techniques * Site and Facility Design for Physical Security * Physical Security Implementation in Sites and Facilities 4 - INFORMATION SECURITY MANAGEMENT GOALS * Organizational Security * The Application of Security Concepts 5 - INFORMATION SECURITY CLASSIFICATION AND PROGRAM DEVELOPMENT * Information Classification * Security Program Development 6 - RISK MANAGEMENT AND ETHICS * Risk Management * Ethics 7 - SOFTWARE DEVELOPMENT SECURITY * Software Configuration Management * Software Controls * Database System Security 8 - CRYPTOGRAPHY * Ciphers and Cryptography * Symmetric-Key Cryptography * Asymmetric-Key Cryptography * Hashing and Message Digests * Email, Internet, and Wireless Security * Cryptographic Weaknesses 9 - PHYSICAL SECURITY * Physical Access Control * Physical Access Monitoring * Physical Security Methods * Facilities Security

Our unique 5 day workshop prepares you for a first time pass of your CISSP exam. Covering each of the famous 8 CBK's, cram the theory before testing your knowledge during exam simulations. Led by a multi-award winning InfoSec consultant, this workshop delivers everything you need to pass,

This is the perfect launch pad for a technical career in Cyber Security and fully prepares every delegate for the prestigious Certified Ethical Hacking (CEH) Course that comes next on the Cyber & Hacking Learning Pathways by Nemstar.

Duration 3 Days 18 CPD hours This course is intended for The intended audience for this course is information security and IT professionals, such as network administrators and engineers, IT managers, and IT auditors, and other individuals who want to learn more about information security, who are interested in learning in-depth information about information security management, who are looking for career advancement in IT security, or who are interested in earning the CISM certification. Overview Establish and maintain a framework to provide assurance that information security strategies are aligned with business objectives and consistent with applicable laws and regulations. Identify and manage information security risks to achieve business objectives. Create a program to implement the information security strategy. Implement an information security program. Oversee and direct information security activities to execute the information security program. Plan, develop, and manage capabilities to detect, respond to, and recover from information security incidents. In this course, students will establish processes to ensure that information security measures align with established business needs. Prerequisites Information security governance Information risk management Information security program development Information security program management Incident management and response 1 - INFORMATION SECURITY GOVERNANCE * Develop an Information Security Strategy * Align Information Security Strategy with Corporate Governance * Identify Legal and Regulatory Requirements * Justify Investment in Information Security * Identify Drivers Affecting the Organization * Obtain Senior Management Commitment to Information Security * Define Roles and Responsibilities for Information Security * Establish Reporting and Communication Channels 2 - INFORMATION RISK MANAGEMENT * Implement an Information Risk Assessment Process * Determine Information Asset Classification and Ownership * Conduct Ongoing Threat and Vulnerability Evaluations * Conduct Periodic BIAs * Identify and Evaluate Risk Mitigation Strategies * Integrate Risk Management into Business Life Cycle Processes * Report Changes in Information Risk 3 - INFORMATION SECURITY PROGRAM DEVELOPMENT * Develop Plans to Implement an Information Security Strategy * Security Technologies and Controls * Specify Information Security Program Activities * Coordinate Information Security Programs with Business Assurance Functions * Identify Resources Needed for Information Security Program Implementation * Develop Information Security Architectures * Develop Information Security Policies * Develop Information Security Awareness, Training, and Education Programs * Develop Supporting Documentation for Information Security Policies 4 - INFORMATION SECURITY PROGRAM IMPLEMENTATION * Integrate Information Security Requirements into Organizational Processes * Integrate Information Security Controls into Contracts * Create Information Security Program Evaluation Metrics 5 - INFORMATION SECURITY PROGRAM MANAGEMENT * Manage Information Security Program Resources * Enforce Policy and Standards Compliance * Enforce Contractual Information Security Controls * Enforce Information Security During Systems Development * Maintain Information Security Within an Organization * Provide Information Security Advice and Guidance * Provide Information Security Awareness and Training * Analyze the Effectiveness of Information Security Controls * Resolve Noncompliance Issues 6 - INCIDENT MANAGEMENT AND RESPONSE * Develop an Information Security Incident Response Plan * Establish an Escalation Process * Develop a Communication Process * Integrate an IRP * Develop IRTs * Test an IRP * Manage Responses to Information Security Incidents * Perform an Information Security Incident Investigation * Conduct Post-Incident Reviews

