CHIEF INFORMATION SECURITY OFFICER CISO+CISSP COURSE

CHIEF INFORMATION SECURITY OFFICER CISO+CISSP COURSE // CHIEF INFORMATION SECURITY OFFICER CISO+CISSP COURSE //

+ADVANCED

level/floor

10 mounts

Duration

288

academic hours

06.08.2024

Course Opening Date

Tue + Thu 17:30-21:00

Days & Hours

  • About the course
  • Credentials
  • Certifications
  • Study Divisions
  • Lecturers
  • Media
  • year before
  • Learn More
  • More Courses

01

About the curriculum

Cyber Security Administration Course - CISO + CISSP Technologies & Methodologies

The prestigious curriculum - the Enterprise Cyber Defense Administration also known as Chief Information Security Officer (CISO), is designed to train information security experts capable of advising, guiding and making decisions in data protection tasks, both in the technological-tactical (architect) and in the administrative-governance (methodology) field.

It was the only program in the world that was recognized by the Israel Defense Forces (ISC), designed with their participation, and was adopted exclusively by the IDF and the security forces.

n 2021, the show underwent many significant changes and has since continued to be updated. These changes were made after an in-depth thought process, which considered both the changes in the period in terms of the curriculum format and the content of learning, which have been updated in accordance with the requirements of international standards that are anchored in the flagship authority in the field of cyber protection, most notably the CISSP certification of the World Organization (ISC)2.

Take a look:

  • This program (even without the Boot Camp) prepares for CISSP certification with the material for the test, and is also transferred to cyber officers in the IDF.
  • SEE SECURITY college, a representative of (ISC)2, and the organization itself, do not provide preparatory material for other CISO courses.
  • or information about the transfer of the program exclusively in the security system - please contact the college administration for information (if possible).
Read more

02

Program Purpose

Training quality information security consultants, knowledgeable and professional base, for technical, administrative, and governance consulting roles in information security, alongside providing a quality base for international certification tests, such as: CISSP, CISM, CGRC and more.

The CISO Information Security Management Course deals with the strategic levels and combines the knowledge and disciplines required for an expert, architect, administrator, and security auditor (not technicians). The program provides the graduate with the ability to deal with the role of Information Security Architect, the role of Knowledge Management Specialist, and of course the role of CISO.

The course will provide you with the ability to plan an information security system, choose the right components, implement the chosen technique, monitor and monitor information security events, analyze and understand security events, respond immediately and appropriate to security events, initiate an “order” in the organizational security activities, deal with business requirements, comply with the laws, regulations and Israeli and international standards relating to the issue and position yourself as a candidate for the senior role of the Enterprise Information Security Manager.

 

Read more

03

The format and nature of studies

Integrated Education - Two-week lessons from 17:30-21:00, live lessons and frontal lessons, depending on the school schedule of each class.

 

The full program schedule (including the CISSP Training Marathon) includes: 288 academic hours and 320 hours of training.

 

Full program duration: 10 months

 

The shorter hours of the program (without a CISSP Training Marathon): 248 academic hours and 280 hours of training.

 

Duration of the program: 8 and a half months

 

Each of the three Curriculum Vitae chapters is a stand-alone course and can be registered to:

 

Cyber Defense Technology Expert Course - CSTP Architect

Cyber Defense Methodology Expert Course - CSMP

 

CISSP Training Test Prep Marathon

 

Read more

04

Target Audience

Those with practical knowledge in the field of infrastructure - operating systems and communications, it is also desirable to have basic and higher knowledge in information security tools, information systems and in addition to graduates of a bachelor's or master's degree in computer science, software/hardware engineering. The track is not suitable for beginners.

Read more

05

Terms of Acceptance

Knowledge and experience in the field of infrastructure (systems and communications, preferably knowledge of cyber systems) or development. Experience or supervised studies in the profession “Implement Cyber Protection”, full matriculation certificate, good English.

 

Academic degree - advantage.

 

A personal interview to examine the suitability of the program.

Read more

06

Post-course work

Director of Information Security in both technological aspects - tactical (architect) and regulatory aspect (methodology/GRC), an information security consultant.

Read more

07

Post-course work

Director of Information Security in both technological aspects - tactical (architect) and regulatory aspect (methodology/GRC), an information security consultant.

Read more

08

Recognition

The program is adapted to the Israeli Cyber Professions Regulation Law

See Security is known as a college with the highest level of study, conducted in a social and cooperative learning atmosphere. The professionals, IT managers in Israel and employers of all kinds, are well acquainted with the college and its demands from the students and prefer to take in the ranks of graduates who have been filtered, trained, and tested through their studies in the college.

