Implementing A Cybersecurity Program
Published 11/2024
MP4 | Video: h264, 1920x1080 | Audio: AAC, 44.1 KHz
Language: English | Size: 9.03 GB | Duration: 4h 26m
How to Develop a Comprehensive Cybersecurity Program for Your Organization
What you'll learn
Explain functions and components of a cybersecurity program and how it reduces risk for the business
Explain core cybersecurity concepts
Explain possible approaches for implementing a cybersecurity program and how to choose an approach that has the best return on investment for an organization
Explain cybersecurity steps that should be taken right away
Explain other factors and considerations for prioritizing the implementation tasks of a cybersecurity program
List common laws and regulations and explain who may have to comply with those laws and regulations
Explain common business documents and policies and their role in protecting the business
Explain common cybersecurity program functions and their role in protecting the business
Explain risk tolerance
Explain different methods for assessing risk
Explain the how to perform an asset and risk assessment
Explain how to determine solutions and ROI
Explain how to compare and contrast solutions and ROI to prioritize work
Explain common cybersecurity frameworks and their purpose
Explain how to implement a framework
Requirements
No prior knowledge or experience needed
Description
Looking to set up a cybersecurity program at your company? This course will cover tips and tricks of setting up an IT program from the ground up. The focus will be on the process and how to efficiently and quickly set up the program. The course will cover the following
efine elements of a cybersecurity programChoosing an implementation approachImplementing high value, low cost changesHow to assesses companies risk toleranceDetermining and organizing workChoosing a cybersecurity frameworkThis course is for:Anyone looking into developing a cybersecurity program. The course is designed for someone more technical or leading a technical department and is probably best suited for companies with at least one person devoted to IT.A note from the instructor: The first time I set up a cybersecurity program, there weren't a lot of resources on the process. Within two years I took the company from no security program to being fully SOC 2 Type 2 Compliant. This was an incredible feat considering the lack of resources. I've compiled what made this project so successful into this course, as well as added additional tips and tricks that I've learned since.Who Should Take this Course:Anyone wanting to set up a cybersecurity program for their business or organizationMost ideal for small or medium size companies that have at least 1 IT personWho Should Take this Course:Anyone wanting to set up a cybersecurity program for their business or organizationMost ideal for small or medium size companies that have at least 1 IT personWhy take the course from me?Experience: I've been in the IT world since 2000, have a masters in computers, and over 20 industry standard certificationsKnow how to Teach: I was trained as an instructor by the USAF, have a bachelors in education, teaching since 1997, and well over 6,000 hours of classroom instruction time.I've been a hiring manager since 2010, I know what skill sets employers are looking for.TechKnowSurge's Unique ApproachYour instructor has training and years of experience as an educator, as a technician, and as a leader. The course implements the following features:Microstep lectures and segmented videos that meters learning into bite size chunks. It also makes it easy to go back and review concepts when needed.Extensive coverage of topics to make sure topics are explained fullyWell-organized content. A tremendous amount of effort has been placed on what order content should be delivered to maximize learning and minimizing confusion.A focus on pedagogy. A funny name, but your instructor has a deep understanding of educational theory and what drives learning.Module overviews explaining what to expect for each module and sets a mindset for why the information is important to learn.Video intros, overviews, and summaries to explain the intention of each video, reinforce learning, and prepare you for success.High quality and engaging videos that use graphics, great explanations, and analogies to explain complex topics in an easy to understand way.Real world application. Step beyond just the theory. Your instructor has real world experience and will share that with you throughout the course.Content and OverviewThis well organized course will has the following modules:Welcome and Getting Started: Prepare yourself for efficiently and successfully completing the course. You'll get an overview of what the course is all about and what you should expect out of it.What is a Cybersecurity Program: Let's start by exploring what is a cybersecurity program, what are it's core functions, and who it mitigates risk for a business or organization. We'll also cover some core cybersecurity definitions and concepts that we'll use throughout the course.Implementation Approaches: We'll set the stage for the three main approaches that I would recommend: Start with action; Start with an Assessment; and Start with a Framework. This will be an overview of the three approaches. We'll also have a video about change management from a human perspective, that is how to roll out proper change management to help gain the most acceptance for the changes you would be making for the organization.Lane 1: Start with Action: A cybersecurity program is about making changes that will put the company in