Cyber Security 101 (CS101)

Cyber Security instantaneously refers to various practices and technologies aiming to protect Computer Systems, Networking & Communicating Devices and Data from relevant Cyber-Attacks such as unauthorized access. The lack of effort by organizations to ensure the prevalence of effective cyber security policies and efficient data security policies can lead to critical issues such as Data Breaches, which can eventually lead to reputational loss. The occurrence of cyber-attacks across organizations and individuals prominently relates to a lack of adequate awareness about cyber security. The importance of being aware of different cyber security measures from an organizational perspective relates to its specific stakeholders such as employees. Consequently, the increasing impact of digital transformation requires an individual to be aware of the latest cyber security threats and relevant best practices to tackle such threats efficiently. The range of daily uses of cyber security includes protecting personal information to ensure safe internet browsing thereby leading to securing online transactions. The skills learned in basic cyber security assurance includes basic knowledge of network securing using multiple security devices like Firewall, Virtual Private Network (VPN) and Intrusion Prevention System (IPS) and many more. We became familiar with multiple types and cyber-attacks and as well as how to defend them.

Advanced Certification in Cyber Security (ACCS)

The steadily increasing importance of cyber security within industries relates to realizing the significant impact of digital disruption on organizations, irrespective of their operating sector.

The assurance of effective security from an organizational perspective relates to aligning with underlying policies of different standards of Governance, Risk and Compliance (GRC) such as ISO 27001. The importance of adhering to different Information Security Management System (ISMS) Standards for an organization relates to assured Risk Management, Data Protection, Competitive Advantage and Operational Efficiency.

The increasing importance of Data and Information, thus derived from the effective processing of data aids efficient decision-making for a company. This implies the importance of rendering appropriate Information Security by organizations to achieve their desired business operational excellence. This is apart from protecting sensitive information within business such as Complete Financial Transaction Details of Customers and thereby not only maintaining their optimum trust level as well as elevating it further to a possible extent. For instance, specific standard such as the Payment Card Industry Data Security Standard (PCI-DSS) is maintained by banks and financial organizations to safeguard their customer data.

Such extensive requirement of Cyber Security for companies, irrespective of their background operating sector establishes its capability of significant employment generation from a current backdrop of rapid development of different modern-day technologies.

Professional Certification in Information Security (PCIS)

The demand for cybersecurity experts is fast gaining momentum due to consistently increasing cases of Cyber Crimes across the globe. The cost of cybercrime reported worldwide is estimated at US$9.22 trillion as of ongoing FY 2024 – FY 2025. This further implies that demand for Cyber Security Experts will increase proportionally to cater for this need to tackle cases of cybercrimes and simultaneously safeguard organizations and individuals against them. The employment demand within Cyber Security relates to its wide range of areas such as Data Protection and Holistic Organizational Network Safety. Accordingly, specific roles and designations for Cyber Security experts include Chief Information Security Officer (CISO), Security Analyst, Cybersecurity Architect, Security Engineer, Penetration Tester, Incident Responder and Cyber Intelligence Analyst.

As an individual, a target of carving out a career in cybersecurity requires acquiring relevant technical skills and thereby applying them consistently to transform them into effective competencies. The range of such technical skills includes Vulnerability Analysis (VA); Penetration testing (PT); Security Operations Centre (SOC); Forensic analysis and Governance, and Risk & Compliance (GRC) Associate.

Acquiring the skill of Vulnerability Analysis (VA) by a professional implies having the due capacity to identify and address existing weaknesses in systems, applications and networks. This indicates that an expert Vulnerability Analyst is required to be proficient in using Network Analysis Tools as well as Security Tools. This further indicates concerned individuals have adequate knowledge about different cybersecurity frameworks such as the Health Insurance Portability and Accountability Act (HIPPA), ISO 27001/27002, National Institute of Standards and Technology (NIST) and Sarbanes-Oxley Act (SOX).

A Penetration Tester (PT) applies a wide range of tools to tackle the security challenges of an organization including Metasploit, Nmap, Burp Suite, Wireshark and Vulnerability Scanner. These individuals exhibit appropriate analytical and problem-solving skills that guide them to be proficient in Threat Modelling and Risk Assessment. This is apart from having a thorough knowledge of the General Data Protection Regulation (GDPR), Health Insurance Portability and Accountability Act (HIPPA) and Payment Card Industry Data Security Standard (PCI-DSS) to ensure compliance-related requirement fulfilment within an organization.

The skill of the Security Operations Centre (SOC) relates to having the capacity to appropriately address security issues of an organization across its organizational and technical levels. This requires SOC experts to possess an adequate and effective skillset consisting of Technical Proficiency, Incident Response and Threat Intelligence. The members of the SOC team in a company proceed with combining such skills and thereby protect organizational resources suitably. The SOC Experts within an organization are required to analyze security incidents using the advantages of multiple tools and techniques and thereby implement effective strategies to eliminate threats.

The skill of a Forensic Analyst covers areas such as Analytical Capabilities, Attention to Detailing, Communication Skills and Scientific Knowledge. The Analytical Capabilities of a Forensic Analyst relate to assessing complex data as well as evidence to draw meaningful conclusions. This relates them to applying their in-depth knowledge of computer systems, multiple operating systems and networks. The Forensic Experts are observed to be proficient in applying multiple digital forensic tools – EnCase, Autopsy and Forensic Toolkit (FTK).

The skill of Governance, Risk & Compliance (GRC) Associate includes aiding an organization to maintain a high level of information security and data privacy programs. The concerned GRC Associate possess an appropriate understanding of Governance to establish and enforce policies for an organization to ensure alignment of IT processes with a business objective of a company. These individuals can identify and assess risks related to information security and thereby proceed to mitigate them effortlessly. The compliance knowledge of these individuals encourages them to be familiar with regulatory requirements and various industry standards such as the General Data Protection Regulation (GDPR), Health Insurance Portability and Accountability Act (HIPPA) and Payment Card Industry Data Security Standard (PCI-DSS).