Admin
Full-Day: Vulnerability Management Fundamentals - In-person Session
 Description

Description:

This session will focus on the security and control issues related to vulnerability management including key controls and how to audit them.

Key Learning Objectives

  •       Understand vulnerability management lifecycle and key elements
  •       Understand current cybersecurity assessment frameworks and tools in relation to vulnerability management
  •       Understand key controls and related audit objectives and steps
  •       Discussion of security and audit tools and techniques

Specific Topic Areas Include:

Vulnerability Management Overview

  •       Definitions and Key concepts
  •       Vulnerability Management Lifecycle
  •       Key Elements of Vulnerability Management Program
  •       NIST Cybersecurity Framework / other Security Frameworks e.g. CIS  Controls, ISO/IEC 27001/27002

Cybersecurity Threats and Risks

  •       Threat Landscape
  •       Cyber Threat Actors
  •       Cyber Attack Frameworks (e.g. Mitre Att@ck Framework)
  •       Vulnerability Identification and Evaluation

Key Security Controls and Related Audit Areas

  •       Asset Management
  •       Configuration Management
  •       Security Configuration
  •       Patch Management
  •       Threat Intelligence
  •       Security Operations Centre (SOC)
  •       Security Incident and Event Management (SIEM)
  •       Incident Management
  •       Vulnerability Assessment and Remediation
  •       Penetration Testing and Red Team Exercises

Audit / Assessment Tools & Techniques

  •       Assessment Tools and Frameworks
  •       Security and audit tools and techniques
  •       Resource List

Presenter:

John G. Tannahill, CA, CISM, CRISC

John is an independent Information Security and Audit Services Consultant. His current consulting work areas are focused on information security in large information systems environments and networks, requiring detailed knowledge of the major operating systems encountered.  Particular areas of technical security expertise include: 

Cybersecurity Assessment

Windows Server

Linux

Database Security

Network Security

John is a frequent speaker in Canada; USA, Europe, Africa and Asia on the subject of Information Security.  He is a member of the Institute of Chartered Accountants of Scotland

CPE: 8.0 Hrs

Please Note:  There is a cancellation policy in effect

 Details
Date & Time: Sep 27, 2023 08:30 AM to
Sep 27, 2023 04:30 PM
[America/Toronto UTC -5]
 
Add to my Calendar
Location: Ivey Donald K. Johnson Centre
Ground Floor
130 King Street West
Toronto ON
Canada
M5X1A9
 
Get Driving Directions
Registration Closes: Sep 26, 2023 05:00 PM

Event Coordinator:
Admin Support
admin.support@isacatoronto.com
 Registration Fees
Member Price
CAD 		Spaces
Remaining
Registration Fee  
   
 $200.00
 Yes
 
Non-member Price
CAD 		Spaces
Remaining
Registration Fee  
   
 $230.00
 Yes
 

Registration is now closed.


 

Powered By GiftTool.com




ISACA - Toronto Chapter
PO Box 6544, Station A
Toronto, ON, Canada
M5W 1X4