Security-Management-Concepts and Demonstrations

Security concepts and fundamentals

• security policies
• physical, technical and social security controls
• usable security
• security standards and certifications, governance and compliance
• security roles and responsibilities, culture and awareness raising, and professionalism
• recognising security needs across platforms (including Operating Systems, Applications, and Cloud systems)

Risk Assessment

• threat, vulnerability and risk concepts
• asset valuation and management
• risk analysis methodologies

Types of threats

• threat agents and motivations, adversarial thinking
• common human and technical attacks, insider threat, malicious code
• situational awareness, threat trends and landscape, CERTs

Risk Management

• handling risk and selecting countermeasures/controls to mitigate risk
• understanding impacts and consequences
• third party management
• risk communication
• security economics Auditing, and Continuity planning and management (including backup and disaster recovery)