Build Security Incident Response For Gdpr Data Protection

CIPT, CIPM_FREE GDPR and Incident Response Templates & Documentation - Practical GDPR and Incident Response Blueprint

What you'll learn
Understand what incident response is
Will have a list of templates to use
Will have a list of incident response tools and resources
Will have a list of incident response playbooks
Requirements
You should have basic IT Security knowledge
You should have basic audit and compliance knowledge
You should have basic risk management knowledge
Description
UPDATE: 8.5 hours of content - 2021!!! Take Cyber Security Incident Response approach in order to cover the Data Breach process required by GDPR Data Privacy Protection .––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––“Lessons from ex IBM,  MICROSOFT,  about how to make privacy operational and how to get 3 privacy certifications in less than 30 days: CIPTv2020, CIPM, CIPP/E by IAPP”***************************************************************************************************************************************************MY FIRST PROMISE TO YOU is the following: You will be prepared to pass 3 IAPP certifications in less than 30 days if you follow the below learning plan:Course 1: Build EU GDPR data protection compliance from scratch (CIPT)Course 2: How to succeed in a Data Privacy Officer Role (GDPR DPO, CIPM)Course 3: GDPR Privacy Data Protection Case Studies Explained (CIPP/E, CIPM, CIPT)Course 4: Ultimate Privacy by Design Guide - step by step strategies with examples (CIPM, CIPT)Course 5: Build Security Incident Response for GDPR Data Protection (incl. parts from CIPT and CIPM also)Course 6: (part of CIPP/US): California Consumer Privacy Act (CCPA) - Complete course - we are here!!!***************************************************************************************************************************************************My name is Roland Costea and after spending my last 8 years working for Microsoft, IBM, Genpact and Cognizant as a Privacy & Security Director being able to create hundreds of integrated security & privacy programmes for top organizations in the world, I have decided to put all my experience together in a comprehensive privacy LEARNING PLAN, to show how to actually make Data Privacy operational and most importantly how to think out of the box.I have been involved in engineering privacy for a lot of industries including Automotive (Mercedes-Benz, Geely, Volvo) and also provided DPO as a service for several other top companies in Europe and US. I have worked and developed the privacy strategy for Microsoft & IBM for the whole Central & Eastern Europe and also drived Cognizant Security & Privacy business in DACH.Certifications I hold: CIPT, CIPM, CISSP, CDPSE, CRISC, CISM, CCSK, CCSP, LPT, CEH, ECSA, TOGAF***************************************************************************************************************************************************In this course you will learn what Cyber Security Incident Response is and how it relates to GDPR Data Privacy, and if you are used to my style, you will do it from 3 perspective: theory, processes and technology.   You will be able to apply our security methodologies, security frameworks and security processes for your own environment.The course is a complete A to Z, so we will cover everything that you need to know. In this way, we will first understand Cyber Security Incident Response challenges, difference between a NOC and a SOC (Cyber Security Operation Center) and how the latest can help in defining the Cyber Security Incident Response Process.  We will follow up with GDPR Data Protection & Privacy relation and the impact of GDPR to Cyber Security Incident Response for any organization. We will learn about methodologies, frameworks, playbooks, we will draft 2 procedures and we will see how technology can help us in the roadmap.   And all of these are separate resources that you will get!   In the end, I will give an incredible collection of cyber security incident response free tools and resources I have build during time and i will teach how malware works, especially in the financial market.    The course is delivered in a mix of over the shoulder lessons and powerpoint presentations. So, either I show you clicks on the screen and how exactly you do different actions, or I present you the full concept using slides. On top of that, you will get downloadable resources that will help you in your journey.   I strongly recommend that you go through every lecture one time and then go back to the beginning and start to take action – in this way everything will get much more sense.    As a student of this course, you will also get regular updates and access to new additional lectures as they are added.

Overview

Section 1: Introduction

Lecture 1 Welcome & Intro

Lecture 2 Set your expectations

Lecture 3 A 1st touch of what you will really get in the course

Lecture 4 My first promise to you - get certified in less than 30 days: CIPT, CIPM, CIPP/E

Lecture 5 Presentations (ppt)

Section 2: Incident Response in CyberSecurity

Lecture 6 What is Incident Response and why do I need it?

