Duration: 220 hours
Laboratory: 120 hours
Final Project Work: 80 hours
Implementation of the Course: Alternate Weekends
Blended Modality
CFU: 20
Cost: 4.900 €
Start of the course: 23- 24 June 2023
Educational objectives of the Course
The constant evolution of a variety of threats related to the development of digital technology, highlighted the need to train new professional figures, specialized in the management of information security. To this day, if present, the role of Chief Information Security Officer – CISO (otherwise known as Information Security Manager) coincides, in more than half of the italian companies, with that of Chief Information Officer (CIO)or IT Manager.
These two figures, which should work in sinergy, have different objectives:
- the aim of the CIO/IT Manager is to focus on how technology can improve business models;
- the aim of the CISO/Information Security Manager is to identify the appropriate strategies to build customer trust.
Information Security Manager must coincide with a resource with an executive profile capable of setting security policy guidelines and monitor their observance.
The aim of the course is to provide the candidates with basic knowledge and competencies for the following professional roles:
- Information Security Manager;
- Consultants in Information Security;
- Auditors and security architects;
- Chief Compliance/Privacy/Risk Officer.
The Higher Education Course in Cybersecurity:
- is especially aimed at the training of this professional profile, who, in addition to cyber skills, will acquire knowledge (required by the market and regulations) of Enterprise Risk Management, Threat Modelling, Security Intelligence, EU and national regulations;
- is organized to train "employment ready" professionals, also thanks to the intensive hours of laboratory, aimed at assessing and put into practice the knowledge gained and, in particular, the tools and techniques of attack (RED TEAM) and the techniques of Incident Response (BLUE TEAM), the use of OSINT for cybersecurity.
Target students
The course is aimed at candidates already in possession of a diploma, bachelor's degree, master's degree, four-year degree (old system), or an equivalent degree.
PROGRAMME OF THE COURSE - FRONTAL LESSONS 220 HOURS
| FRONTAL LESSONS |
Security and its domains | - physical, logical, cyber security
- how digitalization has changed the domains of security;
- the related risks;
- security and privacy in digital transformation
|
Cyber threats 1 | - parties;
- objectives;
- the geopolitical factors influencing threats;
- italian and european organization for cybersecurity.
|
Cyber threats 2 | - Cybercrime;
- Hactivism;
- Cyber espionage.
|
Threat Modelling | - NIST is defined as: "A form of risk assessment that models aspects of the attack and defense sides of a logical entity, such as a piece of data, an application, a host, a system, or an environment." (Special Publication 800-53 Rev. 5)
Themes: - phases of an attack;
- Malwares and the related families;
- Ransomeware in particular: type and economy;
- Social Engeneering;
- Man in the Middle;
- Denial-of-Service;
- SQL Injection;
- Drive By;
- Zero Day Exploit;
- Tunneling DNS;
- Botnet;
- Attacks from "third parties"
|
Cybersecurity domains | - ISO 27002:2022;
- NIST Special Publication 800-53.
|
Enterprise Risk Management (ERM) and Cyber Security Advisory | - establishing the context;
- identifying the risks;
- analizing the risks;
- assessing the risks;
- controlling the risks;
- related international rules and practices.
|
Security Intelligence | - Business Security Intelligence (BSI):
- Security Risk Intelligence;
- Country Threat Assessment: analysis of situations of geopolitical, economic and security risk, in support of the management;
- Travel Security Intelligence;
- Cyber Threat Intelligence: open source intelligence (OSINT) analytical support for the creation of specific research ontologies and for the interpretation, correlation and validation of the data collected. Providing insight into the type and origin of the cyber threat through research and analysis from open and underground sources. It is articulated into:
- Tactical Threat Intelligence: analyzes tactics, techniques and procedures (TTP) of the threat actors;
- Domain Threat Intelligence: identifies eventual public information available at a OSINT and CLOSINT (Close Source Intelligence) level related to a specific target.
|
Problem solving and crisis management; | - defining a problem;
- generating alternative solutions;
- assessing and selecting an alternative;
- implementing and assessing the effects of a solution.
|
Professional negotiation | - the negotiation: definition and introductory remarks on the nature of the tool and its applicability;
- the structure of the Negotiation Process;
- the strategic phase and the analysis of tangible and intangible elements;
- the difference between static and dynamic collection of information and the role of stress in the negotiation process;
- the structure of the interests, the exact identification of the objective and the number of actors;
- the power of the negotiation process and the asymmetrical negotiation;
- the role of the belief system.
|
Communication techniques | - Danger, risks, threats: the social perception of security;
- Communication and narration: crisis and security as "media objects";
- Communicating security: Risk Communication and Crisis Communication;
- Public Crisis Management vs. Political Crisis Management;
- The role of the leadership in the communication of the crisis;
- Social Media and the communication of the crisis;
- Case studies
|
Forensic analysis & intelligence | - Notions on how an investigation to detect and document the course, reasons, responsibilities and consequences of a security incident or violation of the organisation's rules or regulations should be carried out.
|
CISO | - Domain 1: Governance;
- Domain 2: Security Risk Management, Controls, and Audit Management;
- Domain 3: Security Program Management and Operations;
- Domain 4: Information Security Core Concepts;
- Domain 5: Strategic Planning, Finance, and Vendor Management.
