Information System Security Training Courses in Malta

A CISSP is an information assurance professional who defines the architecture, design, management and/or controls that assure the security of business environments. The vast breadth of knowledge and the experience it takes to pass the exam is what sets a CISSP apart. The credential demonstrates a globally recognized level of competence provided by the (ISC)2® CBK®, which covers critical topics in security today, including cloud computing, mobile security, application development security, risk management and more. This course helps you review the 10 domains of the information security practices. It also serves as a strong learning tool for mastering concepts and topics related to all aspects of information systems security. Objectives:

• To review of the main topics of CISSP CBK (Common Body of Knowledge).
• To prepare for a CISSP examination

Overview: Certified Information Systems Security Professional certification is recognised as a key qualification for developing a senior career in information security, audit and IT governance management. Held by over 30,000 qualified professionals worldwide, the Certified Information Systems Security Professional qualification shows proven knowledge and is the key to a higher earning potential in roles that include CISO, CSO and senior security manager. You will learn to:

• Use the knowledge gained in a practical manner beneficial to your organisation
• Protect your organisational assets using access control techniques and strengthen confidentiality and integrity controls from the world of cryptography
• Secure your network architecture and design (implement Cyber security)
• Achieve your organisational objectives such as legal & compliance, Information assurance, security and data governance
• Enhance IT services secure delivery via Security operations, architecture and design principles
• Implement business resiliency via Business Continuity Plan
• You will gain a thorough understanding of the 8 domains as prescribed by (ISC)2®.

The Main Goal:

• To pass your CISSP examination first time.

Target Audience: This training is intended for individuals preparing for the CISSP certification exam.

Description: CISA® is the world-renowned and most popular certification for professionals working in the field of IS audit and IT risk consulting. Our CISA course is an intense, very competitive and exam focused training course. With experience of delivering more than 150+ CISA trainings in Europe and around the world and training more than 1200+ CISA delegates, the Net Security CISA training material has been developed in house with the top priority of ensuring CISA delegates pass the ISACA CISA® Exam. The training methodology focuses on understanding the CISA IS auditing concepts and practicing large number of ISACA released question banks from the last three years. Over a period, CISA holders have been in huge demand with renowned accountings firms, global banks, advisory, assurance, and internal audit departments. Delegates may have years of experience in IT auditing but perspective towards solving CISA questionnaires will solely depend on their understanding to globally accepted IT assurance practices. CISA exam is very challenging because the chance of a very tight clash between two possible answers exists and that is where ISACA tests you on your understanding in global IT auditing practices. To address these exam challenges, we always provide the best trainers who have extensive experience in delivering CISA training around the world. The Net Security CISA manual covers all exam-relevant concepts, case studies, Q&A's across CISA five domains. Further, the Trainer shares the key CISA supporting material like relevant CISA notes, question banks, CISA glossary, videos, revision documents, exam tips, and CISA mind maps during the course. Goal: The ultimate goal is to pass your CISA examination first time. Objectives:

• Use the knowledge gained in a practical manner beneficial to your organisation
• Provide audit services in accordance with IT audit standards
• Provide assurance on leadership and organizational structure and processes
• Provide assurance on acquisition/ development, testing and implementation of IT assets
• Provide assurance on IT operations including service operations and third party
• Provide assurance on organization’s security policies, standards, procedures, and controls to ensure confidentiality, integrity, and availability of information assets.

Target Audience: Finance/CPA professionals, I.T. professionals, Internal & External auditors, Information security, and risk consulting professionals.

The training is directed to all operating systems administrators, who plan to implement a public key infrastructure based on MS Windows Server 2012 R2 and plan to use qualified electronic signature certificates.  The participants will learn about the basic issues related to the implementation of public key infrastructure, and also with the idea of ​​applying the latest cryptographic solutions for securing information systems.  On the basis of MS Windows Server 2012 R2 are discussed possibilities of using certification services for the enterprise.During the training in a virtual environment is installed complete certification center and discuss the most important issues related to the management and administration of public key infrastructure in an Active Directory domain. The training includes theoretical and practical knowledge on the use of electronic signatures issued by certification centers in Poland under the "Act on Electronic Signatures." These are legal issues, legal requirements, as well as examples of the use of certificates of electronic signatures in Poland. The participants will gain the knowledge needed to create electronic correspondence relating to communication with the public authorities and other services that allow or require the use of a type of ID.