Lecture 7 Incident Response Team

Lecture 8 Incident Response Process and Procedures

Lecture 9 Types of Security Incidents

Lecture 10 Incident Response Tools - general

Lecture 11 What is a SIEM?

Lecture 12 Incident Response Training

Lecture 13 What is automation in incident response

Section 3: Building a Security Operations Center (SOC)

Lecture 14 What is a NOC?

Lecture 15 What is a SOC?

Lecture 16 Integrated NOC and SOC

Lecture 17 Mission, Team and Required Training

Lecture 18 Types of SOC

Lecture 19 Building a SOC

Lecture 20 Cheat Sheets to help you in configuring your systems

Section 4: GDPR and Incident Response

Lecture 21 GDPR intro

Lecture 22 GDPR effects on Incident Response

Lecture 23 How to create an effective IR plan

Lecture 24 GDPR Incident Response Process

Lecture 25 Lets draft the IRM Procedure

Lecture 26 How to treat data breaches

Section 5: GDPR Incident Response Methodologies (IRM)

Lecture 27 IRM1 - Worm Infection

Lecture 28 IRM2 - Windows Intrusion

Lecture 29 IRM3 - Unix/Linux Intrusion Detection

Lecture 30 IRM4 - DDoS

Lecture 31 IRM5 - Malicious Network Behaviour

Lecture 32 IRM6 - Website Defacement

Lecture 33 IRM7 - Windows malware detection

Lecture 34 IRM8 - Blackmail

Lecture 35 IRM9 - SmartphoneMalware

Lecture 36 IRM10 - Social Engineering

Lecture 37 IRM11 - Information Leakage

Lecture 38 IRM12 - Insider Abuse

Lecture 39 IRM13 - Phishing

Lecture 40 IRM14 - Scam

Lecture 41 IRM15 - Ransomware

Section 6: Incident Response Tools for GDPR compliance - free vs enterprise

Lecture 42 Lessons learned by working in a SOC

Lecture 43 A list of open source tools to use

Lecture 44 Windows Defender ATP

Section 7: Banking challenges related to cyber risk

Lecture 45 Today Challenges

Lecture 46 Target and Distribution

Lecture 47 Attack Methods

Lecture 48 Infection vectors

Lecture 49 Targeted attacks against financial institutions

Lecture 50 Mobile platform and email scams

Lecture 51 Takedowns and Conclusions

Section 8: Financial Malware history with examples

Lecture 52 Past 3 decades of malware (part 1)

Lecture 53 Past 3 decades of malware (part 2)

Lecture 54 The architecture of financial malware

Lecture 55 Zeus

Lecture 56 Zeus GameOver

Lecture 57 SpyEye

Lecture 58 IceIX

Lecture 59 Citadel

Lecture 60 Carberp

Lecture 61 Shylock

Lecture 62 Bugat

Lecture 63 Dyre

Lecture 64 Dridex

Lecture 65 Shifu

Lecture 66 Tinba

Section 9: Making a business case for Financial Malware

Lecture 67 Why Fraud Risk Engines fail

Lecture 68 How to bypass 2 factor authentication (2FA)

Lecture 69 Fraud Prevention Technology

Lecture 70 Compliance and Legal Issues

Lecture 71 Customer impact

Lecture 72 Selecting the right cybercrime solution

Lecture 73 Malware detection

Lecture 74 Malware detection - advanced

Lecture 75 Malware detection - how technology can help

Lecture 76 Criminal Detection & Account Takeover

Lecture 77 What about mobile banking?

Section 10: Some simple hacking attempts - demo

Lecture 78 Lab setup

Lecture 79 XSRF attack

Lecture 80 Compromising Public server

Lecture 81 Break-In: Compromising the victim computer

Lecture 82 Other Web Application Attack Example

Lecture 83 Locky Ransomware

Lecture 84 Gathering Info & Exfiltrate

Section 11: Conclusion

Lecture 85 Final thoughts and other documents

Lecture 86 BONUS - Remember my first promise to you - get certified in less than 30 days?

Anyone interested in GDPR compliance,Any security enthusiast willing to learn about GDPR,Anyone interested in incident response,Anyone interested in how to start an incident response programme,Anyone interested in technologies that can help achieving GDPR compliance