Business Continuity Practitioner (S-BCP) Training Course

Who is this course for?

This qualification is designed for security professionals seeking to grasp both the technical and business dimensions of the field, as well as anyone aspiring to build a career in security architecture.

• System administrators aiming to transition into the role of security architects.
• Technical architects looking to specialise in security architecture.

Additionally, this certificate provides a complimentary certification for individuals who have been awarded or are pursuing CCP status in IA.

What will I learn?

Upon completion, candidates will be able to:

• Analyze the business environment and identify information risks relevant to specific systems.
• Articulate and apply fundamental security design principles.
• Spot information risks stemming from potential solution architectures.
• Design alternative architectures or implement countermeasures to mitigate these risks.
• Verify that proposed architectures and countermeasures effectively address identified information risks.
• Utilize standard security techniques and architectures to reduce security risks.
• Create new architectures that mitigate risks associated with emerging technologies and business practices.
• Offer consultancy and advice to clarify Information Assurance and architectural challenges.
• Securely configure ICT systems in alignment with approved security architectures.

Who is it for:

Any professional engaged in the fields of information security and information assurance.

What will I learn:

Candidates will be expected to demonstrate:

• The significant business advantages derived from effective information risk management.
• The ability to articulate and fully utilize the terminology associated with information risk management.
• The methods for conducting threat and vulnerability assessments, business impact analyses, and risk assessments.
• The core principles governing controls and risk treatment.
• Techniques for presenting findings in a format suitable for developing a risk treatment plan.
• The application of information classification schemes.

The Business Impact Analysis (BIA) employs a structured methodology to identify and evaluate the criticality of an organization's processes during disruptions.

This consulting engagement targets operational and administrative leaders seeking to map, analyze, and document business processes to enhance continuity and resilience.

Upon completion of this engagement, the organization will be equipped to:

• Identify critical processes across Finance, Supply Chain, and Quality domains.
• Assess the operational, financial, legal, and reputational consequences of disruptions.
• Establish recovery priorities, including Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO), for critical processes.
• Develop a process criticality matrix along with recommendations for continuity planning.

Engagement Format

• Initial kick-off and scoping sessions.
• Interactive workshops with process owners.
• Analysis of real-world cases and data collection.
• Group sessions to construct causal and impact diagrams.
• Drafting and presentation of the final BIA report.

Evaluation Criteria

• Active participation in workshops and data collection (20%).
• Contribution to impact analysis and scenario discussions (40%).
• Validation and feedback on the draft BIA report (40%).

Customization Options

• To request adjustments to the scope of this engagement, please contact us to arrange.

The EC-Council’s CCISO Program has certified leading information security professionals around the world. A core group of high-level information security executives, the CCISO Advisory Board, contributed by forming the foundation of the program and outlining the content that would be covered by the exam, body of knowledge, and training. Some members of the Board contributed as authors, others as exam writers, others as quality assurance checks, and still others as trainers. Each segment of the program was developed with the aspiring CISO in mind and looks to transfer the knowledge of seasoned professionals to the next generation in the areas that are most critical in the development and maintenance of a successful information security program.

The Certified CISO (CCISO) program is the first of its kind training and certification program aimed at producing top-level information security executives. The CCISO does not focus solely on technical knowledge but on the application of information security management principles from an executive management point of view. The program was developed by sitting CISOs for current and aspiring CISOs.

Description:

CISA® stands as the globally recognised and most widely sought-after certification for professionals operating in information systems (IS) audit and IT risk consulting.

Our CISA course is an intensive, highly competitive, and exam-oriented training programme. Leveraging extensive experience in delivering over 150 CISA training sessions across Europe and globally, and having trained more than 1,200 delegates, Net Security has developed its in-house CISA training materials with the primary objective of ensuring delegates pass the ISACA CISA® Exam. The methodology emphasises a deep understanding of CISA IS auditing concepts alongside rigorous practice using question banks released by ISACA over the last three years. CISA-certified professionals have consistently been in high demand among renowned accounting firms, global banks, advisory and assurance consultancies, as well as internal audit departments.