Description: This course is the non-certifcation version of the "CISA - Certified Information Systems Auditor" course. CISA® is the world-renowned and most popular certification for professionals working in the field of IS audit and IT risk consulting. Objectives:

• Use the knowledge gained to benefit your organisation
• Provide audit services in accordance with IT audit standards
• Provide assurance on leadership and organizational structure and processes
• Provide assurance on acquisition/ development, testing and implementation of IT assets
• Provide assurance on IT operations including service operations and third party
• Provide assurance on organization’s security policies, standards, procedures, and controls to ensure confidentiality, integrity, and availability of information assets.

Target Audience: Finance/CPA professionals, I.T. professionals, Internal & External auditors, Information security, and risk consulting professionals.

This course will give you the skills to build up information security according to ISO 27005, which is dedicated to information security risk management based on ISO 27001.

This class will help the attendees to scan, test, hack and secure their own systems. To gain an in-depth knowledge and practical experience with the current essential security systems. The attendees will get to know how perimeter defences work and then be led into scanning and attacking their own networks, no real network is harmed. The attendees then will learn how intruders escalate privileges and what steps can be taken to secure a system, Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation.

This is a one day Introduction to ISO27001

This instructor-led, live training in Malta is aimed at engineers in telecommunication companies who wish to set up an end-to-end digital identity management system. By the end of this training, participants will be able to:

• Understand, evaluate and adopt different approaches to managing usernames and passwords.
• Setup a single login system that works across all applications used in a telecom environment.
• Use identity technology to get a clear understanding of their customers and their needs. 
• Implement an authentication system that works across different platforms (laptop, mobile, etc.).

ISO/IEC 27005 Risk Manager training enables you to develop the competence to master the risk management process related to all assets of relevance for Information Security using the ISO/IEC 27005 standard as a reference framework. During this training course, you will also gain a thorough understanding of best practices of risk assessment methods such as OCTAVE, EBIOS, MEHARI and harmonized TRA. This training course corresponds with the implementation process of the ISMS framework presented in the ISO/IEC 27001 standard. After understanding all the necessary concepts of Information Security Risk Management based on ISO/IEC 27005, you can sit for the exam and apply for a “PECB Certified ISO/IEC 27005 Risk Manager” credential. By holding a PECB Risk Manager Certificate, you will be able to demonstrate that you have the necessary skills and knowledge to perform an optimal Information Security Risk Assessment and timely manage Information Security risks. Who should attend?

• Information Security risk managers
• Information Security team members
• Individuals responsible for Information Security, compliance, and risk within an organization
• Individuals implementing ISO/IEC 27001, seeking to comply with ISO/IEC 27001 or involved in a risk management program
• IT consultants
• IT professionals
• Information Security officers
• Privacy officers

Examination - Duration: 2 hours The “PECB Certified ISO/IEC 27005 Risk Manager” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competency domains:

• Domain 1 Fundamental principles and concepts of Information Security Risk Management
• Domain 2 Implementation of an Information Security Risk Management program
• Domain 3 Information Security risk management framework and process based on ISO/IEC 27005
• Domain 4 Other Information Security risk assessment methods

General information

• Certification fees are included on the exam price
• Training material containing over 350 pages of information and practical examples will be distributed
• A participation certificate of 21 CPD (Continuing Professional Development) credits will be issued
• In case of exam failure, you can retake the exam within 12 months for free

ISO/IEC 27005 Lead Risk Manager training enables you to acquire the necessary expertise to support an organization in the risk management process related to all assets of relevance for Information Security using the ISO/IEC 27005 standard as a reference framework. During this training course, you will gain a comprehensive knowledge of a process model for designing and developing an Information Security Risk Management program. The training will also contain a thorough understanding of best practices of risk assessment methods such as OCTAVE, EBIOS, MEHARI and harmonized TRA. This training course supports the implementation process of the ISMS framework presented in the ISO/IEC 27001 standard. After mastering all the necessary concepts of Information Security Risk Management based on ISO/IEC 27005, you can sit for the exam and apply for a “PECB Certified ISO/IEC 27005 Lead Risk Manager” credential. By holding a PECB Lead Risk Manager Certificate, you will be able to demonstrate that you have the practical knowledge and professional capabilities to support and lead a team in managing Information Security Risks. Who should attend?

