This course looks at what information assurance is, how we define it, how we ensure it, and how we measure it. It asks questions such as
- What are the important characteristics for an information system from a security point of view?
- How can we relate the three pillars of information security; confidentiality, integrity and availability to our information system?
- Are these three characteristics enough for all business systems?
- Should an outside body define these characteristics define these characteristics for us and should this be industry or government led?
From this we can ask, what is absolute security and does it exist? Is it practical? And if not, how can we work within an insecure space. Our systems still have to produce and store dependable information. However, if we don’t have a 100% dependable system, we have to assume the system has been attacked and intruded. In the course we ask and answer further questions of
- What is information dependability?
- How reliable is the data?
- Can our system survive an attack and where is this attack most likely to come from?
- How (in)tolerant of insecure systems is our data?
- How well can we recover?
“Know thy enemy but not yourself, wallow in defeat every time” – Sun Tzu
We need to know how likely our system is to be attacked and why, what parts are more vulnerable to attack than others and the effect a successful attack will have on the whole system. We need to be able to measure the level of risk associated with an attack and how this can be mitigated in some way. During the course we will look at vulnerabilities in systems, what they are, how they are created and how we can detect them. If we assume our system has been attacked, we need to carry out forensic techniques to find out when this occurred and who is responsible and if the intruder is still able to gain access – the so-called backdoor attack. During the course we will look at what forensic techniques are available to us and the formation of incident response teams.
For further information on training and training dates, please use our contact form below:
[wpforms id=”143″ title=”true”]