Embed Size (px)
Citation preview
Planning a Security Training Path:
Who Needs Training and Why
Agenda
• The Need to Focus on Cybersecurity
• The Cybersecurity Training Path
• The Training Opportunity
• CyberSAFE
• CompTIA
• CyberSec First Responder
• Advanced Security Courses
• Q/A
Why is a security solution
important?
A SECURITY IS A
GLOBAL CHALLENGE.
Limiting Business Growth
• The average cyber attack:
• Is detected in 170 days
• Is resolved in 45 days once detected
• Costs the organization $1.6 million
• There’s more than lost profits at risk
• Compromised customer data
• Business disruption
• Reputational damage and legal action
• Stolen employee information
Beyond the Fortune 1000
• SMBs need to be concerned about cybercrime as well
• Studies indicate 60% of SMBs go out of business
within six months of an attack
• Smaller companies lack the resources of corporate
America
• The SMB is the driver of the American economy
• 64% of all net-new jobs
• 54% of all US sales
Solutions to the Problem
• Traditionally businesses have relied on preventative
measures to protect networks
• Firewalls, antivirus software, etc.
• Securing networks requires a
multi-faceted approach
• HW/SW solutions
• Process
• People
• The key is ensuring all are working together to
strengthen an organization’s security posture
The Importance of People
• No amount of investment in HW/SW solutions will
totally protect your network
• Process is key, though useless without trained
professionals to implement it
• People are the key piece of the
security puzzle
• Develop, operate, manage,
and enforce an organization’s
security capabilities
Build Organizational
Security Capabilities
All Staff IT PersonnelSecurity
Team
How do we ensure we’re
securing the company from
the ground-up?
Most security programs focus on
training IT.
Key Benefits
• Develops an understanding of the role employees play in
security
• Peer-to-peer interaction facilitates learning
• Assessment exam validates learning
• Move security beyond an “IT Problem”
Key Messaging
• Builds organizational security capabilities through the
education of end-users
• Emphasizes the importance of sound information security
practices in our daily lives
• The prevalence of BYOD exposes organizations to more
threats, and requires end-user education to ensure the
technology is utilized properly
• Allows organizations to quickly increase their security
posture, with minimal investment
CyberSAFE Readiness Test
• A complimentary assessment intended to gauge
employees’ preparedness against imminent cyber threats
• Comprised of 15 questions that are designed to measure
an individual’s knowledge of how to detect and avoid
common cyber threats
• Logical Operations can provide you with an access key
and instructions
CompTIA A+CompTIA
• A+
Foundational IT skills across devices and operating
systems
• Network+
Design, configure, manage and troubleshoot wired and
wireless devices
• Security+
Best practices in securing a wired and wireless network
and managing risk
A Holistic Approach to
Security Training
CyberSec First Responder Exam CFR-210 Domains and Information
Exam Domains:
• Threat Landscape: 25%
• Passive Data Driven Analysis: 27%
• Active Asset and Network Analysis: 28%
• Incident Response Lifecycle: 20%
Key Facts:
• Available at PearsonVUE Testing centers worldwide
• ProCert Accredited – ANSI/DoD approval forthcoming
CyberSec First Responder: Threat Detection and Response
BEFORE
DURING
DURING & AFTER
• Assessing security risk and posture
• Analyzing threats
• Collecting real-time security intelligence
• Analyzing security intelligence
• Responding and Investigating incidents
Technical Course Details
• Recommend 2+ years experience in computer networking
security or related fields
• Foundational understanding of network security
concepts (firewalls, IPS, VPN, etc.)
• Suggested preparation
• CompTIA A+
• CompTIA Network+
• CompTIA Security +
Typical Job Titles
• Cybersecurity Practitioner
• Cybersecurity Specialist
• IT Security Analyst
• Security Operations Center Analyst
• Security Engineer
• Incident Responder
• Information Systems Analyst/Engineer/Manager
• Network Security Analyst/Engineer/Manager
• Network/Security Administrators of any kind
Key Benefits
• Touches on important points relative to before, during,
and after an attack
• Focuses on the reality of an attack and how to respond
• Active threat analysis and incident response
• Vendor-neutral approach to security
• Applicable for any hardware/software configuration
• Secure networks without additional technology spend
Have you seen CFR?
• Get Certified Get Ahead Blog Posts
• IDG Interviews and Responding/Investigating
Cybersecurity Incidents free courses
• California Technology Council endorsement
• SmartBrief, Cyber Defense Magazine campaigns
• GoCertify.com Assessment Questions
• Additional activities upcoming!
Course + Exam
CFR Course = 29 Hours of CEU credit towards CompTIA A+, CompTIA
Network+, CompTIA Security+, and CompTIA CASP.
CFR Exam = a passing score provides 15 CEU credits for Security+ and
8 CEU credits for CASP
3 YEAR PERIOD
Someone with the following certs needs:
– A+ = 20 CEU
– Network+ = 30 CEU
– Security+ = 50 CEU
– CASP = 75 CEU
Plus CompTIA CEUs
Course + Exam
CFR Course = up to 36 Hours of CPE credit toward any GIAC
certification.
CFR Exam = minimum of 18 CPE credits, possibility for 36 CPE credits.
Details
Demonstration of CFR’s relevance to applicable certification is required.
Course delivery must be by an approved affiliate.
Exam must be accredited by an approved affiliate for 36 CPEs.
36 CPEs are required for GIAC certification renewal every four years.
GIAC CPEs
THANK YOU.
Christine Harper
585.350.7021
Inside Sales
1.800.889.8350
