GFCE Cybersecurity Knowledge Modules

5. Main takeaways
6. Assignment
1 Quiz
KM3 Quiz
KM4 - Cyber Incident Management
Module objectives
1. Introduction
2. Types of Cyber Incident Response Teams
5 Topics
2.1. National Computer Security Incident Response Team
2.2. Product Security Incident Response Team
2.3. Sector CSIRTs
2.4. Security Operation Centre
2.5. Commercial CSIRT
3. What needs to be considered when establishing a National CSIRT?
2 Topics
3.1. CIRT framework
3.2. How to set up CSIRT and SOC
4. How to assess cyber incident readiness
3 Topics
4.1. Security Incident Management Maturity Model (SIM3)
4.2. Security Operation Centre Capability and Maturity Model (SOC-CMM)
4.3. CSIRT Maturity – Self-assessment Tool
5. Which services do the CSIRTs offer?
2 Topics
5.1. FIRST CSIRT services framework
5.2. ITU-T Recommendation X.1060 service categories
6. Who does the CSIRT serve?
7. Which Tools does a CSIRT need?
8. Policies, frameworks, and guidelines
9. Resourcing and funding a CSIRT
1 Topic
9.1. What does a CSIRT Budget look like?
10. CSIRT capabilities
3 Topics
10.1. Training and certification
10.2. Auditing
10.3. Cyber drills
13. Main takeaways
14. Assignment
1 Quiz
KM4 Quiz
KM5 - Critical Information Infrastructure and Critical Information Infrastructure Protection
Module objectives
1. Introduction
2. What is Critical Infrastructure (CI) and Critical Information Infrastructure (CII)?
3. What are the threats to critical infrastructure in Africa?
4. How to identify, classify and register the CI
2 Topics
4.1. Methodologies for identification and classification of critical infrastructure
4.2. Designating critical information infrastructure sectors
5. Policy, legislative and regulatory guidelines
6. How to develop a critical infrastructure and critical information infrastructure protection policy
7. National cyber crisis management plan
8. Infrastructure security audits and vulnerability assessments
9. Governance Framework
2 of 4
Previous Topic
Next Topic

10.2. Auditing

GFCE Cybersecurity Knowledge Modules 10. CSIRT capabilities 10.2. Auditing

Cybersecurity audits are a primary element of cybersecurity strategy and legislation. However, skills and funds to carry these audits out are limited.
Analysis of cybersecurity incidents would assist in building capabilities and in research and development (R&D), while the exploration of a Cybersecurity Incident Report and Analysis System for the African continent would be useful.

Previous Topic
Back to Lesson
Next Topic

New post

Your email address will not be published. Required fields are marked *

Post a comment
Skip to content