the best position for success. This requires action. Delaying action could mean you putting the business at risk. We'll cover considerations for how to choose which actions are the right first steps for you.Regulatory Compliance: Laws and regulations continue to evolve and develop to protect consumers. Those businesses that don't take the new regulatory compliance seriously, may find themselves irrelevant. We'll cover some of the larger, more common laws and regulations that you may need to implement for your business. We'll get into what the regulation is, who must comply with it, and some of the highlights of the law.Critical Cybersecurity Documents: Some documents and policies are requirements, while others are important to legally protect the business. We'll cover common documents an organization should consider. We'll discuss who should implement, how the document is used, and look at some examples of the documents.Cybersecurity Functions: Business operations can be broken down into different individual functions. We'll get into core functions that can be implemented that will help protect the business from risk.Lane 2: Start with an Assessment: One of the core functions of a cybersecurity program is to assess risk, determine solutions, prioritize solutions, and then take action. By starting with an assessment, you can prioritize projects in a way that gives the organization the best return on investment. We'll cover what risk assessments look like and the basics of how to perform a risk assessment for your organization.Lane 3: Start with a Framework: A framework helps establish a comprehensive cybersecurity program. Without it, an organization could find itself overlooking risk in areas of its operations. A framework can identify those areas and ensure proper controls are in place to protect those areas.Wrap Up: Time to wrap up the course and provide any final thoughts.Instructor BioTechKnowSurge (Andrew Grimes) has been in the tech industry since 2000 and even longer as an Instructor. He started out as a Survival Instructor for the United States Air Force (USAF) in 1997. When he got out of the military, he started teaching computer classes. Wanting to advance his technical skills, he became a contractor working on a wide range of technologies while teaching technology college courses in the evening. Overtime, he became a hiring manager, director, and leaderHis background includes:Building a security program within 2 years to include becoming SOC 2 Type 2 compliantLeading and maximizing efficiency of IT, Security, and DevOps teamsManaging SaaS company infrastructure with millions of active usersManaging small, medium, and large IT InfrastructuresMigrating technologies to the cloudManaging multi-million dollar budgets and reducing overall budget spend year over yearUtilizing various project management techniques such as waterfall, scrum and Kanban to maximize efficiency and successBachelors in Workforce EducationMasters in Computer Resource and Information ManagementOver 6,000 hours of teaching experienceOver 20 industry standard certifications.Past student reviews:"Andrew is absolutely the best instructor I've had throughout the course of my education. He is extremely knowledgeable when it comes to all things network and IT-related. Because of the education he provided, I am now working in the network engineering field, and I could not have done it without his expert guidance." ~Michael B."Andrew was hands down my favorite instructor since enrolling" "He has great skills as an instructor, and I've learned a lot from his classes." ~Jeff S."As an instructor, he is thorough, articulate, patient and positive. He genuinely cares that his students fully comprehend the curriculum. I have a great deal of respect for Andrew. I can't recommend him highly enough." ~Dan H."I found Andrew to be one of the best Instructors" "He presents the information with real world applications, which helped to reinforce the concepts presented in the Cisco Certification track." "I am truely thankful to have had him as my teacher." ~Dan M."Andrew is very knowledgeable and brings his practical business experience with him. He expresses himself very well and treats everyone with respect. He explains very complicated concepts in a manner that is easy to understand." "It is without reservation that I would recommend Andrew as a business professional and/or teacher." ~Adam C."Andrew is an excellent instructor and more." "Andrew is the kind of teacher that you never forget." ~ William C."Andrew Grimes is a first rate instructor who genuinely cares about the success of his students. I was fortunate to have Andrew as my instructor." "I highly recommend Andrew as an instructor and IT professional." ~Paul C."Andrew is a great instructor who really cares whether his students grasp the concepts he teaches. He has a passion for teaching that many couldn't muster." ~Patrick R."He was a great teacher and I would gladly take a class under him again." ~Joshua R.".his style of teaching is accommodating for any level, that a student is starting off at, either beginning or advance in IT world." ~Paul W."He fosters a multidimensional environment of learning in which students of diverse abilities excel." ~Mark B"Andrew Grimes was a great Data Networks and Telecommunications Instructor." "I would highly recommend him to any who desires to further their education." ~ Tommy S. Overview
Section 1: Welcome and Getting Started
Lecture 1 Welcome
Lecture 2 How to Navigate This Course
Lecture 3 Course Overview
Lecture 4 Syllabus
Lecture 5 Meet Your Instructor
Section 2: What is a Cybersecurity Program?
