About this course

Course type Performance Plus
Course code QANISDIR
Duration 5 Days

This course is aimed at those individuals seeking to implement, maintain and or audit the NIS, within competent authorities, operators of essential services, digital service providers and or the wider supply chain.

This course aims to teach delegates about the Security of Network and Information Systems Directive (NIS). The NIS directive requires operators of essential services and digital service providers to implement “appropriate and proportionate technical measures” to manage the risks posed to the security of their networks and information systems. This course provides a foundation to the NIS directive, its implementation and compliance and underpinning penalty regimes. Specifically, this course will take the delegate through all of the NIS principles covering each from a governance and a technical perspective.

Official guidance on the NIS Directive, which comes into force on the 9th May, can be found at the NCSC website here.

Prerequisites

There are no specific pre-requisites to attend this course, however we do expect delegates to have a basic understanding of technology, computing and the internet.

Delegates will learn how to

NIS Governance, Risk and Compliance

  • A1 Governance
  • A2 Risk Management
  • A3 Asset Management
  • A4 Supply Chain

Systems & Service Protection

  • B1 Service Protection Policies and Processes
  • B2 Identity & Access Control
  • B3 Data Security
  • B4 Systems Security
  • B5 Resilient Networks & Systems
  • B6 Staff Awareness & Training

Security Monitoring & Alerting

  • C1 Security Monitoring
  • C2 Proactive Security Event Discovery

Response & Recovery

  • D1 Response and Recovery Planning
  • D2 Lessons Learned

Outline

Module 1a – Competent Authority Obligations

This module covers the following NIS topics:

Competent authority obligations

  • Operators of essential services
  • Digital service providers

Module 1b – Technology Primers

Delegates will learn about

  • Internet primer
  • Industrial controls systems security primer
  • Introduction to cloud security

Module 2 – NIS Governance, Risk and Compliance

This module helps delegates understand the appropriate organisational structures, policies, and processes in place to understand, assess and systematically manage security risks to the network and information systems supporting essential services.

This module covers the following NIS Principles:

  • A1 Governance
  • A2 Risk Management
  • A3 Asset Management
  • A4 Supply Chain

Delegates will learn about

Governance

  • Governance in the information security arena
  • Information security management & leadership roles
  • Responsible & accountable persons
  • Continual improvement
  • Principles of auditing

Risk Management

  • Component vs System techniques
  • Risk assessments
  • Risk measurement against ‘risk appetite’
  • oManaging risk
  • Risk reduction and acceptance techniques

Asset Management

  • Asset value
  • Assets and critical dependencies

Supply Chain

  • Cyber risks in the supply chain
  • Flow down of security obligations in contracts
  • Third party dependency modelling

Module 3 – Systems & Service Protection

This module helps delegates understand the proportionate security measures in place to protect essential services and systems from cyber-attack or systems failures.

This module covers the following NIS Principles:

  • B1 Service Protection Policies and Processes
  • B2 Identity & Access Control
  • B3 Data Security
  • B4 Systems Security
  • B5 Resilient Networks & Systems
  • B6 Staff Awareness & Training

Delegates will learn about

Security Policies and Processes

  • Information Security Management System (ISMS)
  • Communication, enforcement and governance
  • Alignment to business goals and outcomes

Identity & Access Management

  • Authorisation & Authentication
  • Identity as a service
  • Privilege management

Data Security (Confidentiality, Integrity & Availability)

  • Data in transit & Data at rest
  • Encryption
  • Patch management

Resilient Networks & Systems

  • Network primer
  • Failover and redundancy
  • Segregation & air gaping
  • Third party access & management
  • Access control

Security training & Awareness

  • Implementing security programmes
  • Tailoring messages for your audience

Module 4 – Security Monitoring & Alerting

This module helps delegates understand the appropriate capabilities to ensure network and information systems security defences remain effective and to detect cyber security events affecting, or with the potential to affect, essential services.

This module covers the following NIS Principles:

  • C1 Security Monitoring
  • C2 Proactive Security Event Discovery

Learning outcomes

Delegates will learn about best practice security monitoring in IT and OT environments, on premise and cloud services, including security information event management (SIEM), to establish a proactive security event management system. An insight into common cyber threats, malicious behaviour profiling and proactive security assessments.


SIEM Processes, Features & Functions

  • Security & Event Auditing

Anomaly Detection

  • Anti-malware and evasion
  • Audit Logs – What to collect from where
  • Telemetry behaviour patterns

Threat Detection

  • Intruder behaviour
  • Insider threat hunting
  • Common methods of attack
  • Advanced threats

Security Assessments

  • Vulnerability management
  • Social engineering and ethical phishing
  • Insider threat assessment
  • Red teams

Module 5 – Response and Recovery

This module helps delegates understand the capabilities to minimise the impacts of a cyber security incident on the delivery of essential services including the restoration of those services where necessary.

This module covers the following NIS Principles:

  • D1 Response and Recovery Planning
  • D2 Lessons Learned

Learning outcomes

Delegates will learn about best practice incident management processes for IT & OT systems and services. Prepare and review incident response plans for critical services and dependant systems, including within the supply chain. Crisis management, communication and incident recovery planning preparedness and exercises.

  • Indicators of attack & compromise
  • Incident response vs business continuity

Resilience

  • Incident response plans
  • Incident response within the supply chain
  • Post incident recovery (crisis and communications)
  • Lessons learned & root cause reporting
Performance Plus

5 Days

Duration

This course is authored by QA

Delivery Method

Delivery method

Classroom / Attend from Anywhere

Receive classroom training at one of our nationwide training centres, or attend remotely via web access from anywhere.

Find dates and prices

Online booking is currently not available for this course, to find out more please call us on 01753 898320 or email us at info@qa.com to discuss how we can help.

Trusted, awarded and accredited

Fully accredited to ensure we provide the highest possible standards in learning

All third party trademark rights acknowledged.