PECB Certified ISO/IEC 27032 Lead Cybersecurity Manager

Küberturbe juhtimise koolitus võimaldab osalejatel saada põhiteadmised ja oskused küberturbe programmi (Cyber Security Management System – CSMS) väljatöötamiseks ja rakendamiseks vastavalt rahvusvahelisele ISO/IEC 27032 standardile ja NIST küberturbe raamistikule. Osalejad saavad hea ülevaate küberturbe protsesside planeerimisest, küberturbe seostest teiste IT-turbe valdkondadega ning rollide määratlemisest. Läbi praktiliste harjutuste ja juhtumianalüüside omandavad osalejad kogemuse küberturbe programmi koostamiseks ja projekti edukaks juhtimiseks ning tulemuste kommunikeerimiseks.

Koolitusele järgneval päeval on võimalik sooritada rahvusvaheline sertifikaadieksam (inglise keeles). Positiivse eksamitulemuse olemasolul ja töökogemuse tingimuste täitmisel on osalejatel võimalik omandada rahvusvaheliselt tunnustatud „PECB Certified ISO/IEC 27032 Lead Cybersecurity Manager“ sertifikaat. Eksami sooritamine ning sertifitseerimine on võimalik lisatasu eest (490€ +km).

Sihtgrupp:

• küberkaitse juhid ja spetsialistid, infoturbe juhid
• küberkaitse eksperdid
• IT-üksuse töötajad
• spetsialistid, kes soovivad end realiseerida küberkaitse valdkonnas

Koolitusel osalemise eeldused (soovitavalt): varasem praktiline kokkupuude infoturbe või küberkaitsega

Programm:

• Day 1
  • Introduction to Cybersecurity and related concepts as recommended by ISO/IEC 27032
  • Course objectives and structure
  • Standards and regulatory frameworks
  • Fundamental concepts in Cybersecurity
  • Cybersecurity program
  • Initiating a Cybersecurity program
  • Analyzing the organization
  • Leadership
• Day 2
  • Cybersecurity policies
  • Risk management
  • Attack mechanisms
• Day 3
  • Cybersecurity controls
  • Information sharing and coordination
  • Training and awareness program
• Day 4
  • Incident management, monitoring and continuous improvement
  • Business continuity
  • Cybersecurity incident management
  • Cybersecurity incident response and recovery
  • Testing in Cybersecurity
  • Performance measurement
  • Continuous improvement
  • Closing the training
• Day 5
  • Certification Exam

After completing the course, users:

• acquire comprehensive knowledge on the elements and operations of a Cybersecurity Program in conformance with ISO/IEC 27032 and NIST Cybersecurity framework;
• acknowledge the correlation between ISO/IEC 27032, NIST Cybersecurity framework and other standards and operating frameworks;
• master the concepts, approaches, standards, methods and techniques used to effectively set up, implement, and manage a Cybersecurity program within an organization;
• learn how to interpret the guidelines of ISO/IEC 27032 in the specific context of an organization;
• master the necessary expertise to plan, implement, manage, control and maintain a Cybersecurity Program as specified in ISO/IEC 27032 and NIST Cybersecurity framework;
• acquire the necessary expertise to advise an organization on the best practices for managing Cybersecurity.

Koolitaja:
PhD Andro Kull, certified ISO 27001 Lead Auditor

Andro Kull during his career, has worked in both sectors, public and private. In the previous years he has worked for the financial sector with regards to IT and information security, and for the energy sector with regards to IT risks, where security and continuity demands are very high. Kull started his career as IT specialist and IT manager, and has worked extensively as IT auditor and as IT risk manager for one of the largest company in Estonia. At the same time, he founded a small consulting company and managed projects related to IT risk assessment, the implementation of security measures, business continuity planning (BC), planning for recovery (DR), and crisis management mostly in public sector organizations.

The international environment is not new to Andro Kull, since he has participated in the European Central Bank internet payment security working group. Kull has been cooperating with the IT banking supervisors on an international level. Furthermore, he has organized one international conference in Tallinn. In addition, he has worked for European Union DG Connect as advisor connected with IT risk management recommendations development.

Andro Kull holds a PhD degree from the University of Tampere, concentrating on the IT oversight and compliance verification methodologies, and he currently is lecturing IT risk and information security management issues at the University of Tallinn.