Principles and Engineering of Secure Solutions | SGInnovate
October202020
October222020

Location

ONLINE WORKSHOP
Singapore

Price

Promotional Ticket (Ticket Inclusive of G.S.T) - $1,070.00

Bundle Ticket (Ticket Inclusive of G.S.T) - $1,926.00

Principles and Engineering of Secure Solutions

Presented by SGInnovate and Tegasus International

Are you and your organisation ready to manage and respond to cyber attacks?

Together with Tegasus International, SGInnovate is proud to present a series of Cybersecurity workshops designed to prepare you and your organisation for impending security threats and vulnerabilities.

Designed for anyone who has little or no prior knowledge in Cybersecurity, equip yourself and your organisation with defence mechanism to mitigate the risks of cyber vulnerability and react to present and future Cybersecurity challenges.

This three-day online workshop aims to provide you with an overview of the digital ecosystem in Cybersecurity and how to navigate through various Cybersecurity threats, vulnerabilities and risks.

You will learn how to identify critical security risks and problems posed by new technologies and business practices, and how to design secure systems and controls based on IT architectural guidelines and requirements.

You will also learn how to incorporate controls into security system components to minimise security breaches or lapses in system designs.

There will be an emphasis on real-world use cases and examples, and hands-on applications and techniques to raise awareness on the most fundamental Cybersecurity concepts, attack vectors and good practices.

By the end of the course, you will learn how to apply what you have learnt to improve your organisational Cybersecurity posture and formulate Cybersecurity best practices to safeguard organisational interest and mitigate these threats.

This workshop is eligible for funding support. For more details, please refer to the "Pricing" tab above.

In this workshop, participants will learn about:

  • An overview of the Cybersecurity ecosystem
  • Cyber risk analysis and management
  • Fundamentals of Cybersecurity
  • Security engineering and design
  • Security models and evaluation criteria
  • Introduction to Cryptography
  • Solution security and principles

Recommended Prerequisites:

  • An interest in Cybersecurity

Pre-Workshop Instructions:

  • You MUST have a stable wifi connection to join the online workshop via your laptop

Day 1 (20 October 2020)

8:45am – 9:00am: Online Registration
9:00am – 10:00am: An Overview of the Cybersecurity Ecosystem

  • Our digital ecosystem
  • Motivational factors for cyber attacks – attacker goals, skill sets and profiles
  • Cyber risk analysis and management
  • Practice session (risk analysis exercise)
  • Pros and cons of Cybersecurity solutions
  • Concepts of confidentiality, integrity and availability

10:00am – 11:00am: Identity and Access Management

  • Fundamentals of Cybersecurity
  • Introduction to identity and access management
  • Explain authentications (type 1, 2, 3 and 4)
  • Demonstration session (type 1 vulnerability exposures)

11:00am – 11:15am: Break
11:15am – 12:15pm: Identity and Access Management

  • Cyber threats facing authentication
  • Explain authorisation
  • Issues about authorisation
  • Methods for managing authorisation
  • Access control models (DAC, MAC, RAC and RuAC)
  • Access control administration

12:15pm – 1:15pm: Lunch Break
1:15pm – 3:45pm: Security Engineering and Design (Part 1)

  • Principles of secure design
  • Security models (state machine, Bell-LaPadula, Biba and commercial models)
  • Security evaluation criteria
  • Introduction to Cryptography
  • Cryptography in history

3:45pm – 4:00pm: Break
4:00pm – 5:30pm: Quiz
5:30pm – 5:45pm: Closing Remarks / Q&A

Day 2 (21 October 2020)

8:45am – 9:00am: Online Registration
9:00am – 10:30am: Security Engineering and Design (Part 2)

  • Types and elements of Cryptography
  • Symmetric Key Cryptography
  • Asymmetric Key Cryptography
  • Hybrid Cryptography

10:30am – 10:45am: Break
10:45am – 11:45am: Security Engineering and Design (Part 3)

  • Practice session (encryption and decryption exercise)
  • Cryptography with Integrity (Cryptography – data at rest & data in motion)

11:45am – 12:15pm: Solution Security and Principles

  • Revision of Day 1

12:15pm – 1:15pm: Lunch Break
1:15pm – 3:45pm: Solution Security and Principles

  • Understanding solution design ecosystem
  • Secure the weakest link
  • Practice defence in depth
  • Fail securely
  • Follow the principle of least privilege
  • Compartmentalise
  • Keep it simple
  • Promote privacy
  • Remember that hiding secrets are hard
  • Be reluctant to trust
  • Use your community resources

