Introduction to Security and Privacy Controls
What you'll learn
- You'll learn how to protect data both in the physical and digital worlds
- You'll learn how to keep people, servers and locations secure
- You'll learn about data protection at different stages and in different mediums, as well as policies for it
- You'll learn about the technical demands of certain controls, such as encryption, data retention and others
- No requirements - knowledge of Information Security helps, but is NOT needed
SECURE YOUR KNOWLEDGE, SECURE YOUR ORGANISATION
Information Security and Cybersecurity are broad areas, with a lot to cover.
Usually, you find information about them in highly complex technical manuals with hundreds of pages, or in other formats with no clear real-world applications.
What if you could find a simple, clear course about the most common types of security controls, in plain language, with no complexity?
This is what this course aims to cover.
In this course, you will find the most common types of security controls for people data, locations and other categories.
The language will be simple so that new professionals can understand the basics, but we also include additional, optional more complex information for the experienced.
If you wish to know more about the different types of security controls in organisations, this is the course!
THE PERFECT COURSE... FOR WHOM?
This course is targeted at different types of people.
Naturally, if you're a current or future Information Security or Cybersecurity professional, you will find this course useful, as well as if you are any other professional or executive involved in the protection of data or people within an organisation.
But even if you're any other type of professional that aims to know more about how security controls work, you'll find the course useful.
More specifically, you're the ideal student for this course if:
You're someone who is curious about how data are protected, both in the digital world but also the "real world";
You're someone who wants to know more about how visitors are controlled, how authentication for locked doors occurs, and how other controls protect physical locations;
You're someone who wants to know more about how data are protected at rest, in transit, and when destroyed, as well as for different levels of sensitivity;
LET ME TELL YOU... EVERYTHING
Some people - including me - love to know what they're getting in a package.
And by this, I mean, EVERYTHING that is in the package.
So, here is a list of everything that this masterclass covers:
You will learn about code analysis, which is the analysis of either the source code or the running binary of an application to find security vulnerabilities within them - internal or external;
You will learn about setting controls by data classification, which is about defining different classes for data based on their sensitivity, and then defining security controls of different levels of strength accordingly;
You will learn about cryptographic protection, commonly known as encryption. How to protect data with encryption, what best practices to follow related to protocol versions and key management, and more;
You will learn about data de-identification and anonymisation, consisting of removing the sensitive parts of data, which usually contain Personally Identifiable Information (PII), to make the data less sensitive and allow it to be shared;
You'll get to know data governance structures, such as boards and committees, that drive data governance decisions in an organisation, and possibly focusing on specific topics such as data ethics or data integrity;
You'l learn how data purposes and authority work, by defining acceptable uses for the processing of data, and how to ensure that specific users and roles have permission based on their use case;
You'll learn about data retention and disposal - why data retention must be minimised due to the vulnerabilities data present (both in terms of the timeframe and the quantity of data retained), and also how to dispose of data securely;
You'll learn about locked rooms, devices and ports, placing physical barriers in front of attackers to prevent them from accessing physical media, servers or systems;
You'll learn about media downgrading and redaction, which consists of eliminating the sensitive information contained in a physical medium of data in order to allow that medium to be shared more easily;
You'll learn about physical media protection, including measures ranging from visitor control, locked rooms, secure destruction, and many others, ensuring the integrity of data in physical media at rest, in transit and during destruction;
You'll learn about service provider assessment and monitoring - that is, why it's crucial to gauge service providers according to a set of criteria, and how to ensure they both comply with your security control needs but also mitigate the risks they present to you;
You'll learn about visitor controls, including the information obtained from visitors, credential expiration, differentiation between employee credentials and visitor credentials, and other controls to ensure visitors cannot bring harm to the organisation;
MY INVITATION TO YOU
Remember that you always have a 30-day money-back guarantee, so there is no risk for you.
Also, I suggest you make use of the free preview videos to make sure the course really is a fit. I don't want you to waste your money.
If you think this course is a fit and can take your data quality knowledge to the next level... it would be a pleasure to have you as a student.
See you on the other side!
Who this course is for:
- Current or prospective security professionals
- Anyone who wants to learn about how to better protect their data
- Anyone who wants to learn more about Information Security and/or Cybersecurity
I have what could be considered an unconventional background as a coach. I don’t come from psychology or medicine. In fact, I come from tech. I created two tech startups that reached million-dollar valuations, backed by the MIT-Portugal IEI startup accelerator, afterwards becoming its Intelligence Lead.
After years of coaching and mentoring startup founders on talent management, emotional management, influence and persuasion, among other topics, I started being requested by executives and investors, like venture capitalists, with more complex, large-scale problems.
After years of doing executive work, I started specializing in coaching asset management professionals. With the signing of my first fund manager/CIO clients, I started adapting my performance and influence techniques for purposes such as talent management for PMs and analysts, fundraising from allocators, effective leading a team, and properly assessing talent for compensation/promotion/allocation increases.
I currently provide performance coaching and influence/persuasion coaching for executives and asset management professionals, mostly but not limited to purposes like managing people, leading and closing sales/capital commitments.