info@commonwealthtca.com
Language  
English
French
Spanish
German
Italian
Russina
Arabic
Turkish
Home
Courses
Cities
Associations
Services
About Us
Contact Us
Course Category
Accounting and Finance
Administration and Secretarial
Auditing and Governance, Risk and Compliance
Banking, Insurance and Financial Services
Business Continuity and Crisis Management
Communication and Writing Skills
Construction Management
Contracts Management
Customer Service
Data Management and Business Intelligence
Digital Innovation and Transformation
Financial Technology (FinTech)
Health, Safety and Environment
Human Resources and Training
Interpersonal Skills and Self Development
IT Management
Leadership and Management
Legal
Maintenance and Engineering
Marketing and Sales
Monetary Economics
Monitoring and Evaluation
Oil and Gas
Planning and Strategy Management
Port and Shipping Management
Procurement and Supply Chain Management
Project Management
Public Relations
Quality and Productivity
Security Management
Tourism Management
Transport and Logistics
More Links
Public Training Courses
Certified Training Courses

Cyber Security Specialist (CSS) Programme

Why Attend

This course will provide participants with in-depth knowledge and practical skills to plan, deliver and protect, and monitor Digital assets, and Cyber security postures of internal and external systems, applications, and deployments. Encompassing a complete, conjoined set of disciplines in the areas of Cyber Security, including Policies, Play-books, Security/Penetration Testing, Ethical Hacking and Black Hat Hacking.

The 2022 updated course now also includes an extensive set of features which encompass the SOC (Security Operations Centre), CSIRT (Computer Security Incident Team), and Dark Art OSINT (Open Source Intelligence) elements. Included here are over 30 tools, books, articles, and support mediums to help the delegates gain in-depth expertise in this specialized discipline.

We will also cover Wi-Fi security and engineering in depth, Malware defenses, Ransomware attacks, Website security, human factors, Cyber Forensics and Investigations, cyber security team management

As part of the course, participants engage multiple hands-on sessions, and conduct a risk assessment of two different deployments based on the ISO27001 to identify any direct, or indirect threats, security exposures, or potentials for vulnerabilities. Participants will also respond to an example security incident and identify the best practices which could be applied to secure their own organization, and associated assets. All participants will be given copies of Run Books to deal with cyber extortions, Distributed Denial of Service (DDoS/DoS) and forensic investigations.

The 2022 course now also includes a real-time hands-on module which will footprint a digital deployment to discover and exposures, vulnerabilities, data leaks or technical misconfigurations – here again introducing 4 new tools to the course.

Overview

Course Outline

Schedule & Fees

Course Methodology

The course will include practical sessions, videos as well as live examples [e.g., Virus] and demonstrations of white and black hat hacking tools. All participants will also be provided with the latest research papers and articles.

Course Objectives

By the end of the course, participants will be able to:

  •   Apply information security standards to their organization and its critical assets
  •   Identify the threats presented by viruses, malware, active code, and Active Persistent Threats (APT) and consider the different mitigating options
  •   To build and operational SOC
  •   Formulate and manage effective cyber security teams, and apply the Computer Security Incident Response Team (CSIRT) framework, tools and capabilities to deliver cost effective and robust solutions to protect the organization
  •   Use Neuro Linguistic Programing (NLP) to deliver messages that will change the way employees work and think about security
  •   Examine the area of wireless security protocols, their security attributes, and their potential insecurities within the organization, and in public spaces
  •   Illustrate how penetration testing and ethical hacking enhance organizational security
  •   Evaluate and apply two of the most important aspects in the modern day of cyber-adversity: Open Source Intelligence (OSINT) and cyber threat intelligence
  •  To develop real hands-on skill to conduct and investigation
  •  To learn how to discover technical security vulnerabilities on any site
  •  To learn about the Third Party Risk, and to understand the mitigations which may be applied


Target Audience

IT professionals, security professionals, auditors, site administrators, general management and anyone tasked with managing and protecting the integrity of the network infrastructure. This also includes anyone already familiar and involved with IT/cyber/digital security and seeking to build on their fundamental principles of security.

Target Competencies

  •   Information security management
  •   Vulnerability assessment and management
  •   Applying cyber security solutions
  •   Developing IT policies and procedures
  •   Cyber forensics
  •   Ethical hacking and Black Hat hacking


Adapting to evolving standards

  • Information security standards (e.g. PCI-DSS/ISO27001)
  • Documented tools:
    • ISO/IEC 27001
    • PAS 555
    • Control Objectives for Information and Related Technology (COBIT)
  • Future standards
    • ISO/IEC 2018
    • EU privacy regulations
    • Local and international government stipulations implicating access to private data

Principles of IT security

  • Enterprise security
    • External defenses
    • Web filtering
    • Intruder Prevention Systems (IPS)
    • Intruder Detection Systems (IDS)
    • Firewalls
  • Secure code
  • Software Development Lifecycles (SDL)
  • Potential insecurities within developed applications
  • WiFi security protocols and attributes
  • Voice over IP (VoIP) security
  • Governance Risk and Compliance (GRC)
  • Security Incident Event Management (SEIM) applications
  • Cloud security
  • Third party security and compliance

Adopting cyber security measures

  • Employee perception on security through Neuro Linguistic Programing (NLP)
  • Security education and awareness: techniques, systems, and methodologies
  • Penetration testing
  • Ethical hacking
  • Options to mitigate viruses, malware, active code threats and Active Persistent Threats (APT)
  • The Computer Incident Response Team (CSIRT) frameworks, tools and capabilities
  • Incident first response: proven methodologies, tools, and systems
  • The science of applying robust digital forensics: applicable law, capabilities, and methodologies
  • Supervisory Controls and Data Acquisition (SCADA); security requirements, processes and methodologies
  • Abuse images: complying with local and international law

Building cyber security teams

  • Creation and management of a Secure Operations Center (SOC)
  • Development of the Corporate Security Organization Framework
  • Formulation and deployment of a Computer Security Incident Response Team (CSIRT)
  • Bespoke Security Incident and Event System (SIEM) for the operational deployment
  • Risks associated with I/O Security (e.g. USBs, CDs, other forms of media)
  • Risks of Active Code Injection, and mitigation techniques

Advanced cyber risks and tools

  • Cyber crime and the darknet/darkweb: the world of the hackers/hacktivists
  • The underground of cyber criminality
  • Social engineering as a tool to test operational resilience
  • Open Source Intelligence (OSINT)
  • Cyber threat intelligence
  • Open source and commercial security tools
  • The operational use of encryption
  • Virtual private networks

Steganography - Techniques used to hide hacking tools and malware on networks

  • Command line and tools used to identify and extract dangerous files and contain malware and hacking applications
  • The 1-10-60 Rule to identify and contain dangerous hidden applications
  • Alternate Data Streams (ADS) and the threats they can pose under an NTFS environment
  • Leveraging ADS to hide undetectable malware within an operational network
Kuala Lumpur
Kuala Lumpur (Malaysia)2025-09-22$3775
Manila
Manila (Philippines)2026-06-22$3775