IT Security & Cyber-Crime Prevention

ICT and Security Management

Course Overview

Information technology has created a new category of criminality, as cybercrime offers hackers and other tech-savvy miscreants’ opportunities for online fraud, identity theft and other cyber-attacks. Denial of service (DDOS), botnets and malware are just a few of the techniques being used to target critical corporate data and business IT users. You will be introduced to a full range of cyber-security risks facing corporate business and other large organisations. Using practical examples you will see how cyber-crime is committed and the impact it can have. 

Importantly you will gain a practical understanding of the role you can play in identifying key vulnerability and gaps in business processes, and specifying the most appropriate control frameworks to reduce exposure

Course Objectives

  • Best practices and industry standards for data security
  • Firewalls, data encryption, and other preventative methods
  • Digital forensic tools and forensic analysis procedures
  • Legal protocols for collecting and protecting digital evidence
  • The criminal justice system in relation to cybercrimes

Course Outline

Risk Analysis–Approved Risk Analysis Methods

  • Risk Analysis for Facilities and Structures
  • Many Interested Stakeholders and Agendas
  • Commercially Available Software Tools
  • Risk Analysis Basics
  • Risk Assessment Steps
  • Which Methodology to Use?

Risk Analysis Skills and Tools

  • Skill #1: Gathering Data
  • Skill #2: Research and Evidence Gathering
  • Skill #3: Critical Thinking in the Risk Analysis Process
  • Skill #4: Quantitative Analysis
  • Skill #5: Qualitative Analysis
  • Skill #6: Countermeasure Selection
  • Skill #7: Report Writing

Commercially Available Software Tools

  • Lesser Software Tools
  • Affordable Tool Examples

Critical Thinking and the Risk Analysis Process

  • Overview of Critical Thinking
  • The Importance of Critical Thinking
  • Analysis Requires Critical Thinking
  • The Eight Elements That Make Up the Thinking Process
  • The Concepts, Goals, Principles, and Elements of Critical Thinking 

Define Scenarios and Evaluate Specific Consequences

  • Asset / Attack Matrix
  • Threat / Target Nexus Matrix
  • Weapons / Target Nexus Matrix
  • Adversary Sequence Diagram Path Analysis
  • Surveillance Opportunities Matrix
  • Evaluate Vulnerability
  • Survey Points
  • Quantitative Analysis Matrices
  • Determine Accessibility
  • Identify Intrinsic Vulnerabilities
  • Natural Countermeasures

Evaluate Effectiveness of Existing Security Measures

  • The Vulnerability Calculation Spread sheet
  • Qualitative Analysis Section
  • Vulnerability Detail Spread sheet
  • Vulnerability Detail Matrix

Resources for Likelihood

  • Viewing the Range of Possible Threat Actors
  • Criminal versus Terrorism Likelihood Resources
  • General Comparison for Resources
  • Terrorism Asset Target Value Estimates
  • Criminal Incident Likelihood Estimates
  • Criminal Statistics
  • Economic Crime Asset Target Value Estimate
  • Non-terrorism Violent Crime Asset Target Value Estimate
  • Petty Crimes Asset Target Value Estimate

The Risk Analysis Process

  • The Complete Risk Analysis Process
  • The Risk Analysis Process
  • Diagram Analysis
  • Asset Target Value Matrices
  • Probability Summary Matrix
  • Vulnerability Components
  • Prioritizing Risk
  • Prioritization Criteria
  • Natural Prioritization (Prioritizing by Formula)
  • Prioritization of Risk
  • Communicating Priorities Effectively
  • Best Practices Ranking Risk Results

Security Policy Introduction

  • The Hierarchy of Security Program Development
  • What Are Policies, Standards, Guidelines, and Procedures?
  • Other Key Documents
  • The Key Role in Policies in the Overall Security Program
  • Benefits to Having Proper Policies
  • Security Policy and Countermeasure Goals
  • The Role of Policies in the Security Program 

The Role of Countermeasures in the Security Program

  • Why Should Policies Precede Countermeasures?
  • Security Policy Goals
  • Security Countermeasure Goals
  • Policy Support for Countermeasures
  • Key Policies

Process for Developing and Introducing Security Policies

  • Triggers for Policy Changes
  • Policy Request Review
  • Policy Impact Statement
  • Subject Matter Expert and Management Review Process
  • Policy Requirements
  • Basic Security Policies
  • Security Policy Implementation Guidelines
  • Regulatory-Driven Policies
  • Non-regulatory-Driven Policies

Countermeasure Goals and Strategies

  • Countermeasure Objectives, Goals, and Strategies
  • Access Control
  • Deterrence
  • Detection
  • Assessment
  • Response (Including Delay)
  • Evidence Gathering
  • Comply with the Business Culture of the Organization
  • Minimize Impediments to Normal Business Operations
  • Safe and Secure Environments
  • Design Programs to Mitigate Possible Harm from Hazards and Threat Actors

Types of Countermeasures

  • Baseline Security Program
  • Specific Countermeasures
  • Countermeasure Selection Basics
  • The Challenge
  • Countermeasure Effectiveness
  • Functions of Countermeasures
  • Countermeasure Effectiveness
  • Helping Decision Makers Reach a Consensus on Countermeasure Alternatives 

Security Effectiveness Metrics

  • A Useful Commercial Model
  • What Kind of Information Do We Need to Evaluate to Determine Security

Program Effectiveness?

  • What Kind of Metrics Can Help Us Analyse Security Program Effectiveness?
  • Adversary Sequence Diagrams
  • Vulnerability / Countermeasure Matrix
  • Security Event Logs
  • Patrol Logs (Vulnerabilities Spotting / Violations Spotting)
  • Annual Risk Analysis

Cost-Effectiveness Metrics

  • What Are the Limitations of Cost-Effectiveness Metrics?
  • What Metrics Can Be Used to Determine Cost-Effectiveness?
  • Communicating Priorities Effectively
  • Basis of Argument
  • Complete Cost-Effectiveness Matrix
  • Complete Cost-Effectiveness Matrix Elements

Writing Effective Reports

  • The Comprehensive Risk Analysis Report
  • Asset / Attack Matrix
  • Threat / Target Nexus Matrix
  • Weapon / Target Nexus Matrix
  • Surveillance Opportunities
  • Risk Calculation
  • Baseline Security Program
  • Identifying Key Assets for Special Consideration
  • Develop Countermeasure Budgets
  • Countermeasure Implementation Recommendations
  • Report Supplements
  • Risk Register
Study Online


1 Week Face to Face Classes


2 Week Face to Face Classes


Course Features
  • 8 Weeks Online
  • 1-2 Weeks Classes
  • Certified

Join our Training Program!

We'll help you to grow your career and growth.
Join for Free