While delegates may possess years of IT auditing experience, their ability to tackle CISA questionnaires relies heavily on their grasp of globally accepted IT assurance practices. The CISA exam is notoriously challenging due to the close proximity of potential answers, testing the candidate's nuanced understanding of global IT auditing standards. To address these challenges, we provide expert trainers with extensive global experience in delivering CISA training.

The Net Security CISA manual encompasses all exam-relevant concepts, case studies, and Q&A sections across the five CISA domains. Additionally, the trainer provides key supporting materials such as CISA notes, question banks, a glossary, videos, revision documents, exam tips, and mind maps throughout the course.

Goal:

The ultimate goal is to pass your CISA examination on the first attempt.

Objectives:

• Apply gained knowledge practically to benefit your organisation.
• Deliver audit services in compliance with IT audit standards.
• Provide assurance on leadership, organisational structure, and processes.
• Provide assurance on the acquisition, development, testing, and implementation of IT assets.
• Provide assurance on IT operations, including service operations and third-party interactions.
• Provide assurance on the organisation’s security policies, standards, procedures, and controls to ensure the confidentiality, integrity, and availability of information assets.

Target Audience:

Finance and CPA professionals, IT professionals, internal and external auditors, and information security and risk consulting professionals.

This instructor-led, live training in Kenya (online or onsite) is designed for beginner to intermediate system administrators and security professionals who wish to learn how to implement Cloudflare for content delivery and cloud security, as well as mitigate DDoS attacks.

Upon completion of this training, participants will be equipped to:

• Configure Cloudflare for their websites.
• Set up DNS records and SSL certificates.
• Deploy Cloudflare for content delivery and caching.
• Shield their websites from DDoS attacks.
• Establish firewall rules to control and restrict traffic to their websites.

Description:

This course is designed as an intensive, rigorous preparation for the ISACA Certified Information Systems Auditor (CRISC) Examination. It comprehensively covers the four latest domains of the ISACA CRISC syllabus, placing a strong emphasis on examination readiness. Participants will also receive the official ISACA CRISC Review Manual and the accompanying Question, Answer and Explanation (Q,A&E) supplements. The Q,A&E resource is particularly valuable for helping candidates understand the specific style of ISACA questions, identifying the types of answers ISACA seeks, and facilitating rapid retention of the study material.

The technical skills and practices promoted and evaluated by ISACA for the CRISC certification form the foundation of success in this profession. Holding the CRISC certification validates your expertise within the industry. Given the increasing demand for professionals with risk and control expertise, ISACA’s CRISC has become the preferred certification for individuals and organizations globally. The CRISC certification reflects a dedication to serving both an enterprise and the profession with excellence.

Objectives:

• To assist you in passing the CRISC examination on your first attempt.
• To demonstrate your commitment to delivering exceptional service to an enterprise through this certification.
• To leverage the growing market demand for professionals with risk and control skills, enabling certification holders to secure better career positions and salaries.

You will learn:

• How to help enterprises achieve their business objectives by designing, implementing, monitoring, and maintaining efficient and effective risk-based IS controls.
• The technical skills and practices advocated by CRISC, which serve as the fundamental building blocks for success in this field.

This instructor-led, live training in Kenya (online or onsite) is aimed at intermediate-level IT professionals who wish to enhance their skills in identifying and managing IT risk and implementing information systems controls, and prepare for the CRISC certification exam.

By the end of this training, participants will be able to:

• Understand the governance and risk management aspects of IT.
• Conduct IT risk assessments and implement risk responses.
• Design and implement information systems controls.
• Prepare effectively for the CRISC certification exam.

This instructor-led, live training in Kenya (online or onsite) is aimed at intermediate to advanced IT professionals and business leaders who wish to develop a structured approach to handling data breaches.

By the end of this training, participants will be able to:

• Understand the causes and consequences of data breaches.
• Develop and implement data breach prevention strategies.
• Establish an incident response plan to contain and mitigate breaches.
• Conduct forensic investigations and assess the impact of breaches.
• Comply with legal and regulatory requirements for breach notification.
• Recover from data breaches and strengthen security postures.