• Information Security risk managers
• Information Security team members
• Individuals responsible for Information Security, compliance, and risk within an organization
• Individuals implementing ISO/IEC 27001, seeking to comply with ISO/IEC 27001 or individuals who are involved in a risk management program
• IT consultants
• IT professionals
• Information Security officers
• Privacy officers

Examination - Duration: 3 hours The “PECB Certified ISO/IEC 27005 Lead Risk Manager” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competency domains:

• Domain 1 Fundamental principles and concepts of Information Security Risk Management
• Domain 2 Implementation of an Information Security Risk Management program
• Domain 3 Information security risk assessment
• Domain 4 Information security risk treatment
• Domain 5 Information security risk communication, monitoring and improvement
• Domain 6 Information security risk assessment methodologies

General Information

• Certification fees are included on the exam price
• Training material containing over 350 pages of information and practical examples will be distributed
• A participation certificate of 21 CPD (Continuing Professional Development) credits will be issued
• In case of exam failure, you can retake the exam within 12 months for free

ISO/IEC 27035 Introduction training course enables you to comprehend the basic concepts of managing Information Security Incidents. By attending the ISO/IEC 27035 Introduction course, you will understand the importance of an Information Security Incident Management and the benefits that businesses, society and governments can obtain. Who should attend?

• Individuals interested in Information Security Incident Management
• Individuals seeking to gain knowledge about the main processes of Information Security Incident Management

Learning objectives

• Understand the concepts, approaches, methods, and techniques used to manage Information Security Incidents
• Understand the Information Security Incident Management practices 

General Information

• Training material containing over 100 pages of information and practical examples will be distributed
• A participation certificate of 7 CPD (Continuing Professional Development) credits will be issued

ISO/IEC 27035 Foundation training enables you to learn the basic elements to implement an Incident Management Plan and manage Information Security Incidents. During this training course, you will be able to understand Information Security Incident Management processes. After completing this course, you can sit for the exam and apply for the “PECB Certified ISO/IEC 27035 Foundation” credential. A PECB Foundation Certificate shows that you have understood the fundamental methodologies, requirements, and management approach. Who should attend?

• Individuals interested in Information Security Incident Management process approaches
• Individuals seeking to gain knowledge about the main principles and concepts of Information Security Incident Management
• Individuals interested to pursue a career in Information Security Incident Management 

Learning objectives

• Understand the basic concepts of Information Security Incident Management
• Acknowledge the correlation between ISO/IEC 27035 and other standards and regulatory frameworks
• Understand the process approaches used to effectively manage Information Security Incidents

Educational approach

• Lecture sessions are illustrated with practical questions and examples
• Practical exercises include examples and discussions
• Practice tests are similar to the Certification Exam

General Information

• Certification fees are included on the exam price
• Training material containing over 200 pages of information and practical examples will be distributed
• A participation certificate of 14 CPD (Continuing Professional Development) credits will be issued
• In case of exam failure, you can retake the exam within 12 months for free

ISO/IEC 27035 Lead Incident Manager training enables you to acquire the necessary expertise to support an organization in implementing an Information Security Incident Management plan based on ISO/IEC 27035. During this training course, you will gain a comprehensive knowledge of a process model for designing and developing an organizational incident management plan. The compatibility of this training course with ISO/IEC 27035 also supports the ISO/IEC 27001 by providing guidance for Information Security Incident Management. After mastering all the necessary concepts of Information Security Incident Management, you can sit for the exam and apply for a “PECB Certified ISO/IEC 27035 Lead Incident Manager” credential. By holding a PECB Lead Incident Manager Certificate, you will be able to demonstrate that you have the practical knowledge and professional capabilities to support and lead a team in managing Information Security Incidents. Who should attend?

