Week 1 – Setting the Scene

• Introductory concepts, definitions, drivers
  • Information and Information assets
  • Information vs Data
  • Information lifecycle
• Information Superhighway; its origins, how it works and why security threats is ever evolving
  • Open system interconnectivity (OSI) framework
  • Global Interconnectivity, TCPIP, Networks
  • IP Routing, DNS others
  • Internet governance & the roles of internet standards bodies & how they work (IGF, IETF, IANA, ICANN etc)
• Definitions & purpose of information security
  • Information attributes covered under security
  • Why information security is becoming ever so important across all spheres of human endeavours
  • Threats & Vulnerabilities
  • Cyber security risk
• Threat modelling
  • Threat actors, vectors, and intelligence sources
• Cyber Crime & Cyber Warfare
• Trust, Privacy & Civil liberty                  –
• Information security professionalism and ethics

Week 2 – Framing

• Concept of client, server, source and destination
• Security Architecture & design
  • Scope & boundaries
  • Traditional approaches & their drawbacks
  • Regulatory standards
  • Industry standards & frameworks
• Security domains
  • Identity management
  • Authentication & Authorisation
  • Networks
  • Endpoint & Systems
  • Access control
  • Physical & Environmental
  • Personnel Security
• Ports & Protocols
  • Secure & insecure protocols
  • IP Security
• Segmentation
• Principles of defence in-depth
• Types of firewalls
• Limitations of firewalls
• Concept of Trust & Zero trust
• Web proxies
• Web application firewalls
• The layers / points of weakness & Cyber risk

Week 3 – Cloud Technology

• What is Cloud – key characteristics and attributes
• Cloud models – 3 main cloud delivery models
• The foundational knowledge of cloud, digital evolution & innovation as a key market disrupter
• Why cloud is at the heart of the nexus of the 4th industrial revolution
• Data
  • Cloud data Vs Data in the cloud
  • Data proliferation, & dispersal
  • Service provider security controls
• Cloud security risks
• About IoT, AI and Automation etc
• Cloud security governance
  • Shared responsibility
  • Accountability Vs Responsibility
  • Control & Visibility

Week 4 – Security Testing

• What is security testing
• Why is security testing important
• Types of tests
  • Vulnerability scanning
  • Network penetration test
  • Application penetration test
  • Security configuration test
• Cyber kill chain
• Advanced persistent threats
• Testing tools
  • Open source
  • Commercial tool
• Interpreting & scoring security test

Week 5 – Security Governance & Controls

• Information Security Governance
• Controls Framework
• Risk Management
• Policies, Standards, Processes & Procedures
• Types of controls
• Control Mechanisms
• Legal, Regulatory & Compliance
• Cryptography & Encryption
  • Role of Cryptography
  • Types Encryption
  • Cryptographic standards
  • Cryptographic key management
  • Common encryption models
  • Public key Infrastructure

Week 6 – OS, Data & Network Security

• Introduction to OS (operating systems) & endpoint security
• Introduction to data security and data loss prevention
• Introduction to Network Security
• Software development lifecycle

Week 7 – Security Operations, Application & Cloud Security

• Introduction to Application Security
• Introduction to Cloud Security
• Security monitoring & operations

Week 8 – Wrap Up  

• Common tools & resources
• Professional ethics
• Security job roles, duties & capabilities