Fundamentals of Information System Security Architecture

This course is designed for Cybersecurity and Application Security Specialists, IT Security Managers and System Administrators, Software Developers, as well as IT Consultants and Penetration Testers. The course provides an introduction to the principles of information system security architecture. The focus will be on understanding key concepts, existing frameworks, and risk assessment methodologies. It will also cover topics like the CIA triad (Confidentiality, Integrity, Availability), defense in depth, and zero-trust architectures. By the end of the course, learners should have a firm grasp of security architecture fundamentals and be ready to delve into more advanced topics.

• Welcome and Module 1: The Principles of Information System Security
• This module offers a foundational understanding of information security's significance in the digital age, focusing on the CIA Triad's importance for data integrity. Learn effective information protection methods, access control strategies, and grasp security management essentials for swift responses to emerging threats. Gain the essential insights needed to navigate the dynamic landscape of modern information security.
• Module 2: Existing Information Security Architecture Frameworks
• This module provides an in-depth look at key security architecture frameworks, including the Sherwood Applied Business Security Architecture (SABSA), Zero Trust, and Defense in Depth strategies. Participants will gain an in-depth grasp of these frameworks, allowing them to create adaptive security solutions that effectively protect digital assets against the ever-changing landscape of cyber threats.
• Module 3: Risk Assessment Methodologies and Security
• This module provides an in-depth review of information security risk assessment, including risk types, their significance in security architecture, metrics, and various methodologies. Discover the critical role of risk assessment, investigate OCTAVE, NIST RMF, and FAIR methodologies, and emerge prepared to assess and mitigate risks effectively in complex security environments.