Advanced Cybersecurity & SOC Operations

1.1. Understanding Cybersecurity

• Defining Cybersecurity
• The Evolution of Cyber Threats
• Cyber threats and vulnerabilities
• Requirement of Cyber Security (Cyber Threat Actors)
  • Hacktivists
  • Cybercriminals
  • Nation-State Actors
  • Insiders
  • Script Kiddies
  • Organized Crime Groups
  • Advanced Persistent Threats (APTs)
  • Malware Authors
  • Phishers

The importance of cybersecurity
1.2. CIA Triad (Confidentiality, Integrity, Availability)

• Understanding the CIA Triad
• Confidentiality: Protecting Data Privacy
• Integrity: Ensuring Data Accuracy and Trustworthiness
• Availability: Data Accessibility and System Uptime

2.1 Data Protection Regulations

• GDPR, HIPAA, SOC 2, CCPA, PDPL, DPDPA, ISO 27001:2022
• Compliance requirements and importance
• Importance of Data Protection and data privacy requirements

2.2 Privacy Practices

• Data handling and consent
• Privacy impact assessments

3.1 Types of Cyber Attacks Common Types of Cyber Attacks

• Malware Attacks (Viruses, Trojans, Worms)
• Phishing Attacks
• Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attacks
• Man-in-the-Middle (MitM) Attacks
• SQL Injection Attacks
• Social Engineering Attacks

3.2. Cyber Attack Vectors

• Types of Email Attack
  • Phishing, Spear Phishing
  • Business Email Compromise (BEC) or CEO Fraud
  • Ransomware, Malware Delivery
  • Email Spoofing
  • Attachment-Based Attack
  • Email Bombs and DDoS Attacks
  • Credential Stuffing
• Email security
• Web security
• Network security

3.3 Cloud Security

• Cloud security considerations
• Securing cloud-based data and applications
• Understanding cloud network security management

4.1 Cyber Security Technical, Physical & Administrative Safeguards

• Password Management, Creating strong passwords, Password policies and practices
• Data Protection Encryption
• Security Patch management
• Regular Backups
• Regular Security Assessments
• Data Loss Prevention (DLP)
• Behaviour Analytics
• Access Controls
• Security Information and Event Management (SIEM)
• Security Orchestration, Automation, and Response (SOAR)
• SIEM & SOAR two critical components of a modern Cyber Security Strategy

4.2 Cybersecurity Roles and Responsibilities

• Introduction to Cybersecurity Roles and Teams
• Key Responsibilities in Cybersecurity
• Security Analysts: Monitoring and Incident Response
• Network Security Engineers: Protecting Network Infrastructure
• Ethical Hackers and Penetration Testers: Identifying Vulnerabilities
• Compliance and Risk Managers: Ensuring Regulatory Compliance

• Email security architecture
• Phishing defence mechanisms
• Web security
• Cloud security basics:
  • Shared responsibility model
  • Cloud network security
  • Securing cloud workloads

6.1 Network Security

• Firewalls and intrusion detection & Prevention
• Introduction to VAPT
• Scanning networks
• Vulnerability analysis
• Secure Browsing (Web Content Gateway)
• Safe email practices
• Avoiding malicious websites

6.2 Wireless Network Security

• Securing Wi-Fi networks
• Encryption WPA3/WPA2 & AES Encryption
• Guest network management

• Endpoint Protection
• Antivirus and antimalware software
• Patch management
• End point security- Servers/windows/Linux

• Incident Identification and Classification
• Recognizing security incidents
• Incident reporting
• Incident Response Plan
• Developing an incident response plan
• Roles and responsibilities during an incident