Promoter – TecMinho – AssociAção Universidade Empresa para o Desenvolvimento
Action – Advanced Training in Cybersecurity – Security in ICT Infrastructures
Description – Cybersecurity is nowadays considered an essential area to safeguard, in a controlled way, one of the most valuable assets of organizations, their Information System. The existence of several technologies and procedures widely recognized and with high efficiency in this management process, evaluating and demonstrating the state of Cybersecurity is, and will continue to be, a huge challenge.
One of the solutions to meet this challenge is certification, according to one of the most widely disseminated standards, ISO/IEC 27001. This certification recognizes the organization’s Safety Management System, based on a risk analysis and contemplating the best known practices. However, the certification process requires considerable effort, especially in terms of changing business processes and the behavior, at all levels, of the organization’s managers and employees. This, obviously, in addition to the possible adoption of security technologies, whose implementation, in a Security Management logic, requires monitoring and evaluation activities, for which it is necessary to develop new professional skills. These characteristics make this transformation process long, whose success depends on the existence of adequate management strategies, as well as adequate support from the highest levels of management in the organization.
At the end of the training, trainees, based on the requirements of the ISO/IEC 27000 family of standards, will be able to:
– Know the internal control policies, standards and good practices in the organization;
– Implement security policies for computer networks;
– Implement information security policies, based on the use of cryptographic techniques (protection of integrity and confidentiality);
– Implement access control policies.
The training lasts a total of 63 hours, covering the following contents:
1. Raising awareness of the ISO/IEC 27001 standard
2. Security in Computer Networks
3. Cryptographic Techniques in Information Security
4. Access Control in Information Systems
This course will be online, adopting a strategy which is very similar to face-to-face training. We will have synchronous/live sessions (trainer and participants are online through a videoconference system), where the trainer will address the training contents and interact with the participants and the latter with the trainer and other colleagues. An active methodology will be used to encourage the participation of trainees, using the expository and interrogative method, with a strong practical component through the performance of practical exercises that will allow trainees, during the training, to analyze their practices and, if applicable, redefine them in the light of the normative references and good practices presented.
Recipients: middle and senior management of companies and organizations and senior technicians of the Municipalities.
More information here.