Course Content
Module 1 Introduction to Cybercrime
0/6
Introduction to Cybersecurity
03:00
1.1 Lesson: What is Cybersecurity?
01:54
1.2 Lesson: Brief History of Cybersecurity
03:42
1.3 Lesson: Key Concepts and Terminology
04:52
1.4 Lesson: Cybersecurity Threat Landscape
03:23
Module1: Questions
Module 2: Computer Systems and Networks
0/6
Introduction to Computer Systems and Networks
02:36
2.1 Lesson: Introduction to Computer Systems (Hardware, Software, Firmware)
04:00
2.2 Lesson: Networking Fundamentals (TCP/IP, DNS, DHCP)
04:00
2.3 Lesson: Network Architectures and Devices (Routers, Switches, Firewalls)
03:01
2.4 Lesson: Introduction to Virtualization and Cloud Computing
02:22
Module 2 Questions
Module 3: Cybersecurity Threats and Vulnerabilities
0/6
Introduction to Cybersecurity Threats and Vulnerabilities
3.1 Lesson: Types of Cybersecurity Threats (Malware, Phishing, Ransomware)
02:31
3.2 Lesson: Vulnerability Management and Patching
03:16
3.3 Lesson: Social Engineering and Human Factors
02:13
3.4 Lesson: Introduction to Penetration Testing and Red Teaming
03:03
Module 3 Questions
Module 4: Cryptography: Encryption, Decryption, Hashing
0/5
4.1 Lesson: Introduction to Cryptography (Encryption, Decryption, Hashing)
02:53
4.2 Lesson: Symmetric and Asymmetric Encryption
02:41
4.3 Lesson: Access Control Models and Mechanisms (MAC, DAC, RBAC)
04:12
4.4 Lesson Identity and Access Management (IAM) Systems
03:02
Module 4 Questions
Module 5: Network Security and Defence
0/6
Introduction to Network Security and Defence
02:59
5.1 Lesson: Network Security Fundamentals (Firewalls, IDS/IPS, VPNs)
01:52
5.2 Lesson: Secure Communication Protocols (HTTPS, SSH, SFTP)
01:54
5.3 Lesson: Network Segmentation and Isolation
01:50
5.4 Lesson: Incident Response and Disaster Recovery
03:10
Module 5: Questions
Module 6: Operating System and Application Security
0/6
Introduction to Operating System and Application Security
02:24
6.1 Lesson: Introduction to Operating System Security (Windows, Linux, macOS)
03:06
6.2 Lesson: Application Security Fundamentals (Input Validation, Error Handling)
04:22
6.3 Lesson: Secure Coding Practices and Guidelines
04:17
6.4 Lesson: Introduction to Web Application Security (OWASP Top 10)
02:31
Module 6:Questions
Module 7:  Cybersecurity Tools and Technologies
0/6
Introduction to Cybersecurity Tools and Technologies
08:13
7.1 Lesson: Introduction to Cybersecurity Tools (Nmap, Nessus, Metasploit)
04:29
7.2 Lesson: Security Information and Event Management (SIEM) Systems
02:49
7.3 Lesson: Introduction to Cloud Security and Compliance
03:14
7.4 Lesson: Emerging Trends and Technologies in Cybersecurity (AI, ML, IoT)
02:46
Module 7: Questions
Module 8: Cybersecurity Governance and Risk Management
0/6
Introduction to Cybersecurity Governance and Risk Management
03:29
8.1 Lesson: Cybersecurity Governance and Compliance
02:23
8.2 Lesson: Risk Management Fundamentals (Identify, Assess, Mitigate)
02:44
8.3 Lesson: Introduction to Cybersecurity Frameworks and Standards (NIST, ISO 27001)
02:49
8.4 Lesson: Cybersecurity Awareness and Training
02:27
Module 8: Questions
Module 9: Hands-on Cybersecurity Projects
0/6
Introduction: Hands-on Cybersecurity Projects
03:18
9.1 Lesson: Setting up a Home Lab for Cybersecurity Testing
04:28
9.2 Lesson: Conducting Vulnerability Scanning and Penetration Testing
02:30
9.3 Lesson: Implementing a SIEM System and Analysing Security Logs
05:01
9.4 Lesson: Developing a Cybersecurity Incident Response Plan
04:41
Module 9: Questions
Module 10: Conclusion and Next Steps
0/5
10.1 Lesson: Recap of Key Concepts and Takeaways
02:51
10.2 Lesson: Future Directions in Cybersecurity
03:42
10.3 Lesson: Resources for Further Learning and Professional Development
03:30
10.4 Lesson: Final Project Presentations and Feedback
01:56
Module 10: Questions
Examination Questions
0/1
40 Practical Questions
Introduction to Cyber-Security

8.3 Lesson: Introduction to Cybersecurity Frameworks and Standards (NIST, ISO 27001)

In today’s digital landscape, organisations of all sizes face an increasing array of cyber threats that can compromise their operations, reputation, and customer trust. To navigate the complexities of cybersecurity effectively, many organisations turn to established frameworks and standards that guide the development and implementation of robust security measures. Among the most prominent are the National Institute of Standards and Technology (NIST) Cybersecurity Framework and ISO/IEC 27001.

The NIST Cybersecurity Framework originated from a collaboration between industry experts and government agencies to create a comprehensive strategy for managing cybersecurity risks. It involves five core functions: Identify, Protect, Detect, Respond, and Recover. These functions provide a structured way for organisations to assess their current cybersecurity posture, implement appropriate policies and controls, monitor threats in real-time, respond effectively to incidents, and recover from potential breaches. The framework is especially beneficial as it is flexible enough to be tailored to suit the specific needs and maturity levels of various sectors.

ISO/IEC 27001 complements this approach by offering a systematic method for managing sensitive information through an Information Security Management System (ISMS). As an internationally recognised standard, it sets out conditions for establishing, implementing, maintaining, and continually improving an organisation’s information security practices. Achieving certification against ISO 27001 not only demonstrates commitment to information security but also enhances stakeholders’ confidence in an organisation’s ability to protect critical data against internal or external threats.

Both NIST Cybersecurity Framework and ISO/IEC 27001 are instrumental in laying down a foundation for effective cybersecurity practices. They empower organisations not only with practical guidance but also with methodologies that foster ongoing improvement in security postures amidst evolving cyber risks. By aligning with such frameworks and standards, organisations can better position themselves to mitigate risks while demonstrating due diligence in safeguarding sensitive information.

Exercise Files
8 of 3 Lesson notes.pdf
Size: 111.97 KB
Previous
Next