• Information Security Incident managers
• IT Managers
• IT Auditors
• Managers seeking to establish an Incident Response Team (IRT)
• Managers seeking to learn more about operating effective IRTs
• Information Security risk managers
• IT system administration professionals
• IT network administration professionals
• Members of Incident Response Teams
• Individuals responsible for Information Security within an organization

Learning objectives

• Master the concepts, approaches, methods, tools and techniques that enable an effective Information Security Incident Management according to ISO/IEC 27035
• Acknowledge the correlation between ISO/IEC 27035 and other standards and regulatory frameworks
• Acquire the expertise to support an organization to effectively implement, manage and maintain an Information Security Incident Response plan
• Acquire the competence to effectively advise organizations on the best practices of Information Security Incident Management
• Understand the importance of establishing well-structured procedures and policies for Incident Management processes
• Develop the expertise to manage an effective Incident Response Team

Educational approach

• This training is based on both theory and best practices used in the implementation of an Information Security Incident Management plan 
• Lecture sessions are illustrated with examples based on case studies
• Practical exercises are based on a case study which includes role playing and discussions
• Practice tests are similar to the Certification Exam

General Information

• Certification fees are included on the exam price
• Training material containing over 450 pages of information and practical examples will be distributed 
• A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued 
• In case of exam failure, you can retake the exam within 12 months for free

The ISO/IEC 27701 Foundation training course is designed to help participants understand the basic concepts and principles of a Privacy Information Management System (PIMS) based on ISO/IEC 27701. Moreover, during this training course, students will learn more on the structure of the standard including its requirements, guidance and controls on the protection of the privacy of Personally Identifiable Information (PII) principals and the relationship of the standard with ISO/IEC 27001 and ISO/IEC 27002. After completing this training course, you can sit for the exam and, if you successfully pass it, you can apply for the “PECB Certified ISO/IEC 27701 Foundation” credential. A PECB Foundation certificate proves that you have comprehended the fundamental methodologies, requirements, guidelines, framework and managerial approach. Who should attend?

• Individuals involved in information security and privacy management
• Individuals seeking to gain knowledge on the main processes of a privacy information management system
• Individuals interested in pursuing a career in privacy information management
• Individuals responsible for personally identifiable information (PII) within organizations
• Information security team members

Learning objectives

• Understand the fundamental concepts and principles of a privacy information management system (PIMS) based on ISO/IEC 27701 
• Identify the relationship between ISO/IEC 27701, ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks 
• Understand the approaches, standards, methods, and techniques used for the implementation and management of a PIMS 

Educational approach

• Lecture sessions are complemented by discussions questions and examples
• The exercises include multiple-choice quizzes and essay-type exercises
• Exercise questions and quizzes are similar to the certification exam

General Information

• Participants will be provided with the training material containing over 200 pages of explanatory information, discussion topics, examples and exercises.
• An attendance record certificate of 14 CPD (Continuing Professional Development) credits will be issued to the participants who have attended the training course. 

The ISO/IEC 27701 Lead Implementer training course enables you to develop the necessary expertise to assist an organization to establish, implement, maintain and continually improve a Privacy Information Management System (PIMS) based on ISO/IEC 27701 by enhancing an existing ISMS based on ISO/IEC 27001 and the guidance of ISO/IEC 27002. Why should you attend? This training course is designed to prepare its participants implement a Privacy Information Management System (PIMS) in compliance with the requirements and guidance of the ISO/IEC 27701. Moreover, you will gain a comprehensive understanding of the best practices of privacy information management and learn how to manage and process data while complying with various data privacy regimes. After mastering the implementation and management of a Privacy Information Management System (PIMS), you can sit for the exam and apply for a “PECB Certified ISO/IEC 27701 Lead Implementer” credential. The internationally recognized PECB Lead Implementer Certificate proves that you have the practical knowledge and professional capabilities to implement the ISO/IEC 27701 requirements in an organization. Who should attend?