Duration 4 Days 24 CPD hours This course is intended for This course is designed for the aspiring or sitting upper-level manager striving to advance his or her career by learning to apply their existing deep technical knowledge to business problems. In this course, students will learn in-depth content in each of the 5 CCISO Domains DOMAIN 01 - GOVERNANCE * Define, Implement, Manage, and Maintain an Information Security Governance Program * Information Security Drivers * Establishing an information security management structure * Laws/Regulations/Standards as drivers of Organizational Policy/Standards/Procedures * Managing an enterprise information security compliance program * Risk Management * Risk mitigation, risk treatment, and acceptable risk * Risk management frameworks * NIST * Other Frameworks and Guidance (ISO 31000, TARA, OCTAVE, FAIR, COBIT, and ITIL) * Risk management plan implementation * Ongoing third-party risk management * Risk management policies and processes * Conclusion DOMAIN 2 - SECURITY RISK MANAGEMENT, CONTROLS, & AUDIT MANAGEMENT * INFORMATION SECURITY CONTROLS * COMPLIANCE MANAGEMENT * GUIDELINES, GOOD AND BEST PRACTICES * AUDIT MANAGEMENT * SUMMARY DOMAIN 03 - SECURITY PROGRAM MANAGEMENT AND OPERATIONS * PROGRAM MANAGEMENT * OPERATIONS MANAGEMENT * Summary DOMAIN 04 - INFORMATION SECURITY CORE CONCEPTS * ACCESS CONTROL * PHYSICAL SECURITY * NETWORK SECURITY * ENDPOINT PROTECTION * APPLICATION SECURITY * ENCRYPTION TECHNOLOGIES * VIRTUALIZATION SECURITY * CLOUD COMPUTING SECURITY * TRANSFORMATIVE TECHNOLOGIES * Summary DOMAIN 05 - STRATEGIC PLANNING, FINANCE, PROCUREMENT AND VENDOR MANAGEMENT * STRATEGIC PLANNING * Designing, Developing, and Maintaining an Enterprise Information Security Program * Understanding the Enterprise Architecture (EA) * FINANCE * PROCUREMENT * VENDOR MANAGEMENT * Summary

