Security Operations

This module will build upon the concepts of the previous modules where Information Security Governance, the Implementation of Security Controls, implementing a Secure Architecture are key building blocks to set up a qualitative Security Operations team. 

Information technology has become critical for most modern businesses that cyber risk has become a business risk. Security Operations teams are facing more pressure than ever to help manage this risk by identifying and responding to threats across a diverse set of technical assets, business processes, and users in a pro-active and reactive way. This module will learn how to design defences around the unique organizational requirements and its risk profile. We will give you the tools to build an intelligence-driven defence, measure progress towards your goals, and develop more advanced processes like threat hunting, active defence, and continuous Security Operations assessment.  

Participants will gain a good understanding of the core and auxiliary functions of a Security Operations team and the possible implementation models depending on the organization size and characteristics. 

The module will provide tools and frameworks for operational planning that will focus on key aspects like defence theory and mental models to understand and map potential adversaries, telemetry and analysis, attack detection and the investigative process, incident response and crisis communication up to assessment tools and frameworks to strive for continuous improvement.