Introduction to Information Security
The course serves as an introduction to Information Security.
It will provide basic understanding of key concepts to first-time approaches to Information Security. After an overview of the most common threats to a company's information assets and after a brief summary of relevant international regulations, the course will discuss the main conceptual pillars of Information Security (confidentiality, integrity, and data accessibility) as well as its relationship with Cybersecurity, a discipline with which it is often confused. The course will then move on to outline the required steps for Information Security Management System (ISMS) implementation, as laid out in the international standard of reference (ISO/IEC 27001).
This will make up the bulk of the learning experience. It will feature the importance of top management's active support and governance, the crucial role of on-topic organizational awareness and training, as well as what goes into risk analyses and related concepts. Lastly, the course will also focus on possible solutions and countermeasures to ensure that organizations can protect themselves from Information Security threats.
The tail-end of the course will instead touch on how important it is to implement constant review and validation procedures as part of the whole management system, since these can identify weak points and spur continuous improvement..