• Managers and consultants involved in privacy and data management 
• Expert advisors seeking to master the implementation of a Privacy Information Management System
• Individuals responsible and accountable for Personally Identifiable Information (PII) within organizations
• Individuals responsible for maintaining conformance with data privacy regimes requirements
• PIMS team members

Learning objectives

• Master the concepts, approaches, methods and techniques used for the implementation and effective management of a PIMS.
• Learn about the correlation between ISO/IEC 27701, ISO/IEC 27001, ISO/IEC 27002 and other standards and regulatory frameworks.
• Understand the operation of a PIMS based on ISO/IEC 27701 and its principal processes.
• Learn how to interpret the requirements of ISO/IEC 27701 in the specific context of an organization.
• Develop the expertise to support an organization in effectively planning, implementing, managing, monitoring and maintaining a PIMS.

Education approach

• This training course is based on both theory and best practices used in the implementation of PIMS.
• Lecture sessions are illustrated with examples based on case studies.
• Practical exercises are based on a case study which includes role playing and discussions.
• Practice tests are similar to the Certification Exam

General information

• Certification fees are included on the exam price.
• Training materials and practical examples will be distributed.
• A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued.
• In case of exam failure, you can retake the exam within 12 months for free.

The ISO/IEC 27701 Lead Auditor training course enables you to develop the necessary skills to perform a Privacy Information Management System (PIMS) audit by applying widely recognized audit principles, procedures and techniques. Why should you attend? During this training course, you will obtain the knowledge and skills to plan and carry out audits in compliance with ISO 19011 and ISO/IEC 17021-1 certification process. Based on practical exercises, you will be able to acquire knowledge on the protection of privacy in the context of processing personally identifiable information (PII), as well as master audit techniques and become competent to manage an audit program, audit team, establish communication with customers and resolve potential conflicts. After completing this training course, you can sit for the exam and, if you successfully pass the exam, you can apply for the “PECB Certified ISO/IEC 27701 Lead Auditor” credential. The internationally recognized PECB Lead Auditor certificate proves that you have the capabilities and competences to audit organizations based on best practices. Who should attend?

• Auditors seeking to perform and lead Privacy Information Management System (PIMS) certification audits
• Managers or consultants seeking to master a PIMS audit process
• Individuals responsible for maintaining conformance with PIMS requirements
• Technical experts seeking to prepare for a PIMS audit
• Expert advisors in the protection of Personally Identifiable Information (PII) 

Learning objectives

• Understand a Privacy Information Management System (PIMS) and its processes based on ISO/IEC 27701
• Identify the relationship between ISO/IEC 27701, ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
• Acquire the competences of the auditor’s role in planning, leading, and following up on a management system audit in accordance with ISO 19011.
• Learn how to interpret the requirements of ISO/IEC 27701 in the context of a PIMS audit

Education approach

• This training is based on both theory and best practices used in PIMS audits
• Lecture sessions are illustrated with examples based on case studies
• Practical exercises are based on a case study which includes role-playing and discussions
• Practice tests are similar to the Certification Exam

General information

• Participants will be provided with the training material containing over 400 pages of explanatory information, discussion topics, examples and exercises.
• An attendance record certificate of 31 CPD (Continuing Professional Development) credits will be issued to the participants who have attended the training course.

This instructor-led, live training in Malta (online or onsite) is aimed at engineers who wish to learn the methods and tools needed to protect their organization's information systems against attack. By the end of this training, participants will be able to:

• Understand information security at both the computer level, as well as the communications level.
• Prevent physical and digital access to private information systems.
• Prevent the modification of information that is stored, being processed, or being transmitted.
• Protect against denial of service to authorized users.
• Take the necessary measures to detect, document, and counter security threats.
• Ensure that organizational information is kept confidential.