3:45pm – 4:00pm: Break
4:00pm – 5:30pm: Quiz
5:30pm – 5:45pm: Closing Remarks / Q&A

Day 3 (22 October 2020)

8:45am – 9:00am: Online Registration
9:00am – 9:30am: Revision of Day 2
9:30am – 11:00am: Discussion of Real-World Use Cases

  • Understanding Cyber Kill Chain
  • Stages of attacks & defence

11:00am – 11:15am: Break
11:15am – 12:00pm: Assessment

  • Assessment Briefing

12:00pm – 1:00pm: Lunch Break
1:00pm – 3:00pm: Assessment Presentation (Part 1)
3:00pm – 3:15pm: Break
3:15pm – 5:30pm: Assessment Presentation (Part 2)
5:30pm – 5:45pm: Closing Remarks / Q&A

$1,070 / pax (after GST) promotional discount for virtual workshop
$1,926 / pax (after GST) bundle discount including “Principles of Information Security Control". Original price up to $3,210 for both workshops.

Funding Support

This workshop is eligible for CITREP+ funding.

CITREP+ is a programme under the TechSkills Accelerator (TeSA) – an initiative of SkillsFuture, driven by Infocomm Media Development Authority (IMDA).


*Please see the section below on ‘Guide for CITREP+ funding eligibility and self-application process’

Funding Amount:

  • CITREP+ covers up to 90% of your nett payable course fee depending on eligibility for professionals

Please note: funding is capped at $3,000 per course application

  • CITREP+ covers up to 100% funding of your nett payable course fee for eligible students / full-time National Servicemen (NSF)

Please note: funding is capped at $2,500 per course application

Funding Eligibility:

  • Singaporean / PR
  • Meets course admission criteria
  • Sponsoring organisation must be registered or incorporated in Singapore (only for individuals sponsored by organisations)

Please note:

  • Employees of local government agencies and Institutes of Higher Learning (IHLs) will qualify for CITREP+ under the self-sponsored category
  • Sponsoring SMEs organisation who wish to apply for up to 90% funding support for course must meet SME status as defined here

Claim Conditions:

  • Meet the minimum attendance (75%)
  • Complete and pass all assessments and / or projects

Guide for CITREP+ funding eligibility and self-application process:

For more information on CITREP+ eligibility criteria and application procedure, please click here.

In partnership with:Driven by:

  

For enquiries, please send an email to learning@sginnovate.com

Ivan Lee, Co-founder, Tegasus International

Ivan works with various global strategic partners such as the NATO Cooperative Cyber Defence Centre of Excellence, US Department of Homeland Security ICS-CERT Idaho National Laboratory and local government agencies on critical initiatives and training programmes.

He started his career with Accenture, a top global top IT consulting MNC company and has assumed various tech management roles in the telecommunication, cGMP and Operational Technology sectors regionally. He is the Deputy Director of Cyber Security Technologies at iTrust, a Centre for Research in Cybersecurity that was established by the Ministry of Defence and Singapore University of Technology and Design (SUTD).

He is also an SUTD Academy Fellow and a member of the Coordinating Committee for Cybersecurity (CCCY), Subcommittee for Critical Information Infrastructure (CII).

He has attended various professional training courses and acquired certifications as listed below:

  • Certified Information Systems Security Professional (CISSP)
  • US Department of Homeland Security ICS-CERT Industrial Control Systems (ICS) Cybersecurity (301)
  • Advanced Penetration Testing, Exploit Writing, Ethical Hacking (SANS)
  • Advanced Course on Darknet and Cryptocurrencies
  • Hands-on Hardware Hacking and Reverse Engineering (Blackhat 2015)
  • Cybersecurity: Technology, Application and Policy (MIT Digital Program)
  • FORENSICS: Reverse-Engineering Malware (SANS)
  • Managing Successful Programmes (MSP) Practitioner, 2014
  • Introduction to Business Process Re-engineering Workshop
  • Live Hacking & Information Security Masterclass
  • Self-Discovery Leadership
  • EC-Council Certified Security Analyst (ECSA), 2013
  • Certified Ethical Hacker (CEH), 2013
  • Project Management Professional (PMP)

Topics: Cybersecurity