The CISO program was originally designed and built for Israel's Defense Ministry in 2004 (and is constantly updated). It is highly appreciated in Israel among employers and experts.

CISSP certification is recognized as the top knowledge benchmark in the industry, common among the senior tier of cyber administrators and is officially recognized as part of the US Department of Defense’s Directive 8570.1 DoD for the highest category of IAT level III and IAM level III.

Read more

09

Curriculum Tasks

80% attendance requirement.

Each module must meet an internal test or work score of at least 70%

Submission of OCSR final assighnment in score passes 60%.

 

Read more

10

How does the program stand out?

See Security's CISO program is the only one in the world recognized by t (ISC)2, designed with their participation and adopted exclusively by the IDF and other security agencies.

Lecturers in the program are highly experienced specialists in the topics they teach, most of them are CISSP certified and are authorized to teach by (ISC)2.

For more information about purchasing the program exclusively for your organization - please contact the college administration.

Read more

11

More about the program

The CISO program is not a "course" in the ordinary sense of the word and is not subject to whim and speculation. The program, which started in 2004, is delivered as planned in cooperation with the Ministry of Defense, only at See Security College.

 

CISO is the senior position in the cyber field, in the organizational hierarchy. The CISO's language is different form the "regular cybermen" terminology. Studying for a position that is so senior requires considerable investment, not just "buying a certificate."

 

See Security College believes in significant investment in the curriculum and does not recognize any "shortcuts" to the required knowledge.

 

Never has there been a single curriculum that was built with so much effort, collaboration, knowledge of various origins, history, and heritage.

 

In a program that is held in the college since 2004 (in 2023 - class 66), students learn as "ever", with the senior lecturers in their professions in Israel. Its graduates are assigned to CISO roles throughout the country and the new graduates in various consulting roles.

 

Have you joined the CISO program? That's for life. The CISO Program has a grand CISO ALUMNI group. The exclusive group has an impressive scope of mutual assistance and exchange of professional information between the CISO's. In addition, there are prestigious enrichment lectures conducted by senior officials.

 

In short, it won't be easy. But you're going to enjoy it and benefit from it: during and after the course.

Read more

Credentials

DIPLOMA

CERTIFICATES

12

Study Divisions

Main Topics for this Session:

Exploring Cybersecurity incidents of recent years (Use Cases / Case Studies)

Introduction to Cybersecurity management

Anchoring terminologies and definitions

Introducing the role of the CISO

The technological chapter of the course covers key issues of security engineering using plans, designs, and principles, evaluating and reducing vulnerabilities of information systems, basic concepts of security models and security architectures in critical areas such as access control, cloud systems, cryptography, system penetration (ransomware, fault injection and more) and virtual systems. The tools and techniques complement each other as part of the technological response to threats, in the layer of operating systems, communications, applications, special environments such as cloud and mobile and end stations:

  • Cryptography
  • Network Security - Network Access Control and Remote Access
  • Application Security
  • Access Control
  • Virtualization Security
  • Introduction to Cloud Computing and Security 
  • Hardware Security
  • System Security
  • IOT Security
  • Advanced Cyber Security Technical Controls
  • SCADA Security
  • Integrated Technological Architecture
  • Unlocking the Power on Artificial Intelligence: Enhancing Cybersecurity for CISOs
  • CISO-TECH Students Seminar

Knowing only the functionality of the various tools is not enough. We must learn to "play" the game. There is no practical possibility to understand the ways of defense, without recognizing the ways of the attacker. This chapter deals with knowing the world of both techniques and tools for Penetration Testing tasks. The chapter details the classic threats on information assets, caused by a malicious human factor. The world of attacks and intelligence is studied in order to get to know the threats, vulnerabilities, techniques, and technologies used by the attacker:

 

  • Hacking Defined - Introduction
  • Hacking Methodologies and Passive Reconnaissance - info oriented
  • Passive Reconnaissance - tech oriented
  • Active Reconnaissance and get into systems (exploitation)
  • Post Exploitation: Tools and Techniques
  • Web Application Security
  • Business-logic
  • PT report

Incident Response refers to the process by which an organization handles and manages the consequences of a security breach or cyber-attack, also known as an "incident". The goal is not only to manage the situation so that the damage is limited, and the recovery time and costs are reduced, but also to ensure that similar events do not happen again. The response to the incident must be quick, well-coordinated and systematic to prevent further damage and return the systems to their normal function.

Incident response is an integral part of an overall cybersecurity strategy, which includes various components, such as: preparation, detection and analysis, containment, eradication and recovery. The process does not end after the incident is resolved, as organizations need to learn from the incident to prevent future attacks. Understanding the response to the event paves the way for a more detailed examination of its various aspects. This chapter in the course deals with knowing the monitoring and response systems and other aspects, such as damage analysis, incident investigation and threat intelligence:

  • Introduction to Incident Response
  • Introduction to SIEM
  • Malware Analysis
  • Cyber Forensics
  • Cyber Threat Intelligence

The world of information security maintains a close relationship with the field of governance, risk management and corporate compliance, feeding and being fed by it. This is a discipline with 3 meanings:

- Managing the organizational risk because of a cyber incident.

- The organization's compliance with management requirements.

- The organization's compliance with the requirements of the law and regulation in relevant aspects, such as: the privacy protection law, regulation 7809, 627 and others.

 

In this chapter of the course, the field of organization and methods of the world of information security will be reviewed, according to the domain definitions of: ISC2-CISSP, ISACA-CISM; Subject to standards: ISO 27000, SOX, DoD, PCI; and based on legislation and the industry regulations:

 

  • Introduction to Methodology (GOV and CR)
  • Cyber Laws
  • Governance (Corporate, IT, Security)
  • Cyber Compliance
  • Cyber Security Framework Introduction
  • ISMS - ISO27001
  • Privacy in the Digital Age
  • Security Policies and Procedures

What does the cyber security manager do every day? What is his list of tasks and what is the correct order of operations? How does the product of each operation become the raw material of the next operation? The unwritten law of CISO functions:

 

  • Information System Security Engineering 
  • Cyber Security Risk Management Framework I + II
  • Cyber Security as a Process
  • Security Metrics
  • Business Continuity Management and Data Recovery Processes
  • Data Leakage Prevention Process
  • Communication and Awareness
  • Cybersecurity Projects Management
  • Cyber Security in Real Life
  • Introduction to Supply Chain
  • CISO Role Seminar

A unique preparation seminar for CISSP certification exam by (ISC)2, in addition to the entire curriculum focused on the domains of the international exam. Participants receive the official (ISC)2 student kit. 

Attached is a letter confirming the exclusivity of the college:

 

Re: (ISC)2 Official Training Provider (OTP) – SEE SECURITY

 

Please accept this letter as confirmation of the status of SEE SECURITY being an Official Training Provider (OTP) for (ISC)2 in Israel. (ISC)2 and See Security have an established partnership to enable the delivery of Official CISSP Training & Certification Programme in Israel. Supporting the ongoing development of information & cyber security professionals through education, training, certification & membership. (ISC)2 and See Security have agreed to model CISSP training in two formats:

 

CISSP Bootcamp – 40 hours of study with official (ISC)2 Courseware and instructors, specifically for experienced Cyber Security professionals.

CISO Programme – 288 hours of study for professionals who wish to advance their knowledge and increase proficiency. The course includes official (ISC)2 Courseware and instructors.

The above programmes require authorization of use by (ISC)2 and a fee per delegate. (ISC)2 does not allow the use of its Official IP/materials in an unapproved manner.

 

See Security will continue to develop a network of experienced subject matter experts who will be approved as (ISC)2 Authorized Instructors to deliver Official CISSP Training to their growing portfolio of B2C, B2B & B2G client base.

 

If you require any further information in support of See Security, please do not hesitate to contact me directly.

 

Yours sincerely,

 

Henry Tolley

 

Head of Channel Partner Sales - EMEA

 

LECTURERES

מנהל הגנת סייבר - CISO (טכנולוגיות ומתודולוגיות)

06-2023

CISO program graduates

More Info

  • A foundation for the world of information security: handling people and handling processes. I.e.: Management aspects and aspects related to handling the business aspect - risk management, legal and regulatory aspects, and addressing the inherent contradiction between the security tasks and the needs of the organization’s openness. In many cases, the CISO is also responsible for performing a technical and administrative audit of the Information Security Team Manager.
  • Areas of Knowledge Required: Training from the Architect’s World, as well as Government Protection. In addition, organization, methods, and management of cyber protection unit.
  • This role will usually be filled by See Security CISO trainee, or CISSP-certified self-trained, or at least CISM. It is recommended to complete their education in the future (or before), even though academic degree in industry and management, economy and management, business administration, and academic tracks with similar orientation.
  • מקורו של ה-CISO הוא בתפקיד ארכיטקט אבטחת המידע, אך כולל בנוסף לטיפול במימד הטכני, גם את שני המימדים הנוספים המהווים בסיס לעולם אבטחת המידע: טיפול באנשים וטיפול בתהליכים. כלומר: היבטים ניהוליים והיבטים הקשורים לטיפול בפן העסקי – ניהול סיכונים, טיפול בהיבטי חוק ורגולציה, וטיפול בסתירה האינהרנטית שבין משימות האבטחה לצרכי הפתיחות של הארגון. במקרים רבים – ה-CISO אחראי גם לביצוע ביקורת טכנית ומנהלית על מנהל צוות אבטחת המידע.

Job Requirements include:

  • Introducing the world of information security, including a variety of security products (FW, DLP, NAC, etc.)
  • Controlling GRC issues like Governance, Risk Management and Compliance.
  • Familiarity with procedures and regulations in the field of information security, such as: ISO27001, GDPR, NIST - mandatory.
  • Relevant IT and Cyber Certification, such as CSMP - Cyber Security Methodology Professional or CSTP - Cyber Security Technology Professional.
  • CISSP certification - advantage.
  • High verbal and written expression ability in both Hebrew and English
  • Academic education - advantage.
  • Experience in IT infrastructure - advantage.
  • Knowledge of cyber defense architecture - advantage
  • The architect is the brain behind information security. He will face the attacker, plan the system, guide the implementers in their work, design the work method, track the events for the purpose of locating an attack, and guide the response and dealing with an attack. The architect is responsible for designing and building defenses against the operating systems, telecommunications networks, code, and applications against hackers. His role will be carried out through guidelines for implementing information security. Cyber Defense Architect will be found in medium and large general organizations, and in information security consulting and service companies. In small companies, the role will be performed by the network administrator, the System Administrator, or the Communications Manager.
  • · The architectural challenges are diverse and include coping with multisystem planning, 3D vision of implementing information security solutions and examining their effectiveness, taking into account their assimilation into society and their impact on the efficiency of society. In other words, the position requires high attention both for solving or mediating information security problems with minimal or all harm, at the availability of the company’s services and its ongoing work.
  • Cyber Defense Architect Requirements: Knowledge in Operating Systems and Communication
  • Areas of knowledge required: strengthening of computer infrastructure, application hardening, cyber protection tools and technologies, and understanding of the world of hacking. Experience or training in the implementation of information security tools as an implementation is an advantage but is not required.
  • What needs to be learned? If you have studied or are engaged in network management, you must study tool and technology architecture, attack techniques, and defense techniques.
  • Those who choose this route are advised to complete their education later on through a Bachelor's degree in Information Systems Engineering, Industrial Engineering and Management, Information Systems Management or similar orientation academic tracks.

Development Route

  • A cybersecurity architect may move forward to the role of CISO. Familiarity with solution architecture provides unique vision and rich technological experience that will enable CISO to make up-to-date and well-studied management decisions.
  • Cyber Defense Architect will be able to perform sales and sales engineering roles across a wide range of manufacturers, implementation companies and organizations. Knowing the technological, network and IT needs of one organization or another gives them advantages in planning and selling the solution.
  • A cybersecurity architect can also integrate into product management roles. Our vast experience in multi-system design and knowledge in implementing technological solutions provides a unique perspective that enables the development of a product that meets market requirements that is better suited to the needs of the customer.
  • The role of a cyber defense methodology expert is based on casting content to the technological defense pattern. This content is drawn from a set of rules, including professional guidance and full responsibility for organizational processes in the field of cyber protection, such as: guidance in establishing an organizational cyber defense system, professional guidance, and accompaniment of projects in the aspects of cyber protection, supply chain security, business continuity, disaster recovery (DR.) and business impact analysis. All of this, while settling the contradictions that stem from the need to strengthen the defensive rings on the one hand and the need to allow the current businesses to continue to exist freely, on the other.
  • The National Cyber Directorate refers to this profession as one of the most essential components of the cyber unit's commitment to its cyber security.
  • The essence of the profession according to the cyber system:
  • Formulating, characterizing and realizing perceptions, methods and methodologies for cyber protection in the organization.
  • Implementation of regulatory aspects (regulation) and Israeli and international standards and privacy protection aspects.
  • Risk management in cyber protection.
  • Professional guidance and full responsibility for organizational processes in the field of cyber protection, such as: accompanying the establishment of an organizational cyber defense system, professional guidance and accompaniment of projects in the aspects of cyber protection, supply chain security, business continuity, disaster recovery and business impact analysis.
  • All this while recognizing and understanding the activity, needs and organizational goals.
  • Responsibility to contact the organization's management for policy approval, to make sure that the backup is implemented by the organization's perceptions, methods, and methodologies for cyber protection through official letter of appointment, internal marketing support and budget.

Job Requirements include:

  • Introducing the world of information security, including a variety of security products (FW, DLP, NAC, etc.).
  • Controlling GRC issues like Governance, Risk Management and Compliance.
  • Familiarity with procedures and regulations in the field of information security, such as: ISO27001, GDPR, NIST - mandatory.
  • CSMP - Cyber Security Methodology Professional - Certified for IT and Cyber.
  • CGRC/CISSP certification - advantage.
  • Strong verbal and written expression in both Hebrew and English.
  • Academic education - advantage.
  • Experience in IT infrastructure - advantage.
  • Knowledge of cyber defense architecture - advantage.

Development Route

  • Filling the positions of an expert in cyber protection methodologies in various organizations is a unique position that carries with it many advantages in a variety of fields and lifestyles, such as: in-depth familiarity with international standards in the field, familiarity with information security solutions in the market, project management and support of end-to-end organizational processes.
  • From this position it is possible to quickly advance in the ranks and move to CISO and consulting positions.

The Certified Information Systems Security Professional (CISSP) is the most globally recognized certification in the information security market. CISSP validates an information security professional’s deep technical and managerial knowledge and experience to effectively design, engineer, and manage the overall security posture of an organization.

 

This cybersecurity certification is an elite way to demonstrate your knowledge, advance your career and become a member of a community of cybersecurity leaders. It shows you have all it takes to design, engineer, implement and run an information security program. The CISSP is an objective measure of excellence. It’s the most globally recognized standard of achievement in the industry. And this cybersecurity certification was the first information security credential to meet the strict conditions of ISO/IEC Standard 17024.

 

The broad spectrum of topics included in the CISSP Common Body of Knowledge (CBK) ensure its relevancy across all disciplines in the field of information security. Successful candidates are competent in the following 8 domains:

 

Security and Risk Management

Asset Security

Security Architecture and Engineering

Communication and Network Security

Identity and Access Management (IAM)

Security Assessment and Testing

Security Operations

Software Development Security

Candidates must have a minimum of 5 years cumulative paid full-time work experience in 2 or more of the 8 domains of the CISSP CBK. Earning a 4-year college degree regional equivalent or an additional credential from the (ISC)² approved list will satisfy 1 year of the required experience. Education credit will only satisfy 1 year of experience. A candidate that doesn’t have the required experience to become a CISSP may become an Associate of (ISC)² by successfully passing the CISSP examination. The Associate of (ISC)² will then have 6 years to earn the 5 years required experience.

June 21st, 2023

 

Dear Mr. Weissman,

 

Re: (ISC)² Official Training Partner (OTP) Letter of Confirmation

 

Please accept this letter as confirmation that, as of the date of this letter, SEE SECURITY TECHNOLOGY Ltd is an (ISC)² Official Training Partner (OTP) in Israel and a provider of CISO programmes.

 

See Security Technology Ltd has been an (ISC)² Official Training Partner for over 5 years to enable the delivery of Official (ISC)² CISSP Training & Certification Programme in Israel, supporting the ongoing development of information and cyber security professionals through education, training, certification & membership.

 

See Security Technology provides (ISC)² authorised instruction in two ways:

 

1) CISSP Bootcamp - 40 hours of study with official (ISC)² courseware and instructors, specifically for experienced cyber security professionals.

 

2) CISO Programme - The sole provider and creator of this programme in this format is See Security Technology, 288 hours of study for professionals who wish to advance their knowledge and increase proficiency.

The course incorporates the official (ISC)² CISSP course, courseware and instructors.

 

The above programmes require authorization of use by (ISC)² and a fee per delegate. (ISC)² does not allow the use of its Official IP/materials in any unapproved manner.

 

As an Official Training Partner of (ISC)², See Security Technology Ltd continues to develop a network of experienced subject matter experts for approval as (ISC)² Authorized Instructors to deliver Official (ISC)² CISSP Training to their growing portfolio of B2C, B2B & B2G client base.

 

If you require any further information in support of See Security Technology Ltd please do not hesitate to contact me directly.

 

Yours sincerely

 

Mbarfoot

Marc Barfoot

Manager, Commercial Partnerships

 

(ISC)², Ltd.

Level 1 Devonshire House One Mayfair Place London, W1J8AJ United Kingdom mbarfoot@isc2.org