Open Programme
Cyber Security Operations Specialist
ST Electronics (Info-Security)
Page 1
Cyber Security Operations Specialist
DigiSAFE Cyber Security Centre
ST Electronics (Info-Security)
Page 2
Cyber Security Operations Specialist
Cyber Security Operations Essentials:
Live cyber security training to build Detection, Response & Recovery capability
In today’s ever-evolving security environment,organisations, enterprises and governmental institutions face new threats and the possibility of cyber-attacks every day.
To counter these threats, organisations invest heavily in the Protection aspect of cyber security to safeguard their business systems. At the same time, info-security or cyber info-security teams are sent for training for more in-depth knowledge in cyber security, so that they can lay the right foundation. Yet, breaches occur.
Knowledge is Important, Response is Essential
Clearly, knowledge in the techniques required to secure your organisation’s critical IT assets and business systems is important.
Operational skills to detect genuine cyber threats,
respond adequately, and recover appropriately in the event of compromise, however, is beyond important. It is critical.
Cyber Security Operations Specialist
Whether you are a cyber security professional, or an IT professional tasked to manage your business’s IT infrastructure, Cyber Security Operations Specialist (CSOS) centres on equipping you and your team with the right skillsets and competencies to keep an organisation secure – not just in head-based knowledge, but in operational proficiency.
Specifically, CSOS focuses on the cognitive and analytical abilities of participants, in addition to knowledge. CSOS’s emphasis is on equipping participants with cyber defence operational skillsets – that will be ingrained in individuals on a day-to-day basis.
Who Should Attend
Cyber Security Professionals looking to upskill their level of security operations proficiency
IT Professionals / Engineers looking to multi-skill themselves in cyber security operations or looking to take on a cyber security-related job role
System / Network Administrators requiring a better understanding of cyber security operations
Information Security Managers and Executives involved in cyber security operations
Project Managers, Risk Managers and Compliance Managers who require an understanding of cyber security operations processes and outcomes
Operational-centric cyber security training allows trainees to hone their cyber security cognitive and analytical skillsets on real-world, live networks, with real malware and exploits.
ST Electronics (Info-Security)
Page 3
Course Focus
Real-World, Operations-Centric
Cyber Defence Training
State-of-the-Art Cyber Training Platform
Emulation of real-world conditions such as network structure, network characteristics, and traffic, with real malware and exploits.
True and accurate reflection of what it would be like to experience the entire kill-chain of cyber-attack(s) in a controlled environment
First in Singapore and the region
Course Structure
Day One
a. Cyber Security Imperatives
Cyber threats, trends, terms and terminologies
CIA, AAA, standards, audit, compliance and regulations Cryptography and applications
b. Network Technologies and Security
Introduction to network systems, types and devices Secure network protocol (SSL/TLS, SSH)
Introduction to network security devices (Firewall, IPS/IDS, SIEM, etc.) c. Server Systems and Logs
Types and functions of servers (web, database, mail, AD, etc.)
OS, servers and their event logs (Windows, Linux,IIS, Apache, Mssql, sendmail and etc.)
Day Two
d. Attack Methodology and Types Attack phases
Types of vulnerabilities and attacks Web-based attack (OWASP top 10)
e. Security Operations Centre and Incident Response Different types of information security incident Information security incident management framework Overview to SOC concepts and operations
Threat identification, threat correlation, threat aggregation, threat filtering (through applications and server logs)
Incident handling, response management, notification and reporting f. Security Products and Hands-On
Checkpoint Firewall, Security Information and Event Management(SIEM) Monitoring tools such as Wireshark, Process Monitor
Day Three to Five
g. Security Operations Centre Cyber-Attack Scenario-based Exercises Exposure to real-world cyber-attack scenarios
ST Electronics (Info-Security)
Page 4
About the Trainers
Trainers conducting the Cyber Security Operations Specialist include:
Meny Har
CTO and Principal Trainer
Meny Har is the CTO of the DigiSAFE Cyber Security Centre, where leads the Centre’s technology strategy and anchors all training curriculum and course design. He is also the Principal Trainer of DigiSAFE Cyber Security Centre.
Meny possesses nearly a decade of experience in the cyber security industry. He has a rich and versatile technological background combining cyber security solution architecture and design as well as hands-on managerial cyber security experience as a Cyber Security Department Head for one of the Israeli Defense Forces (IDF) primary commands.
Prior to joining the centre, Meny was the chief solution architect for Elbit System’s cutting-edge Cyber Training System, where he led the design and development efforts for all aspects of the system.
Additionally, Meny has spent many years of service in the IDF in the Info-Sec branch of the Intelligence Corps, most of which in commanding-managing positions. During that time, he led all security operations activities in one of IDF’s primary commands and administered all of its Info-Sec strategy and policies. Meny also holds a B.Sc.in Computer and Electrical Engineering from the Hebrew University of Jerusalem, one of Israel’s leading academic institutions.
Chan Yue Meng
Trainer
Chan Yue Meng is a Cyber Security Analyst and Researcher, as well as Trainer at ST Electronics (Info-Security) Pte Ltd. A part of ST Engineering Group’s Security Operations Centre (SOC) team, he oversees all the security events on all Singapore Technologies companies.
Yue Meng possesses over 14 years of experience in the area of systems and networks. In his current capacity, he examines current threats and methods of deliverance used to deliver the payload especially through web. His responsibilities include being the key malware analyst, who determines and verifies rules on new threat discovered. He also manages junior analysts and guides the team in analysing raw and correlated events triggered or collected by our existing SIEM. Yue Meng, too, plays a key role in the forensic team by providing md5sum of suspected malware which is overlooked by existing security infrastructure. He is familiar with penetration testing and actively tries to understand how an attacker thinks and operates as part of his overall cyber security work.
