SC100: Cyber Security Foundation

Agenda:

• Creation of attack scenarios against companies based on publicly visible vectors as moderated live demo
  
  
• Discussion and creative elaboration of attack and defense
  • How do offense and defense interact?
    
    
• Expanding the security surface (Technology – Organization – Human)
  • How do protection requirements classification, risk analysis, risk management, compliance strengthen security?
  • Specifics for cloud outsourcing (vendor lock, geo-risk, exit strategy)
  • Introduction to the Lockheed Martin Cyber Kill Chain
    
    
• Which standards are relevant? How are they structured and what are they practically usable for?
  • How do they build upon each other and complement each other (e.g. cross-reference tables IT baseline protection to ISO27001)?
  • Introduction NIST Cybersecurity Framework, ISO 2700X family, BSI™ baseline protection standards, other relevant organizations like Teletrust, ENISA or OWASP
    
    
• Fundamentals of technical IT security
  • Network architecture
  • Secure connection of local networks to the Internet
  • Secure usage of WLAN
  • Secure deployment of IPv4 and IPv6
    
    
• Components in the network
  • Hardening of a PC client
  • Hardening of a server
    
    
• Services and applications on the Internet
  • Secure usage of email
  • Secure operation of email servers
  • Secure usage of web services
  • Secure provision of web services
  • Secure Internet telephony (VoIP)
  • Secure remote access to local networks (VPN)
    
    
• How vulnerabilities emerge and how they are discovered.
  
  
• Workshop: Discovery and mitigation of vulnerabilities through technical, human and organizational measures in various scenarios
  
  
• Fundamentals of social engineering
  • Psychological fundamentals
  • OSINT and information gathering
  • Typical attack scenarios (phishing, vishing, tailgating, spoofing)
  • Defense against SE attacks
    
    
• Threat landscape of cybercrime
  • Hacktivists, state nation actors, commercial hackers, script kiddies
  • Darknet, deepweb, trojans/viruses/worms, WLAN + USB attacks, DDoS, ransomware, lateral movement in authorization systems (using Active Directory as example)
    
    
• Building a resilient ISMS
  • Purpose definition, stakeholder gathering, system selection, risk analysis, role and function definition, compliance, governance, creation of policies, security concepts and controls
    
    
• Cybersecurity technology:
  • Preventive: firewalls, proxy, segmentation, hardening, IAM, cryptography, patching, backup
  • Detective: advanced analytics, antivirus (signature/heuristic/nextGen), NBAD (Network Behavior Anomaly Detection), mail protection, honeypots
  • Reactive: quarantine, behavior blocking, SIEM, SOC, CERT, forensics
  • Predictive: darknet monitoring/underground spotting, bug bounty, BCM, BIA
    
    
• BCM – emergency preparedness and resilience measures
  • How to prepare for the unexpected (Black Swan, N.N.Taleb)?
    
    
• Awareness – campaign development, error culture, team building, lighthouse projects
  
  

Objectives:

• Deepen your knowledge about the interaction of attack and defense regarding the core components technology, organization and human.
• Learn measures for ensuring a targeted security level and discover how frequency, damage amount and probability of occurrence are handled to minimize risk.
• Get an overview of the most important current security standards and their interaction.
• Complete your fundamentals: From the origins of the German hacker underground scene, through the establishment of ENISA and BSI™, the best practices for building an ISMS to the favorite controls of auditors.
• Train your own social skills with an experienced hacker and social engineer and create your own awareness program in group work.
• Prepare yourself and your colleagues with best practices of resilience and IT emergency management for the worst case scenario.

Target audience:

Prerequisites:

Description: