ISO IEC 27032 Lead Cyber Security

Learning objectives

•    To understand and acquire comprehensive knowledge of the components and operations of a Cybersecurity program in conformance with ISO/IEC 27032 and the NIST Cybersecurity Framework.
•    To explain the goal, content, and correlation between ISO 27032 and NIST Cybersecurity Framework as well as with other standards and operating frameworks.
•    To master concepts, approaches, standards, methods, and techniques to set up, implement, and effectively manage a Cybersecurity program within an organization.
•    To be able to interpret the guidelines of ISO/IEC 27032 in the specific context of an organization.
•    To acquire the necessary expertise to plan, implement, manage, control, and maintain a Cybersecurity program as specified in ISO/IEC 27032 and NIST Cybersecurity Framework.
•    To develop the expertise to advise an organization about the best practices for managing Cybersecurity.
•    To strengthen personal skills that are necessary for the establishment and maintenance of a Cybersecurity program.

Course Agenda

Day 1: Introduction to Cybersecurity and related concepts as recommended by ISO/IEC 27032.

•    Course Objectives and Structure.
•    Standard and Regulatory Framework.
•    Fundamental Concepts in Cybersecurity.
•    Cybersecurity Program.
•    Initiating a Cybersecurity Program.
•    Analyzing the Organization.
•    Leadership.

Day 2: Cybersecurity Policy and Risk management.

•    Cybersecurity Policies.
•    Cybersecurity Risk Management.
•    Attack Mechanisms.

Day 3: Cybersecurity Controls, Information Sharing and Coordination.

•    Cybersecurity Controls.
•    Information Sharing and Coordination.
•    Training and Awareness Program.

Day 4: Incident Management, Monitoring, and Continuous Improvement.

•    Business Continuity.
•    Cybersecurity Incident Management.
•    Testing in Cybersecurity.
•    Performance Measurement.
•    Cybersecurity Incident Response and Recovery.
•    Continual Improvement.
•    Lead Manager Certification Scheme.
•    Closing the Training.

Day 5: Certification Exam

Prerequisites
Knowledge about information security and related concepts is preferred.

Educational approach

This training is based on both theory and practice:
•    Sessions of lectures illustrated with examples based on real cases.
•    Practical exercises based.
•    Review exercises to assist the exam preparation.
•    Practice tests similar to the certification exam.

To benefit from the practical exercises, the number of training participants is limited
Exam.
•    The “PECB Certified ISO/IEC 27032 Lead Cybersecurity Manager” exam completely meets the requirements of the PECB Examination and Certification Program (ECP). The exam covers the following competence domains:
•    
Domain 1: Fundamental concepts and definitions of Cybersecurity.
Domain 2: Guidance for initiating, implementing, and managing a Cybersecurity Program.
Domain 3: Guidance for roles and responsibilities of stakeholders in Cybersecurity.
Domain 4: Cybersecurity Risk Management and Cybersecurity Controls.
Domain 5: Monitor all activities related to Cybersecurity Program.

The “PECB Certified ISO/IEC 27032 Lead Cybersecurity Manager” exam is available in English only.
•    Duration: 3 hours.
•    For more information, refer to the PECB section on ISO/IEC 27032 Lead Cybersecurity Manager Exam.

Certification

•    After successfully completing the “PECB Certified ISO/IEC 27032 Lead Cybersecurity Manager” exam, participants can apply for the credentials of Certified ISO/IEC 27032 Provisional Cybersecurity Manager, Certified ISO/IEC 27032 Cybersecurity Manager, or Certified ISO/IEC 27032 Lead Cybersecurity Manager, depending on their level of experience.
•    A certificate will be issued to participants who successfully pass the exam and comply with all the other requirements related to the selected credential.
•    For more information, refer to the PECB section on ISO/IEC 27032 Manager Certifications.