The National Framework for Cyber Security and Data Protection. |
Legislation - 1 | - NIS Legislation and its development;
- National perimeter for cyber security;
- The Regulation “Cybersecurity Act” and the Legislative Decree 3 august 2022 n. 123;
- The new european strategy for cybersecurity.
|
Legislation - 2 | - Cybercrimes provided by C.P.;
- Budapest Convention on cybercrime.
|
LABORATORY – 120 HOURS – MANDATORY FREQUENCY
| FRONTAL LESSONS |
Laboratory (RED TEAM) – Attack tools | - Definizione e scopo;
- Definition and purpose;
- phases and Framework of reference;
- principles of Ethical Hacking;
- principles of networking;
- introduction to the Linux operating system;
- first approach to the Kali Linux extension;
- secure connection to vulnerable environments;network enumeration con Nmap;
- brute forcing;
- scan of infrastructural vunerabilities;
- scan of application vulnerabilities;
- requirements for a correct report of the safety tests.
|
Laboratory (BLUE TEAM) – Incident Response | - Purposes, phases and reference Framework;
- Incident Response from the pov of a CISO:
- preparation;
- coordination of the resources;
- usage of the SIEM for the detection;
- analysis of the events;
- classification of the incidents
- triage and tracking;
- "escalation" procedures;
- resolution and closure of the incidents;
- flow of information;
- internal and external communication.
|
OSINT for cybersecurity | - Presentation of the course;
- OSINT: What is it and where does it come from?
- by whom it is used and in what areas it can be extremely useful;
- OSINT link and cybersecurity;
- data collection and reports;
- image search and geolocalization - EXTRA: YOUTUBE GEOFIND, VIDEO RESEARCH BY LOCATION);
- Google Dorks and research engines;
- data Breach Search Engine;
- websites & IOT;
- OSINT automation (pros and cons);
- Social Media Intelligence (SOCMINT) - EXTRA: How to find the mail of a Github user - EXTRA: How to convert a telephone number into a Google account without triggering any alert or alerting the target person;
- the potential of social engineering;
- how data can be used to structure a cyber attack;
- attacks based on social engineering and OSINT;
- CTF;
- final discussion.
|
PROJECT WORK – 80 HOURS
PROJECT WORK |
Safety plan for a SME | - Assessment with the National Framework for Cybersecurity;
- identification of vulnerability;
- application of the National Framework for Cybersecurity; elaboration of the plan;
- identification of stakeholders;
- involvement of stakeholders and internal communication.
|
Teaching Staff and Laboratory
Dr. Paolo Poletti – Professor of Law and Practice of Cybersecurity, President of SicurItalia Security Solutions Srl.
Eng. Luisa Franchina – Electronic engineer, expert of critics infrastructure protection and President of AIIC.
Adv. Carolina Nacca – Lawyer with multi-year experience in the sector of protection of "particular" data, protection officer (DPO)
Dr. Luca Epifanio – expert in cybersecurity and resilience of IT services
Dr. Marco Lombardozzi – expert in cybersecurity, offensive security and ethical hacking
Dr. Laura Teodonno – Security and OSINT Analyst at private consulting firms and public institutions
Prof. Maurizio Zandri – Extraordinary fixed-term professor ofInternational Politics and Sociology of Conflict, Link Campus University
Prof. Massimo Antonazzi – Advocate and professor specialized in techniques and strategies of negotiation
Prof. Marica Spalletta – associate professor of Sociology of cultural and communicative processes at Link Campus University
Dr. Giantelemaco Perticarà – expert of kinetic security and forensic analysis
Prof. Maria Elena Castaldo – Lawyer abnd researcher of criminal law, coordinator of the degree course in Law at Link Campus University
Dr. Alessio Mattei – Trainer and consultant in the field of Cyber security, Cyber intelligence, OSINT, SOCMINT, Human Hacking, Social Engineering
Dr. Paola De Rosa - Research fellow at Link Campus University, within the framework of the national research project on "Media and terrorism"
IThe Director of the course is available for in-depth meetings with the candidates wishing to enrol into the course.