Duration 5 Days 30 CPD hours This course is intended for The CCSP is ideal for IT and information security leaders responsible for applying best practices to cloud security architecture, design, operations and service orchestration. Overview Upon completing this course, the participants will gain valuable knowledge and skills including the ability to: - Successfully pass the CCSP exam. - Understand the fundamentals of the cloud computing architecture framework. - Understand security challenges associated with different types of cloud services. - Identify and evaluate security risks for their organization?s cloud environments. - Select and implement appropriate controls to ensure secure implementation of cloud services. - Thoroughly understand the 6 essential core domains of the CCSP common body of knowledge: 1. Architectural Concepts & Design Requirements 2. Cloud Data Security 3. Cloud Platform & Infrastructure Security 4. Cloud Application Security 5. Operations 6. Legal & Compliance The goal of the course is to prepare professionals for the challenging CCSP exam by covering the objectives of the exam based on the six domains as defined in the (ISC)2 CCSP common body of knowledge. 1 - ARCHITECTURAL CONCEPTS AND DESIGN REQUIREMENTS * Cloud Computing Concepts * Cloud Reference Architecture * Cloud Computing Security Concepts * Design Principles of Secure Cloud Computing * Trusted Cloud Services 2 - CLOUD DATA SECURITY * CSA (Cloud Security Alliance) Cloud Data Lifecycle * Cloud Data Storage Architectures * Data Security Strategies * Data Discovery and Classification Technologies * Protecting Privacy and PII (Personally Identifiable Information) * Data Rights Management * Data Retention, Deletion, and Archiving Policies * Auditability, Traceability, and Accountability of Data Events 3 - CLOUD PLATFORM AND INFRASTRUCTURE SECURITY * Cloud Infrastructure Components * Cloud Infrastructure Risks * Designing and Planning Security Controls * Disaster Recovery and Business Continuity Management 4 - CLOUD APPLICATION SECURITY * The Need for Security Awareness and Training in application Security * Cloud Software Assurance and Validation * Verified Secure Software * SDLC (Software Development Life Cycle) Process * Secure SDLC * Specifics of Cloud Application Architecture * Secure IAM (Identity and Access Management) Solutions 5 - OPERATIONS * Planning Process for the Data Center Design * Installation and Configuration of Physical Infrastructure for Cloud Environment * Running Physical Infrastructure for Cloud Environment * Managing Physical Infrastructure for Cloud Environment * Installation and Configuration of Logical Infrastructure for Cloud Environment * Running Logical Infrastructure for Cloud Environment * Managing Logical Infrastructure for Cloud Environment * Compliance with Regulations and Controls * Risk Assessment for Logical and Physical Infrastructure * Collection, Acquisition, and Preservation of Digital Evidence * Managing Communication with Stakeholders 6 - LEGAL AND COMPLIANCE * Legal Requirements and Unique Risks within the Cloud Environment * Relevant Privacy and PII Laws and Regulations * Audit Process, Methodologies, and Required Adaptions for a Cloud Environment * Implications of Cloud to Enterprise Risk Management * Outsourcing and Cloud Contract Design * Vendor Management

Duration 5 Days 30 CPD hours This course is intended for This course is targeted toward an IT Professional that has the technical knowledge and skills required to conceptualize, design, and engineer secure solutions across complex enterprise environments. Students should have a minimum of 10 years experience including at least 5 years of hands-on technical security experience. Overview Upon successful completion of this course, students will be able to: Identify enterprise security fundamentals. Apply enterprise security technology solutions. Implement security design and solutions. Manage risk, policies and procedures within an enterprise. Integrate security solutions within an enterprise. Conduct security research and analysis. In this course, students will examine advanced security concepts, principles, and implementations that pertain to enterprise level security. Prerequisites * CompTIA Cybersecurity Analyst (CySA+) Certification 1 - ENTERPRISE SECURITY ARCHITECTURE * The Basics of Enterprise Security * The Enterprise Structure * Enterprise Security Requirements 2 - ENTERPRISE SECURITY TECHNOLOGY * Common Network Security Components and Technologies * Communications and Collaboration Security * Cryptographic Tools and Techniques * Advanced Authentication 3 - ENTERPRISE RESOURCE TECHNOLOGY * Enterprise Storage Security Issues * Distributed, Shared, and Virtualized Computing * Cloud Computing and Security 4 - SECURITY DESIGN AND SOLUTIONS * Network Security Design * Conduct a Security Assessment * Host Security 5 - APPLICATION SECURITY DESIGN * Application Security Basics * Web Application Security 6 - MANAGING RISK, SECURITY POLICIES, AND SECURITY PROCEDURES * Analyze Security Risk * Implement Risk Mitigation Strategies and Controls * Implement Enterprise-Level Security Policies and Procedures * Prepare for Incident Response and Recovery 7 - ENTERPRISE SECURITY INTEGRATION * The Technology Life Cycle * Inter-Organizational Change * Integrate Enterprise Disciplines to Achieve Secure Solutions 8 - SECURITY RESEARCH AND ANALYSIS * Perform an Industry Trends and Impact Analysis * Perform an Enterprise Security Analysis

