Information security in practice
What you'll learn
- The course covers the main concepts related to information security.
- How to protect information and make balance between availability, confidentiality and integrity of information?
- What are available techniques from network, application, and physical security perspective?
- What information needs to be secured?
- How to evaluate your information assets? How to make risk assessment? What is the difference between risk assessment and audit?
- What are the regulations and standards in information security domain?
- How to run security operations?
- How to handle disasters and security incidents?
- What are ethical consideration in information security domain?
- How to utilize both offensive (penetration testing) and defensive security for the benefits of the information security of your orgaization
- Basic knowledge of computer science and networking can help
- Interest in information and cyber security
- Desire to learn
In this course, you will learn the basics of information security and how to apply information security principles to your home environment or organization, regardless of its size.
Information security, sometimes shortened to infosec, is the practice of protecting information by mitigating information risks. It is part of information risk management. It typically involves preventing or at least reducing the probability of unauthorized/inappropriate access, use, disclosure, disruption, deletion/destruction, corruption, modification, inspection, recording or devaluation, although it may also involve reducing the adverse impacts of incidents.
The course is tough by Dr. Nikola Milosevic, a PhD in computer science with track record of publications and successful projects in information and cyber-security. Nikola is OWASP chapter and project leader and has been teaching on several reputable Universities over the past 5 years. I have also published scientific papers on malware analysis. Now he wants to share this knowledge with you and help you develop your career!
This course is following the content of the CISSP (Certified Information Security Systems Professional) certification.
The content of the course is suitable for both beginners and intermediate students interested in information security.
In this course you will learn about:
The motivation for having an information security framework
Types of information security controls (application, network, physical security)
Information security risk management
How to evaluate information assets of your organization
How to perform a risk assessment and where to include information security controls
How to perform audits and when
How to manage security operation of a certain organization
What are and how to respond to information security incidents (Incident response)
How to handle disaster recovery
Ethics of information security
What laws and regulations are in place (this may be specific to the UK and EU, as it includes talks about GDPR but tries to generalize)
Security standards in information security (ISO27001, ISO27003, ISO27005)
History and main algorithms used for information security
Basics of network security
Basics of application security
Basics of physical security
The tools that the course will be utilizing will be all open sources (such as SNORT or OSSEC).
Who this course is for:
This course is for anyone who wants to become an expert in cyber-security and information security. This volume covers the required foundation building blocks of that skillset.
For anyone who would love to gain a practical skillset in mitigating the risk from various kinds of information security threats and would like to learn about managing information in the organization.
For beginners and intermediate information security enthusiasts who are interested in security, safety, and privacy.
This course is designed for personal and corporate information security.
The content of this course was delivered also in the University settings.
Who this course is for:
- This course is aimed at people wanting to start their careers in information security space.
- This course is for anyone who wants to become an expert in cyber-security and information security. This volume covers the required foundation building blocks of that skill-set.
- People wanting to go for CISSP certification
- For anyone who would love to gain a practical skillset in mitigating the risk from various kinds of information security threats and would like to learn about managing information in the organization.
- For beginners and intermediate information security enthusiasts who are interested in security, safety, and privacy.
- This course is designed for personal and corporate information security.
Nikola got his PhD in computer science in 2018 from the University of Manchester. Before doing a PhD he obtained a wide experience in industry positions raging from startup companies to large corporations. He has published a number of papers in the areas of artificial intelligence (AI), machine learning, text mining, natural language processing and cyber-security. Nikola is OWASP chapter and project leader.