Breaking News

Course Details

CERTIFIED CYBERSECURITY MANAGER (CCSM)

Description

About CCSM

The Certified Cyber Security Manager (CCSM) is recognized certification for professionals in cybersecurity management. Awarded by the Institute of Forensics & ICT Security (IFIS), CCSM validates a professional’s deep technical, strategic, and managerial skills necessary to design, implement, and manage a comprehensive cybersecurity framework for an organization.

The CCSM certification is designed to empower candidates with practical skills aligned with international standards, such as ISO 27001, NIST CSF, and COBIT 2019, ensuring relevancy across all areas of cybersecurity management.

Course Objectives

Requirements

Accreditations

Successful candidates are proficient in the following seven domains:

Security and Risk Management
Asset Security
Security Architecture and Engineering
Communication and Network Security
Identity and Access Management (IAM)
Security Operations and Testing
Cybersecurity Leadership for Executives and Boards

Experience Requirements

Candidates for the CCSM must meet the following experience requirements:

Minimum Work Experience
1. Two years of professional work experience in the field of cybersecurity, internal audit, risk management or operations.
2. At least one year of experience in a managerial role.
Relevant Roles and Domains
1. Experience must span two or more of the seven CCSM domains.

Candidates without the required work experience may pursue the CCSM qualification by completing the required training and passing the exam. They will have up to two years of professional work experience to earn the requisite work experience.

Accreditation and value of the course

The CCSM certification is a practical course and aligns with globally recognized standards, such as ISO/IEC 17024, ensuring its credibility and relevance for cybersecurity professionals worldwide. This is a handson course designed to empower learners with practical skills. Graduates will gain practical skills that can readily be applied to their work upon completion thereby setting themselves apart of the park.

Job Task Analysis (JTA)

The CCSM certification undergoes a comprehensive Job Task Analysis (JTA) periodically to ensure it reflects the evolving roles and responsibilities of cybersecurity managers. The JTA process involves gathering data on the tasks performed by industry professionals and using these insights to update the certification domains and examination content. The CCSM course by IFIS is relevant today’s work requirements.

Course Details:

Course Fee:

UGX 4,800,000

Course Catergory

Certification

Course level

Intermediate

Modules

Start Course

Course duration and avalability

Course Overview

Module 1

Module 1: Security and Risk Management

This module provides a foundational understanding of managing security and risk, aligning cybersecurity efforts with organizational objectives, and ensuring compliance with international standards.

Topic 1.1: Professional Ethics in Cybersecurity

Understanding ISC2 and organizational codes of ethics.
Navigating ethical dilemmas in decision-making.
Promoting ethical practices within security teams.

Topic 1.2: Core Security Concepts

Overview of the CIA triad and additional principles like authenticity and non-repudiation.
Balancing security and business objectives.
Assessing real-world applications of security concepts.

Topic 1.3: Security Governance Principles

Aligning security functions with business strategies and goals.
Frameworks like ISO 27001, NIST CSF, and COBIT 2019.
Implementing governance processes such as acquisitions and committee integration.

Topic 1.4: Legal and Compliance Frameworks

Understanding and applying GDPR, CCPA, HIPAA, and other regulations.
Managing cross-border data flow and contractual compliance.
Handling regulatory audits and reporting.

Topic 1.5: Business Continuity and BIA

Conducting business impact analyses (BIA) to identify critical operations.
Developing recovery time objectives (RTO) and recovery point objectives (RPO).
Establishing and maintaining business continuity plans.

Topic 1.6: Risk Management Frameworks

Identifying and assessing risks using frameworks like NIST RMF and ISO 31000.
Implementing risk mitigation strategies and controls.
Monitoring and continuously improving risk management processes.

Learning Outcomes for Module 1

By the end of this module, participants will:

Uphold and promote professional ethics in cybersecurity.
Apply foundational security concepts to protect organizational assets.
Align security efforts with business goals using global frameworks.
Navigate legal, regulatory, and compliance challenges effectively.
Conduct BIAs to develop robust business continuity plans.
Implement risk management frameworks to mitigate potential threats.

Module 2

Module 2: Asset Security

This module focuses on securing organizational data and assets throughout their lifecycle.