Duration 4 Days 24 CPD hours This course is intended for C - Level Managers IT Managers Cyber Security Personelle Engineers Information Systems Owners ISSO's CISSP Students ISO's Overview Upon completion, the Certified Security Leadership Officer candidate  be able to competently take the C)SLO exam.  You will be versed in implementing strong security controls and managing an organization with an industry acceptable security posture. Certified Security Leadership Officerÿ course is designed for mid and upper-level managers.ÿ If you are an engineer, this course will increase your knowledge in the leading information system security teams. Plus, the C)SLO will give you an essential understanding of current security issues, best practices, and technology. With this knowledge you will then be prepared to manage the security component of an information technology project. As a Security Leadership Officer, you will be the bridge between cybersecurity and business operations. COURSE OUTLINE * Security Management * Risk Management * Encryption * Information Security Access Control Concepts * Incident Handling and Evidence * Operations Security * Network Security ADDITIONAL COURSE DETAILS: Nexus Humans C)SLO-Certified Security Leadership Officer Mile 2 training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the C)SLO-Certified Security Leadership Officer Mile 2 course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for The intended audience for this course is information systems security professionals, internal review auditors, and other individuals who have an interest in aspects of information systems audit, controls, and security. Overview Upon successful completion of this course, students will be able to: - implement information systems audit services in accordance with information systems audit standards, guidelines, and best practices. - evaluate an organizations structure, policies, accountability, mechanisms, and monitoring practices. - evaluate information systems acquisition, development, and implementation. - evaluate the information systems operations, maintenance, and support of an organization; and evaluate the business continuity and disaster recovery processes used to provide assurance that in the event of a disruption, IT services are maintained. - define the protection policies used to promote the confidentiality, integrity, and availability of information assets. In this course, students will evaluate organizational policies, procedures, and processes to ensure that an organizations information systems align with its overall business goals and objectives. 1 - THE PROCESS OF AUDITING INFORMATION SYSTEMS * ISACA Information Systems Auditing Standards and Guidelines * Fundamental Business Processes * Develop and Implement an Information Systems Audit Strategy * Plan an Audit * Conduct an Audit * The Evidence Life Cycle * Communicate Issues, Risks, and Audit Results * Support the Implementation of Risk Management and Control Practices 2 - IT GOVERNANCE AND MANAGEMENT * Evaluate the Effectiveness of IT Governance * Evaluate the IT Organizational Structure and HR Management * Evaluate the IT Strategy and Direction * Evaluate IT Policies, Standards, and Procedures * Evaluate the Effectiveness of Quality Management Systems * Evaluate IT Management and Monitoring of Controls * IT Resource Investment, Use, and Allocation Practices * Evaluate IT Contracting Strategies and Policies * Evaluate Risk Management Practices * Performance Monitoring and Assurance Practices * Evaluate the Organizations Business Continuity Plan 3 - INFORMATION SYSTEMS ACQUISITION, DEVELOPMENT, AND IMPLEMENTATION * Evaluate the Business Case for Change * Evaluate Project Management Frameworks and Governance Practices * Development Life Cycle Management * Perform Periodic Project Reviews * Evaluate Control Mechanisms for Systems * Evaluate Development and Testing Processes * Evaluate Implementation Readiness * Evaluate a System Migration * Perform a Post-Implementation System Review 4 - INFORMATION SYSTEMS OPERATIONS, MAINTENANCE, AND SUPPORT * Perform Periodic System Reviews * Evaluate Service Level Management Practices * Evaluate Third-Party Management Practices * Evaluate Operations and End User Management Practices * Evaluate the Maintenance Process * Evaluate Data Administration Practices * Evaluate the Use of Capacity and Performance Monitoring Methods * Evaluate Change, Configuration, and Release Management Practices * Evaluate Problem and Incident Management Practices * Evaluate the Adequacy of Backup and Restore Provisions 5 - PROTECTION OF INFORMATION ASSETS * Information Security Design * Encryption Basics * Evaluate the Functionality of the IT Infrastructure * Evaluate Network Infrastructure Security * Evaluate the Design, Implementation, and Monitoring of Logical Access Controls * Risks and Controls of Virtualization * Evaluate the Design, Implementation, and Monitoring of Data Classification Process * Evaluate the Design, Implementation, and Monitoring of Physical Access Controls * Evaluate the Design, Implementation, and Monitoring of Environmental Controls