ATI's Chief Information Security Officer (CISO) Fundamentals course
The role of the Chief Information Security Officer continues to evolve and mature with the blending of technology protection aligned with organizational objectives.
This three-day course provides a comprehensive view at all the various technical and non-technical challenges that CISO’s face, both internally and externally to the organization. Whether you’re a seasoned pro or looking for the path to becoming a CISO, this course will provide value. The course will focus on Data Governance, Business Resiliency, Investment & Measurement, and Legal & Liability challenges, Secure Architecture Strategies, Operational Risk Management, Threats Vulnerabilities & Countermeasures, Systems Security Engineering, as well as Strategic Planning and Leadership. A core aspect of this course will be to define and discuss the unique challenges that students face both within the federal and private sectors. Each student will receive a complete set of lecture notes plus a data CD containing a robust set of references and tools.
Adam Meyer is currently the Chief Information Security Officer for the Washington Metropolitan Area Transit Authority, the second largest public transportation system in the country. Prior to becoming the CISO for WMATA, Adam served as the Director of Information Assurance/Cyber Security for the Naval Air Warfare Center. Prior to focusing on the Cyber Security discipline, Adam has served in positions supporting Network Engineering & Operations, Enterprise Architecture & Configuration Management, Emergency Power and Systems Engineering for organizations such as White House Communications, Army Pentagon, Joint Interoperability Test Command (JITC) and the Intelligence Community. He served as a Professor of Practice and IA Advisory board member for Capitol College
Adam received his undergraduate degree in Information Technology Management from American Military University, a master’s degree in Information Assurance from Capitol College and holds multiple CISSP and CNSSI certifications.
Contact this instructor (please mention course name in the subject line)
What You Will Learn:
- In depth view of the CISO role and how to become one
- How to translate between tactical and strategic cyber security efforts and translate them into organizational needs
- How to protect your organization from threats and liability
- Data Governance efforts around Privacy, HIPPA, Safety, Legal, Financial, PCI, and Critical Infrastructure
- How to select the most appropriate solutions based on user and business requirements.
- Introduction. The CISO Role, and its evolution as well as forecast to where the role may grow.
- Business Resilience. A holistic view of enterprise risks that organizations face and techniques of how the CISO can respond to those risks. The goals and practices of the CERT- Resiliency Management Model will be used throughout the discussion.
- Data Governance. In order for users to be productive, data must be shared and with the sharing of data comes risk to the organization. This section will discuss various data governance challenges and what to strategies you can use to lower your exposure while keeping users productive.
- Operational Risk Management. There are many risk management frameworks in publication however each organization is unique. This section will discuss the various frameworks. The pro’s, Con’s and overlap for each and how you can leverage the good stuff tactically.
- Investment & Measurement. Discussions around “How Much capability do I get per dollar spent?” and “Compliance does not result in good security, but good security does result in compliance” will be central themes throughout this section. You will learn about what really matters and how to invest in those capabilities. Basic budgeting, contracts, total cost of ownership and technology financial planning will also be covered.
- Systems Security Engineering. We are vulnerable because we deploy vulnerable systems, in this section various Systems Security Engineering practices will be covered and how to rally leadership to invest in them.
- Threats, Vulnerabilities and Countermeasures. We will discuss the various threats to the organization from cyber crime to nation state activities and intellectual property protection. Additionally we will discuss the history of countermeasures used, how effective they are and what the future holds.
- Secure Architecture Strategies. An in depth technical section encompassing all layer of architecture challenges, from Mobile devices, to cloud, tactical and strategic sensors, Identity management and discussion on a zero trust environment.
- Legal & Liability. Do you know what records are open to e-Discovery? Did you know that you could need Cyber Insurance? We will discuss the hidden risk that technologists may not be aware of and how you can manage those issues.
Tuition for this three-day course is $1740 per person at one of our scheduled public courses. Onsite pricing is available. Please call us at 410-956-8805 or send an email to firstname.lastname@example.org.