Lecture 6 Module Intro
Lecture 7 What is a Cybersecurity Program?
Lecture 8 Why have a Cybersecurity Program?
Lecture 9 How does a Security Program Mitigate Risk?
Lecture 10 Security Program Operations
Lecture 11 Cybersecurity Frameworks
Lecture 12 Core Cybersecurity Concepts
Section 3: Implementation Approach
Lecture 13 Module Intro
Lecture 14 Payoff Model
Lecture 15 Choosing an Implementation Approach
Lecture 16 Change Management
Section 4: Lane 1: Start with Action
Lecture 17 Module Intro
Lecture 18 The Basics
Lecture 19 Requirements
Section 5: Regulatory Compliance
Lecture 20 Module Intro
Lecture 21 Laws and Regulations Overview
Lecture 22 Common Regulatory Components
Lecture 23 General Data Protection Regulation (GDPR)
Lecture 24 California Consumer Privacy Act (CCPA)
Lecture 25 Payment Card Industry Data Security Standard (PCI DSS)
Lecture 26 Sarbanes-Osxley Act (SOX)
Lecture 27 Health Insurance Portability and Accountability Act (HIPAA)
Lecture 28 Cybersecurity Maturity Model Certification (CMMC)
Lecture 29 Gramm-Leach-Bliley Act (GLBA)
Lecture 30 Children's Online Privacy Protection Act (COPPA)
Lecture 31 Family Educational Rights and Privacy Act (FERPA)
Section 6: Critical Security Documents
Lecture 32 Module Intro
Lecture 33 Written Information Security Plan (WISP)
Lecture 34 Acceptable Use Policy (AUP)
Lecture 35 Password Policy
Lecture 36 Privacy Policy
Lecture 37 Service Level Agreements (SLA)
Lecture 38 Operational-Level Agreement
Lecture 39 Privacy-Level Agreement
Lecture 40 Terms of Service (ToS)
Lecture 41 Data Retention Policy
Lecture 42 Master Service Agreements (MSA)
Lecture 43 Statement of Work (SoW)
Lecture 44 Non-Disclosure Agreements (NDA)
Lecture 45 Memorandum of Understanding (MOU)
Lecture 46 Interconnect Security Agreement (ISA)
Section 7: Security Operations
Lecture 47 Module Intro
Lecture 48 Compliance Management
Lecture 49 Risk Management
Lecture 50 Asset Acquisition and Management
Lecture 51 Vulnerability Management
Lecture 52 Patch Management
Lecture 53 Vendor and Supply Chain Management
Lecture 54 Personnel Management
Lecture 55 Identity and Access Management (IAM)
Lecture 56 Security Awareness & Training Management
Lecture 57 Change Management
Lecture 58 Data Management
Lecture 59 Monitoring and Alerting
Lecture 60 Incident Management
Lecture 61 Contingency Planning
Lecture 62 Auditing and Assessments
Lecture 63 Program Management
Section 8: Lane 2: Start with an Assessment
Lecture 64 Module Intro
Lecture 65 Determining Risk Tolerance
Lecture 66 Risk Assessment
Lecture 67 Asset Risk Assessment
Lecture 68 DEMO: Asset Inventory and Assessment
Lecture 69 Identify Solutions and ROI
Lecture 70 DEMO: Solutions and ROI
Lecture 71 Prioritizing Work
Section 9: Lane 3: Start with a Framework
Lecture 72 Module Intro
Lecture 73 Start with a Framework
Lecture 74 Implementing a Framework
Lecture 75 Determining Work
Section 10: Wrap up
Lecture 76 Review
Lecture 77 Course Wrap up
Anyone wanting to set up a cybersecurity program for their business or organization,Most ideal for small or medium size companies that have at least 1 IT person
TurboBit
Code:
Bitte
Anmelden
oder
Registrieren
um Code Inhalt zu sehen!
Code:
Bitte
Anmelden
oder
Registrieren
um Code Inhalt zu sehen!
Code:
Bitte
Anmelden
oder
Registrieren
um Code Inhalt zu sehen!
Code:
Bitte
Anmelden
oder
Registrieren
um Code Inhalt zu sehen!