The training takes the form of a workshop supplemented with substantive knowledge. Classes are based on the official CISA certificate framework. During the workshop, case studies will be discussed in discussing specific issues. Classes will be conducted in English (on request in Polish) based on the ISACA handbook in English.
  CISA Exam Material Scope:

• Information System Auditing Process (21%)
• Governance and Management of IT (17%) 
• Information Systems Acquisition, Development and implementation (12%)
• Information Systems Operation and Business Resilience (23%)
• Protection of Information Assets (27%)

Duration of the exam: 4 hours
Type: multiple choice test
Volume: 200 questions   List of the requirements that you must meet in order to be able to claim the CISA qualification: 

1. Pass the CISA exam. The CISA passing score is a mark of 450 or higher on the exam.
2. Abide by the ISACA Code of Professional Ethics 
3. Promise to obey the CISA Continuing Professional Education Policy
4. Gain at least 5 years of professional information systems auditing, control or security work experience.
5. Comply with Information Systems Auditing Standards

If you’ve passed the exam and believe that you meet those requirements, then you can begin the application for certification: page certification here
There is a fee of $50 for this application. There’s also a yearly fee that you must pay to maintain this certification after you’ve been granted it. The fee is $40 per annum for ISACA members, and $75 for non-members.

Who is it for: Anyone with an interest in information security, whether as a career or for general business knowledge. This certificate is relevant to anyone requiring an understanding of Information Security Management Principles as well as those with an interest in information security either as a potential career or as an additional part of their general business knowledge. It is very much a firm foundation on which other qualifications can be built or which provides a thorough general understanding to enable organisations to begin to ensure their information is protected appropriately. What will I learn: Candidates should be able to demonstrate: 

• Knowledge of the concepts relating to information security management. 
• Understanding of current national legislation and regulations which impact upon information security management. 
• Awareness of current national and international standards, frameworks and organisations which facilitate the management of information security.  
• Understanding of the current business and common technical environments in which information security management must operate. 
• Knowledge of the categorisation, operation and effectiveness of controls of different types and characteristics. 

Note: This is the four day course which adds one additional day to the standard delivery to provide more time for exam preparation and practice exercises.

Who is it for: Anyone with an interest in information security, whether as a career or for general business knowledge. This certificate is relevant to anyone requiring an understanding of Information Security Management Principles as well as those with an interest in information security either as a potential career or as an additional part of their general business knowledge. It is very much a firm foundation on which other qualifications can be built or which provides a thorough general understanding to enable organisations to begin to ensure their information is protected appropriately. What will I learn: Candidates should be able to demonstrate: 

• Knowledge of the concepts relating to information security management. 
• Understanding of current national legislation and regulations which impact upon information security management. 
• Awareness of current national and international standards, frameworks and organisations which facilitate the management of information security.  
• Understanding of the current business and common technical environments in which information security management must operate. 
• Knowledge of the categorisation, operation and effectiveness of controls of different types and characteristics.

Who is it for: Security professionals looking to understand the technical and business aspects of the profession or anyone looking to work in the field of security architecture.

• System Administrators who wish to become security architects
• Technical architects looking to move into the field of security architecture 

This certificate also offers a complimentary certification for those awarded or looking to achieve CCP status in IA. What will I learn: Candidates should be able to:

• Describe the business environment and the information risks that apply to the systems.
• Describe and apply security design principles.
• Identify information risks that arise from potential solution architectures.
• Design alternate architectures or countermeasures to mitigate identified information risks.
• Ensure that proposed architectures and countermeasures adequately mitigate identified information risks.
• Apply ‘standard’ security techniques and architectures to mitigate security risks.
• Develop new architectures that mitigate the risks posed by new technologies and business practices.
• Provide consultancy and advice to explain Information Assurance and architectural problems.
• Security configure ICT systems in compliance with their approved security architectures.

This instructor-led, live training in Malta (online or onsite) focuses on analyzing the risks of Open Data while reducing vulnerability to disaster or data loss. By the end of this training, participants will be able to:

• Understand the concepts and benefits of Open Data.
• Identify the different types of data.
• Understand the risks of Open Data and how to mitigate them.
• Learn how to manage Open Data risks and create a contingency plan.
• Implement Open Data risk mitigation strategies to reduce disaster risk.

This instructor-led, live training in Malta (online or onsite) is aimed at security engineers who wish to use IBM Qradar SIEM to address pressing security use cases. By the end of this training, participants will be able to:

• Gain visibility into enterprise data across on-premise and cloud environments.
• Automate security intelligence to hunt threats and to contain risks.
• Detect, identify, and prioritize threats.