SC100: Cyber Security Foundation

Agenda:

• Creation of attack scenarios against companies based on publicly visible vectors as moderated live demo
  
  
• Discussion and creative elaboration of attack and defense
  • How do offense and defense interact?
  • New dimension: AI-based attacks (e.g. generative malware, automated phishing, deepfake audios for social engineering)
  • Defense through AI-supported defense mechanisms such as machine learning for anomaly detection, automated threat hunting systems
  • Integration of current infosec incidents (e.g. ransomware trends, supply chain attacks, AI-supported fraud)
    
    
• Expanding the security surface (technology – organization – human)
  • How do protection requirements classification, risk analysis, risk management, compliance strengthen security?
  • Specifics for cloud outsourcing (vendor lock, geo risk, exit strategy)
  • Introduction of the Lockheed Martin Cyber Kill Chain
    
    
• Which standards are relevant? How are they structured and what are their practical uses?
  • How do they build upon each other and complement each other (e.g. cross-reference tables IT-Grundschutz to ISO27001)?
  • Introduction NIST Cybersecurity Framework, ISO 2700X family, BSI™ Grundschutz standards, other relevant organizations such as Teletrust, ENISA or OWASP
    
    
• Fundamentals of technical IT security
  • Network architecture
  • Secure connection of local networks to the Internet
  • Secure use of WLAN
  • Secure deployment of IPv4 and IPv6
    
    
• Components in the network
  • Securing a PC client
  • Securing a server
    
    
• Services and applications on the Internet
  • Secure use of email
  • Secure operation of email servers
  • Secure use of web services
  • Secure provision of web services
  • Secure Internet telephony (VoIP)
  • Secure remote access to local networks (VPN)
    
    
• How do vulnerabilities arise and how are they discovered?
  
  
• Workshop: Discovery and mitigation of vulnerabilities through technical, human and organizational measures in various scenarios
  
  
• Fundamentals of social engineering
  • Psychological fundamentals
  • OSINT and information gathering
  • Typical attack scenarios (phishing, vishing, lishing, smishing, deepfakes, tailgating, spoofing)
  • Defense against SE attacks (incl. training in recognizing AI-generated content)
    
    
• Overview of cybercrime
  • Hacktivists, state nation actors, commercial hackers, script kiddies
  • Darknet, deep web, trojans/viruses/worms, WLAN + USB attacks, DDoS, ransomware, lateral movement in authorization systems (using Active Directory as example)
    
    
• Building a resilient ISMS
  • Purpose definition, stakeholder gathering, system selection, risk analysis, role and function determination, compliance, governance, creation of policies, security concepts and measures
    
    
• Cybersecurity technology:
  • Preventive: firewalls, proxy, segmentation, hardening, IAM, cryptography (classical methods, key management, zero trust approaches, post-quantum cryptography), patching, backup
  • Detective: advanced analytics, antivirus (signature/heuristic/nextGen), NBAD (Network Behavior Anomaly Detection), mail protection, honeypots
  • Reactive: quarantine, behavior blocking, SIEM, SOC, CERT, forensics
  • Predictive: darknet monitoring/underground spotting, bug bounty, BCM, BIA
    
    
• BCM – emergency preparedness and resilience measures
  • How to prepare for the unexpected (Black Swan, N.N.Taleb)?
    
    
• Awareness – campaign development, error culture, team building, lighthouse projects
  
  

Objectives:

• Deepen your knowledge about the interaction of attack and defense regarding the core components technology, organization and human.
• Learn measures for ensuring a targeted security level and discover how frequency, damage amount and probability of occurrence are handled to minimize risk.
• Get an overview of the most important current security standards and their interaction.
• Experience the use of cryptography in the modern security environment – from everyday data encryption to post-quantum resistant methods.
• Complete your fundamentals: From the origins of the German hacker underground scene, through the establishment of ENISA and BSI™, the best practices for building an ISMS to the favorite controls of auditors.
• Reflect on the role of AI in attack and defense based on real, current incidents and learn strategies for dealing with new threats.
• Train your own social skills with an experienced hacker and social engineer – including the detection of deepfakes and AI-based social engineering attacks – and create your own awareness program in group work.
• Prepare yourself and your colleagues with best practices of resilience and IT emergency management for the worst case scenario.

Target audience:

The workshop C100 Cyber Security Foundation is designed for experienced as well as already established and also new employees in the information security domain.
It is particularly suitable for participants who have had little exposure to the entire scope of information security, because they are, for example, rather experts in a specific subject area and now want to look beyond their own domain.

Prerequisites:

Description:

The workshop SC100 Cyber Security Foundation provides you with a compact overview of the entire cyber security landscape.
You gain understanding for attacking and defending IT environments, both in theoretical mechanisms and through practical examples. You train the interaction of human, organization and technology and their influence within cyber security. The workshop takes place in the form of an online conference and includes interactive elements.

Assessment/Certificate:
The workshop concludes with a gamified assessment with a duration of 45 minutes. Upon passing this, participants receive a qSkills™ certificate.