Topic 2.1: Asset Classification and Ownership

Defining ownership roles: Custodians, processors, and users.
Categorizing assets based on sensitivity and criticality.

Topic 2.2: Asset Handling Policies

Developing secure storage and handling policies.
Implementing retention schedules for physical and digital assets.

Topic 2.3: Data Lifecycle Management

Managing data from creation to destruction.
Implementing controls for data in transit, at rest, and in use.

Topic 2.4: Cloud and Hybrid Security

Securing data across cloud and hybrid environments.
Utilizing tools like CASB for visibility and control.

Topic 2.5: Data Compliance and Protection

Applying encryption, DRM, and DLP solutions.
Ensuring compliance with international data protection standards.

Topic 2.6: Secure Data Destruction

Techniques for ensuring data is irrecoverable post-destruction.
Compliance considerations for data disposal.

Learning Outcomes for Module 2

By the end of this module, participants will:

Classify and assign ownership to organizational assets.
Implement secure handling and retention policies.
Manage data throughout its lifecycle, ensuring protection at all stages.
Secure cloud-based and hybrid environments effectively.
Ensure compliance with data protection regulations.
Develop and implement secure data destruction policies.

Module 3

Module 3: Security Architecture and Engineering

This module teaches the principles and techniques to design and manage secure architectures.

Topic 3.1: Secure Architecture Design Principles

Applying zero trust and defense-in-depth principles.
Designing with privacy-by-design methodologies.

Topic 3.2: Cryptography Fundamentals

Understanding symmetric, asymmetric, and elliptic curve encryption.
Implementing encryption for data security.

Topic 3.3: Emerging Technology Challenges

Securing IoT, microservices, and edge computing.
Addressing vulnerabilities in distributed systems.

Topic 3.4: Threat Modeling Techniques

Identifying and mitigating potential vulnerabilities.
Using frameworks to prioritize threat responses.

Topic 3.5: Physical Security Design

Securing data centers, server rooms, and evidence storage facilities.
Implementing environmental and physical controls.

Topic 3.6: Lifecycle Security Management

Integrating security throughout the system lifecycle.
Ensuring continuous monitoring and improvement.

Learning Outcomes for Module 3

By the end of this module, participants will:

Design secure systems using advanced architectural principles.
Apply cryptographic methods to secure sensitive information.
Protect emerging technologies from evolving cyber threats.
Conduct threat modeling to mitigate risks proactively.
Implement physical security controls for critical facilities.
Manage secure system lifecycle processes.

Module 4

Module 4: Identity and Access Management (IAM)

This module covers IAM strategies for managing secure access to systems and data.

Topic 4.1: IAM Fundamentals

Overview of AAA principles.
Applying least privilege and need-to-know access models.

Topic 4.2: Modern Authentication Mechanisms

Implementing MFA and password-less authentication.
Addressing security concerns in session management.

Topic 4.3: Access Control Models

Enforcing RBAC, attribute based access control (ABAC) , and MAC.
Managing exceptions and temporary access.

Topic 4.4: Federated Identity Management

Integrating third-party identity providers.
Implementing single sign-on (SSO) solutions.

Topic 4.5: Privileged Access Monitoring

Managing privileged accounts securely.
Detecting and preventing misuse with PAM tools.

Topic 4.6: Access Lifecycle Management

Onboarding, provisioning, and deprovisioning accounts.
Conducting access reviews and audits.

Learning Outcomes for Module 4

By the end of this module, participants will:

Implement effective IAM systems for secure access control.
Deploy modern authentication mechanisms like MFA and SSO.
Utilize advanced access control models to prevent unauthorized access.
Integrate IAM with third-party and cloud solutions.
Monitor and manage privileged accounts to mitigate insider threats.
Oversee access lifecycle processes to ensure compliance.

Module 5

Module 5: Security Operations

This module emphasizes operational practices, incident response, and monitoring.

Topic 5.1: Incident Response

Detecting, containing, and recovering from incidents.
Conducting post-incident analyses to improve resilience.

Topic 5.2: Security Assessments

Conducting vulnerability assessments and penetration tests.
Simulating real-world breach scenarios.

Topic 5.3: Threat Monitoring

Using SIEM, UEBA, and threat intelligence for proactive monitoring.
Conducting threat hunting and analysis.

