Training and Certification Solutions for Cybersecurity Professionals Real

Training and Certification Solutions for Cybersecurity Professionals Real threats. Real training. Real technical skill development.

Cybersecurity Training and Certification from ISACA § ISACA helps global professionals lead, adapt, and assure trust in an evolving digital world by offering innovative and world-class knowledge, standards, networking, credentialing and career development. § Cybersecurity professionals look to ISACA to: § § Ensure they have the skills necessary to advance their careers and stay relevant. Demonstrate their experience and skills to the market through credentialing. § Cybersecurity Nexus™ (CSX) is a program designed to empower cybersecurity professionals to: 2 § § Elevate their skillset. Take control of their career paths.

TRAINING

Employment Outlook Securities Skills Gap – An Industry in Need 4 Source: ISACA’s State of Cybersecurity 2019 Whitepaper

Cyberthreats Have Evolved Faster than Cybersecurity Training Problems with typical training: Limited Hands-On Practice Content Rarely Updated Q/A-Style Exams Only Cost and Inconvenience One-Size-Fits. All Training Lecture/discussion doesn't prep for the real world Trainees are left in the dark regarding new threats Focuses on what trainees know instead of what they can do US$5– 6 K per course + travel expenses + out-ofoffice time Not tailored to individual's or organization's needs 5

Focus on the RIGHT Skills for the Real World ISACA’s Cybersecurity Nexus™ (CSX) training program aligns to existing global cybersecurity frameworks, including the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework. Our training programs help build knowledge and skill in the following cybersecurity areas in varying degrees of complexity. 6

The CSX “Nexus” Training Platform Difference § Hands-on practical labs in hosted online in a live, dynamic network environment § Content that’s continually updated based on the latest real-world threats § Performance-based evaluation through every step of courses and labs § An assessment tool that measures real technical skills § Focused, self-paced courses that dive deep into specialized areas § On-demand training 7

CSX Nexus Difference #1 PRACTICAL, HANDS-ON TRAINING LABS § Online, real-time, livenetwork environment § Built using the latest realworld threats § Designed to build real, demonstrable technical skills § The industry’s only true labbased performance assessments in a virtual environment. 8

CSX Nexus Difference #2 SKILLS-BASED EVALUATION AND SCORING § Real-time testing and success metrics at the end of each lab and course § Evaluation based on what trainee can do rather than what they know § Trainees get actionable feedback § Managers get valuable insight 9

CSX Nexus Difference #3 CONTINUALLY UPDATED CONTENT § New content addresses latest real-world attacks § New topics informed by the latest threats in the cyber landscape 10

CERTIFICATION

ISACA CSX Certificates and Certifications ISACA’s Cybersecurity Nexus™ (CSX) is designed to address this global skills gap head-on, offering continuous, relevant training for every step along your cyber career path. PENETRATION TESTING SERIES 12

CSX Cybersecurity Fundamentals BEGINNER/ENTRY LEVEL § Builds your understanding of basic cybersecurity principals, techniques, and terminology § High-quality self-paced learning § Training maps to industry standards like NIST’s CSF, ISO and ISA § Next step toward cybersecurity for IS/IT roles § CPE Credit Hours: 8 § Certificate Exam gives you the competitive advantage of an entry-level credential 13

CSX Technical Foundations BEGINNER/MEDIUM LEVEL § Builds on your understanding of basic cybersecurity principles § Detailed online instruction, guidance and realworld practice you need in three courses: § § § 14 CSX Packet Analysis (CPE Credit Hours: 16) CSX Linux® Application and Configuration (CPE Credit Hours: 20) CSX Network Application and Configuration (CPE Credit Hours: 16)

CSX Technical Foundations BEGINNER/ENTRY LEVEL 15

Specialized Penetration Testing Certificates INTERMEDIATE/ADVANCED LEVEL PENETRATION TESTING OVERVIEW CERTIFICATE VULNERABILITY AND EXPLOITATION CERTIFICATE ADVANCED EXPLOITATION CERTIFICATE 16 A growing selection of specialized training, labs, and certificates through CSX Nexus.

Cybersecurity Practitioner Certification (CSX-P) EXPERT LEVEL § First vendor-neutral performance certification that measures and validates skills and abilities § Build the deep technical skills required to perform well in key cybersecurity positions. § Limited-time accelerated certification option* *prerequisites apply 17

Move from Technologist to Management Affirm your information security management expertise with the globally accepted standard of achievement in this area. This management-focused certification promotes international security practices and recognizes the individual who manages, designs, oversees, and assesses an organization’s information security. 18 Gain the critical know-how to include cybersecurity in your audit plan, reduce cyber-related risk and put mitigating controls in place. This audit-focused certification demonstrates: § Security professionals with a developed understanding of audit processes; or § IT risk professionals with an understanding of cyber-related risk and mitigation controls.

A good starting point Visit: cybersecurity. isaca. org/csx-career-tool 19

Nicholas Spinks Managing Director Nicholas. Spinks@Protiviti. com 200 East Broward Blvd. Suite 1600 Ft. Lauderdale, FL 33301 Thank you! For more information, visit www. isaca. org/csxinfo Try our Career Roadmap tool: www. cybersecurity. isaca. org/csx-career-tool

APPENDIX

22

WHAT ARE THE PREREQUSITES FOR ACCELLERATED CSX-P? § When submitting your CSX Cybersecurity Practitioner Application, you will need to affirm either: § Your status as a professional certified as a holder of CISA, CRISC, CISM, CGEIT, ECSA, CEH, LPT, GCIH, OSCP, GPEN, Cy. SA+, CISSP, or CSX Cybersecurity Fundamentals OR § Your 3 years’ experience* in 3 or more of the 5 CSX Cybersecurity Practitioner domains which align with the NIST framework— IDENTIFY, PROTECT, DETECT, RESPOND and RECOVER * 3 years’ work experience must be within the last 5 years 23