Information security in practice

In this course, you will learn the basics of information security and how to apply information security principles to your home environment or organization, regardless of its size.

Information security, sometimes shortened to infosec, is the practice of protecting information by mitigating information risks. It is part of information risk management. It typically involves preventing or at least reducing the probability of unauthorized/inappropriate access, use, disclosure, disruption, deletion/destruction, corruption, modification, inspection, recording or devaluation, although it may also involve reducing the adverse impacts of incidents. 

The course is tough by Dr. Nikola Milosevic, a PhD in computer science with track record of publications and successful projects in information and cyber-security. Nikola is OWASP chapter and project leader and has been teaching on several reputable Universities over the past 5 years.  I have also published scientific papers on malware analysis. Now he wants to share this knowledge with you and help you develop your career!

This course is following the content of the CISSP (Certified Information Security Systems Professional) certification.

The content of the course is suitable for both beginners and intermediate students interested in information security.

In this course you will learn about:

• The motivation for having an information security framework

• Types of information security controls (application, network, physical security)

• Information security risk management

• How to evaluate information assets of your organization

• How to perform a risk assessment and where to include information security controls

• How to perform audits and when

• How to manage security operation of a certain organization

• What are and how to respond to information security incidents (Incident response)

• How to handle disaster recovery

• Ethics of information security

• What laws and regulations are in place (this may be specific to the UK and EU, as it includes talks about GDPR but tries to generalize)

• Security standards in information security (ISO27001, ISO27003, ISO27005)

• History and main algorithms used for information security

• Cryptography

• Access control

• Basics of network security

• Basics of application security

• Basics of physical security

The tools that the course will be utilizing will be all open sources (such as SNORT or OSSEC).

Who this course is for:

• This course is for anyone who wants to become an expert in cyber-security and information security. This volume covers the required foundation building blocks of that skillset.

• For anyone who would love to gain a practical skillset in mitigating the risk from various kinds of information security threats and would like to learn about managing information in the organization.

• For beginners and intermediate information security enthusiasts who are interested in security, safety, and privacy.

• This course is designed for personal and corporate information security.

The content of this course was delivered also in the University settings.