Search the Community
Showing results for tags 'applied theory'.
Found 1 result
Jack Whitsitt posted a topic in SolutionsAs a follow-up to my blog post here in December, I wanted to mention a class I'll be offering in different U.S. throughout this year that helps define cybersecurity as a problem space, as discipline, and which attempts to fill in some of the larger gaps in the framework: Risk Management, Metrics, Communicating about Cybersecurity, etc. Hopefully some of you will see value in attending; I think it is relatively unique content with an unusual perspective. Overview: This 2-day class – one of several throughout the U.S. in 2015 – is intended for those leaders, decisions makers, and technologists who feel that they are lacking a usable bridge between the technology and business aspects of cybersecurity and wish to do more than simply build a standard security program and hope for the best. Value: The instructor will use two common security frameworks (NIST and C2M2) alongside custom material (developed over 9 years and unavailable elsewhere) to provide students with the necessary cybersecurity, framework, and communication theory required to make practical improvements to their cybersecurity environments, including, potentially: More effective management of the organizational behaviors outside of the CISO shop that lead to increased cybersecurity risk Enhancement of the functioning and efficacy of security-specific programs and organizations Development of appropriate, actionable metrics for all organizational levels, including the executive Increased assurance that critical business success criteria are met despite ongoing cyber risk More comprehensive plans to defend against specific external threats Improved management of Perception, Communication, Scale, and Uncertainty risks associated with cybersecurity Improved partnership and collaboration within and across organizations, public and private Reduced gap between “Compliance” and “Security” Easier, more effective development of custom formal and informal frameworks to bridge gaps between disciplines Audience: The target audience for this class includes executives, security leaders, technology practitioners, architects, policymakers, lawyers, and other individuals interested in moving beyond industry and media hype to develop a broader understanding of both the problem space and discipline of “Cybersecurity” as it applies to their specific roles. Class will be tailored, within the constraints of the topic areas, to the backgrounds and needs of attendees. The first day will focus on theory presentation and the second day will apply that theory to practical problems – some as requested by students - in a workshop environment. Students should also be aware that, despite some use of jargon, no technical experience or security expertise is assumed and each class will be tailored to the experience levels of those in attendance wherever possible. Dates: Phoenix, April 14-15 Minneapolis, June 16-17 Portland, August 11-12 Dallas, October 13-14 Nashville, November 10-11 Custom Dates and Locations Available http://www.energysec.org/upcoming-live-events/