2024
Training for (Cyber)Security Manager
Name: Training for (Cyber)Security Manager
Code: INF15738O
2 ECTS
Duration: 5 weeks/52 hours
Scientific Area:
Informatics
Teaching languages: Portuguese
Languages of tutoring support: Portuguese, English
Regime de Frequência: B-learning
Sustainable Development Goals
Learning Goals
1. Interpret Cybersecurity and Data Protection regulations.
2. Understand roles of (Cyber)Security Officer and Permanent Contact Point.
3. Apply CIS, COBIT, ISO/IEC, and NIST frameworks.
4. Conduct risk analysis, management, and mitigation.
5. Implement risk analysis and management tools.
6. Define technical and organizational Cybersecurity measures.
7. Describe monitoring and auditing processes.
8. Manage and classify organizational assets.
9. Handle Cybersecurity incidents, including analysis, response, and notification.
10. Develop Information Security Policy.
11. Create Cybersecurity Plan.
12. Prepare Annual Cybersecurity Report as per legislation.
13. Define action plan for regulatory compliance and improvement of organizational Cybersecurity maturity.
2. Understand roles of (Cyber)Security Officer and Permanent Contact Point.
3. Apply CIS, COBIT, ISO/IEC, and NIST frameworks.
4. Conduct risk analysis, management, and mitigation.
5. Implement risk analysis and management tools.
6. Define technical and organizational Cybersecurity measures.
7. Describe monitoring and auditing processes.
8. Manage and classify organizational assets.
9. Handle Cybersecurity incidents, including analysis, response, and notification.
10. Develop Information Security Policy.
11. Create Cybersecurity Plan.
12. Prepare Annual Cybersecurity Report as per legislation.
13. Define action plan for regulatory compliance and improvement of organizational Cybersecurity maturity.
Contents
1. Cybersecurity legislation.
2. CIS, COBIT, ISO/IEC and NIST Frameworks.
3. Risk analysis and management.
4. Monarc Tool.
5. Technical and organizational measures.
6. Cybersecurity audit and monitoring.
7. Asset inventory.
8. Cybersecurity incident management.
9. Information Security Policy (ISP).
10. Security Plan.
11. Annual Cybersecurity Report.
12. Plan for compliance with the Cyberspace Security Legal Regulation (CSLR).
13. National Cybersecurity Reference Framework (NCSRF) certification scheme.
14. Cybersecurity digital maturity seal.
2. CIS, COBIT, ISO/IEC and NIST Frameworks.
3. Risk analysis and management.
4. Monarc Tool.
5. Technical and organizational measures.
6. Cybersecurity audit and monitoring.
7. Asset inventory.
8. Cybersecurity incident management.
9. Information Security Policy (ISP).
10. Security Plan.
11. Annual Cybersecurity Report.
12. Plan for compliance with the Cyberspace Security Legal Regulation (CSLR).
13. National Cybersecurity Reference Framework (NCSRF) certification scheme.
14. Cybersecurity digital maturity seal.
Teaching Methods
Teaching theory and practice, with 10 sessions corresponding to 35 hours of contact (10 sessions of 3,5 hours). The total work time of the student is 52 hours. Theoretical classes are designed to expose and discuss the main programmatic contents, encouraging interactivity and questioning.
The topics are further explored through the realization of practical exercises for each of the different topics supported by scripts provided by the teacher and carried out in a group. The exercises are made using simulations.
The topics are further explored through the realization of practical exercises for each of the different topics supported by scripts provided by the teacher and carried out in a group. The exercises are made using simulations.
Assessment
The exercises correspond to 50% of the final grade. The learning outcomes are assessed individually through 1 written exam (50% of the grade). Thus, the final grade will be 50% theoretical + 50% practical (NF=0.5*T+0.5*P).
Teaching Staff
- Hugo Miguel Mataloto Agoga
- Pedro José Grilo Lopes Patinho [responsible]
Certificações