Topic 5.4: Disaster Recovery Planning

Developing, testing, and maintaining disaster recovery plans.
Ensuring continuity during crises.

Topic 5.5: Operational Threat Trends

Addressing challenges like AI-based attacks and ransomware.
Adapting operations to counter emerging threats.

Topic 5.6: Security Audits

Conducting internal and external audits.
Ensuring regulatory and organizational compliance.

Learning Outcomes for Module 5

By the end of this module, participants will:

Establish incident response procedures to minimize impact.
Conduct thorough security assessments and simulations.
Leverage advanced monitoring tools to detect and prevent threats.
Develop disaster recovery plans to maintain business operations.
Adapt operations to address emerging security trends.
Perform regular audits to ensure compliance.

Module 6

Module 6: Advanced Cybersecurity for Executives and Boards

This module focuses on equipping executives and board members with strategic cybersecurity knowledge.

Topic 6.1: Cybersecurity Overview for Leaders

Understanding cybersecurity in a business context.
Basics of the threat landscape.

Topic 6.2: Strategic Risk Management

Developing risk appetites and responses.
Aligning cybersecurity with business objectives.

Topic 6.3: Financial Impacts of Cyber Threats

Evaluating costs of breaches and downtime.
Making informed investment decisions.

Topic 6.4: Cybersecurity Metrics and Reporting

Interpreting technical reports for decision-making.
Identifying key metrics for board-level reporting.

Topic 6.5: Crisis Leadership During Incidents

Leading organizational responses to major incidents.
Ensuring effective communication during crises.

Topic 6.6: Regulatory Compliance for Executives

Understanding the board’s role in cybersecurity compliance.
Addressing accountability and liability.

Learning Outcomes for Module 6

By the end of this module, participants will:

Understand the strategic importance of cybersecurity in business.
Develop risk management strategies aligned with business goals.
Assess financial impacts of cyber incidents effectively.
Use metrics to make informed cybersecurity decisions.
Lead effectively during cybersecurity crises.
Ensure organizational compliance with regulatory requirements.

Module 7

Module 7: Capstone and Practical Application

Participants will apply their knowledge in real-world scenarios and challenges.

Topic 7.1: Real-World Case Studies

Solving industry-specific cybersecurity problems.

Topic 7.2: Incident Simulation

Participating in simulated breach and response exercises.

Topic 7.3: Practical Assessments

Designing secure architectures and presenting solutions.

Topic 7.4: Final Exam

Testing theoretical and practical knowledge from the course.

Learning Outcomes for Module 7

By the end of this module, participants will:

Apply theoretical knowledge to practical challenges.
Demonstrate problem-solving skills in real-world scenarios.
Design and present comprehensive security solutions.
Successfully complete the CCSM certification – and become CCSM Certified Associate Member.
After two years of professional practice, become a CCSM or if you joined the course after working for two years, automatically become a CCSM Certified Member.

The CCSM Course is well-rounded –a practical approach to modern cybersecurity challenges, ideal for both practitioners and executives.

Experience Requirements

Candidates for the CCSM must meet the following experience requirements:

Minimum Work Experience
1. Two years of professional work experience in the field of cybersecurity, internal audit, risk management or operations.
2. At least one year of experience in a managerial role.
Relevant Roles and Domains
1. Experience must span two or more of the seven CCSM domains.

Certified Fraud Examiner

The Certified Fraud Examiner (CFE) Training Program equips participants with the essential skills to detect, deter, and prevent fraud in various industries across all sectors of an organization. By completing this comprehensive course, participants will gain an in-depth understanding of fraud investigation, ethical practices, legal frameworks, and the implementation of effective fraud prevention strategies. This certification not only boosts your career prospects but also enhances your marketability, job security, and earning potential.

Upon completion, you will be prepared to confront fraud in both private and public sectors, develop professional investigative reports, and mentor others on the significance of ethics and accountability.

$1515

Enroll Now

Career skills that work at IFIS

Enhance your career with courses in Cybersecurity, Fraud Risk Management, and Personal Productivity. Gain the skills to protect systems, manage risks, and optimize your performance. Start today to stay ahead in a competitive job market!