This instructor-led live training in Kenya (online or on-site) is designed for developers and administrators who wish to produce software and products that are HiTrust compliant.

By the end of this training, participants will be able to:

• Understand the key concepts of the HiTrust CSF (Common Security Framework).
• Identify the HITRUST CSF administrative and security control domains.
• Learn about the different types of HiTrust assessments and scoring.
• Understand the certification process and requirements for HiTrust compliance.
• Know the best practices and tips for adopting the HiTrust approach.

Description:

This course serves as the non-certified counterpart to the "CISA - Certified Information Systems Auditor" programme. The CISA® certification stands as the globally recognized and most widely adopted credential for professionals specializing in IS audit and IT risk consulting.

Key Objectives:

• Leverage acquired knowledge to drive value for your organization
• Deliver audit services that adhere to established IT audit standards
• Offer assurance regarding leadership structures, organizational frameworks, and operational processes
• Provide assurance on the acquisition, development, testing, and deployment of IT assets
• Ensure assurance over IT operations, encompassing service management and third-party engagements
• Validate organizational security policies, standards, procedures, and controls to safeguard the confidentiality, integrity, and availability of information assets.

Target Audience:

Finance and Chartered Professional Accountants (CPA) professionals, Information Technology (IT) specialists, Internal and External auditors, as well as experts in information security and risk consulting.

Why should you attend?

This training course is designed to help participants understand the fundamental concepts and principles of a business continuity management system (BCMS) based on ISO 22301. By attending this training course, participants will learn more about the structure and requirements of the standard including the BCMS policy, the top management’s commitment, internal audit, management review, and continual improvement process.

After attending the training course, you can sit the exam and, if you successfully pass it, you can apply for the “PECB Certificate Holder in ISO 22301 Foundation” credential. A PECB Foundation certificate shows that you have knowledge on the fundamental concepts, principles, methodologies, requirements, framework, and management approach used in business continuity.

Who should attend?

• Individuals involved in business continuity
• Individuals seeking to gain knowledge about the main processes of business continuity management systems (BCMS)
• Individuals interested to pursue a career in business continuity

Learning objectives

• Acknowledge the correlation between ISO 22301 and other standards and regulatory frameworks
• Understand the components and the operation of a BCMS based on ISO 22301 and its principal processes
• Understand the concepts, approaches, methods, and techniques used for the implementation and management of a BCMS

Educational approach

• Lecture sessions include discussion questions and examples.
• The exercises include multiple-choice quizzes.
• The participants are encouraged to intercommunicate and engage in discussion and the completion of quizzes.
• Quizzes are similar to the certificate exam.

This instructor-led live training in Kenya (available online or on-site) is designed for security engineers who wish to leverage IBM QRadar SIEM to address critical security use cases.

By the end of this training, participants will be able to:

• Gain visibility into enterprise data across on-premise and cloud environments.
• Automate security intelligence to hunt threats and to contain risks.
• Detect, identify, and prioritize threats.

This training will enable you to:

• Deploy robust, high-availability email protection against evolving and dynamic threats impacting your organisation
• Acquire cutting-edge career skills specifically focused on enterprise security

Course Objectives

Upon completion of this course, you should be able to:

• Describe and administer the Cisco Email Security Appliance (ESA)
• Manage sender and recipient domains
• Control spam using Talos SenderBase and anti-spam technologies
• Utilise anti-virus and outbreak filters
• Implement mail policies
• Apply content filters
• Use message filters to enforce email policies
• Prevent data loss
• Conduct LDAP queries
• Authenticate Simple Mail Transfer Protocol (SMTP) sessions
• Verify email authenticity
• Encrypt email communications
• Utilise system quarantines and delivery methods
• Perform centralized management via clusters
• Conduct testing and troubleshooting

This instructor-led live training in Kenya (online or onsite) is tailored for developers who wish to integrate Snyk into their development tools to identify and resolve security issues in their code.

By the end of this training, participants will be able to:

• Understand the features and structure of Snyk.
• Use Snyk to find and fix code security issues.
• Integrate Snyk in a software development lifecycle.