Prior to that, Yue Meng was with the Infocomm Development Authority of Singapore (IDA) and seconded to the Ministry of Home Affairs (MHA) as part of a professional technical team which manages the SIEMS infrastructure and oversees the overall site deployment of SIEMS sensors at the customer sites. In that role, he is heavily involved in SOC operations too.
ST Electronics (Info-Security)
Page 5
Yue Meng’s other roles include being the System Administrator of Nanyang Business School and MOL Ship Management, Network Administrator of Advance Network Technology
Yue Meng holds a Bachelor of Science in Digital System Security from the University of Wollongong), Advanced Diploma in Networking and Communication and Specialist Diploma in Networking and Communication from Ngee Ann Polytechnic and Diploma in Computer Studies.
His qualifications also include:
Offensive Security Certified Professional (OSCP) GIAC Certified Incident Handler (GCIH)
Red Hat Certified Technician
Certified 3COM Network Administrator Cisco Certified Network Associate (CCNA)
Zhang Youwei
Trainer
Zhang Youwei is a Cyber Security Engineer and Trainer at ST Electronics (Info-Security) Pte Ltd. He is experienced in the hardware aspects of Information Technology particularly quality assurance. More recently, Youwei redirected his focus to information security and cyber security.
In his current capacity, Youwei is the Systems Lead for DigiSAFE Cyber Security Centre – a Cyber Security Centre of Excellence housing a state-of-the-art Cyber Trainer Platform that delivers cyber scenarios-based experiential training, which is the first, and only-of-its-kind in Singapore and the region. He administers and operates the Cyber Trainer Platform for training, and also supports curriculum development and improvement. From a systems perspective, he is also the anchor in all customer and partner engagement.
Prior to his current role, Youwei was with Advanced Micro Devices under the EDB – LOT Programme. During his time in AMD, he was part of the Advanced Testing and Characterisation team with the responsibilities of formulating test scripts, analysing data and correlating subsequent results on new products. In that role, he received two awards, one individual and one as part of a group, for process improvement.
Zhang Youwei holds a Bachelor of Engineering degree from National University of Singapore. He is also a Qualified Information Security Professional (AISP), and is pursuing a Certified Ethical Hacking (CEH) certification from EC Council.
ST Electronics (Info-Security)
Page 6
Course Details
COURSE DETAILS
Course Schedule: 5-day programmeScheduled course runs for 2014: 27 – 31 October
10 – 14 November
1 – 5 December (Tentative)
Scheduled course runs for 2015: 12 – 16 January
16 – 20 February 16 – 20 March Time: Day 1: Starts at 9:30am
Day 2 to 5: Starts at 9:00am Venue: DigiSAFE Cyber Security Centre
Jurong East Street 21, #04-02, Devan Nair Institute Singapore 609607
Course Fees: SGD$4,800 (Singaporeans and Permanent Residents)
SGD$6,000 (Non-Singaporeans or Singaporean Permanent Residents)
Singaporeans and PRs qualify for 70% WDA funding. Terms and Conditions apply.
Contact: Ms Lai Yan Ting
Hotline: +(65) 6513 9535
Note:
(1) Not inclusive off Singapore goods and services tax (GST) (7%). (2) Course fees is inclusive of lunch.
(3) ST Electronics (Info-Security) Pte Ltd reserves the right to make amendments to the course agenda without prior notice.
Training Benefits
Cyber Security Training based on DigiSAFE Cyber Security Centre’s Cyber Trainer System benefits trainees by enhancing their ability to:
1. Appreciate the entire kill-chain of various cyber- attacks 2. Develop improved response to cyber attacks
3. Enhance decision-making in the event of cyber-attacks
4. Enhance the collaboration between team mates working together
HOW?
1. Be exposed to a myriad or real-world cyber-attacks and participate in the verification of an attack Sharper Detection
2. Gain deeper insights on the actions and steps that can be taken and participate in the evaluation
of the organisational and business impact of every action taken against cyber attackers
Better Response
3. Sharpen the skills of the team in mitigating against attacks and participate in discussing how
ST Electronics (Info-Security)
Page 7
About DigiSAFE Cyber Security Centre
ST Electronics (Info-Security) set up the DigiSAFE Cyber Security Centre to offer advanced training courses in cyber security to meet increasing industry demand for such expertise. Training at the centre is supported by a Cyber Trainer System that emulates real world attacks on enterprise networks in a controlled environment. Trainees learn how to apply tools to protect, detect, respond and recover their networks from various types of cyber attacks. All training is designed to be operation-centric and experiential based.
Location
DigiSAFE Cyber Security Centre
80 Jurong East Street 21 #04-02
Devan Nair Institute
Open Programme
Cyber Security Operations Specialist
ST Electronics (Info-Security)
Page 8
www.digisafe.com/dcsc
DigiSAFE Cyber Security Centre 80 Jurong East Street 21 #04-02 Singapore 609607
Phone : (65) 6513 9535 / (65) 6568 7118 Fax : (65) 6568 7226
Email : [email protected]
No part of this publication may be reproduced or transmitted in any form or for any purpose without the express permission of ST Electronics (Info-Security) Pte Ltd. The information contained herein may be changed without prior notice.
These materials are provided by ST Electronics (Info-Security) Pte Ltd for informational purposes only, without representation or warranty of any kind, and ST Electronics (Info-Security) Pte Ltd shall not be liable for errors or omissions with respect to the materials. The only warranties for ST Electronics (Info-Security) Pte Ltd products and services are those that are set forth in the express warranty statements accompanying such products and services, if any. Nothing herein should be construed as constituting an additional warranty.
