Company valuations, M&A, Project finance, Strategic planning
&
Innovation and Knowledge transfer, Digital transformation, Data analytics and AIML
Shaping the future today
Company valuations, M&A, Project finance, Strategic planning
&
Innovation and Knowledge transfer, Digital transformation, Data analytics and AIML
Program Objective & Scope
> To provide an overall comprehension of the risks and challenges on organizations resulting from an increasingly digital economy concerning cybersecurity leveraged in terms of speed and deepness by the COVID-19 pandemic.
> To provide insights from leading experts of the industry and reference academics concerning the implications of cybersecurity risks in terms of the organizations´ Business, Governance and Compliance.
> This program aims to be the best international cybersecurity short/medium term course for executives and decision makers in Europe.
Target Audience
> Members of the Management Board of companies/organizations from the private and public sectors
> Members of the Supervisory Board of companies/organizations from the private and public sectors
> Members of the Management Board and the Supervisory Board of Banks, Fintechs, and Insurance companies
> Directors and Decision makers of organizations on the areas/committees of Internal Control and Risk, Internal Audit, Inspection, and Compliance and Legal
> Armed forces decision makers
> Law enforcement decision makers
> Certified Public Accountants/Statutory Auditors (Revisores Oficiais de Contas)
> Lawyers on decision making positions
Format
> The course will be held online
> There will be the option of having the last class in person at Faculty of Sciences of University of Lisbon
> Starting date: March 29th, 2022
> 25 hours (9 modules)
> Tuesdays and Thursdays, from 16:30 to 17:50 and 18:00 to 19:20
> Certificate to be issued by the Faculty of Sciences of University of Lisbon after the completion of the course
Program
The program is divided in 9 different modules, as well as a Final self-evaluation quiz. The topics are:
-
MODULE 1: Macro perspective on cybersecurity
-
MODULE 2: Introduction to cyber security concepts
-
MODULE 3: Identification of assets and risk concepts
-
MODULE 4: Protection of assets and detection of attacks
-
MODULE 5: Reaction and Recovery
-
MODULE 6: Cybersecurity Law
-
MODULE 7:
-
Economic Evaluation of Cybersecurity
-
Investments
-
Cybersecurity risks and challenges on Banking and Fintech sectors
-
-
MODULE 8: Asymmetric Threats - Cyber Threats
-
MODULE 9: Case studies and Tabletop exercise
-
Note: The tabletop exercise is a meeting to discuss a simulated emergency. Participants review and discuss the actions they would take in a specific emergency, testing their emergency plan in an informal, low-stress environment. Tabletop exercise is intended to clarify roles and responsibilities and to identify additional mitigation and preparedness needs. The exercise should result in action plans for continued improvement of the emergency plan.
-
Pricing
The standard price for the Cybersecurity Executive Program is 1.450€ + 23% VAT (if applicable).
Here are some of the discount options (non-cumulative) that we have:
-
Early bird: 15% for participants that register until January 31st, 2022
-
Early bird: 10% for participants that register between January 31st, 2022 and February 28th, 2022
-
20% for INNCYBER INNOVATION HUB partner companies/organizations and individual participants for universities and research centers
-
20% for companies that participate in the program with 2 or more members
Module 1
Macro perspective on cybersecurity (3h)
Contra-Almirante António Gameiro Marques
General Director
Gabinete Nacional de Segurança (GNS)
-
The strategic perspective of Cybersecurity at national level - Resilience, sovereignty, and Leadership
-
What the C level needs to ask to assess the organization’s cybersecurity level
-
Major challenges for organizations and citizens
-
New technologies leveraged by the pandemic
-
The need for a common knowledge concerning cybersecurity
-
EU Cybersecurity Strategy and its relationship with the National Cyberspace Security Strategy
-
EU Cybersecurity Certification. What is due to occur in Portugal and the impact in the economy
-
Cybersecurity incidents in Portugal – The National Cybersecurity Observatory
-
Operational Capability to prevent, deter and respond
-
New strategic initiatives
-
Self-evaluation Quiz
Module 2
Introduction to cyber security concepts (3h)
Eng. José Alegria
CISO, Head of CyberSecurity & Privacy (DCY)
ALTICE Portugal
-
Cyber Security definition
-
Importance of security at different layers (from physical to information)
-
Fundamental information security properties: confidentiality, integrity, availability
-
Types of vulnerabilities
-
Types of attacks
-
Motivations of attackers
-
Phases of an attack
-
Attack-Vulnerability-Intrusion (AVI) model
-
NIST Cybersecurity Framework: Identify, Protect, Detect, Respond, Recover
-
Self-evaluation Quiz
Module 3
Identification of assets
and risk concepts
(3h)
Prof.ª Ana Respício
Assistant Professor of Informatics
Faculty of Science of the University of Lisbon
-
Resources
-
Information flows and dependencies
-
Security policies and responsibilities
-
Risk identification
-
Risk assessment
-
Risk analysis
-
Risk management
-
Control strategies
-
Cost-benefit analysis in InfoSec
-
Self-evaluation Quiz
Module 4
Protection of assets and detection of attacks (3h)
Eng. Paulo Moniz
Information Security and IT Risk Director
EDP - Energias de Portugal
-
Access control (Authentication, Authorization, Accounting)
-
Network protection (SSL/TLS, VPNs)
-
Infrastructure protection (Firewalls, IPS, Antivirus)
-
Information protection (backups, DLP tools)
-
Penetration testing
-
Personnel training
-
Intelligence gathering systems/OSINT
-
Vulnerability scanners
-
Event gathering and monitoring systems (Syslog, NIDS, HIDS)
-
Event correlation (SIEMs)
-
Self-evaluation Quiz
Module 5
Reaction & Recovery
(3h)
Eng. Marcelo Rodrigues
Director of Cybersecurity & Privacy
PwC Portugal
Eng. Pedro Santinhos
Risk Assurance Director
PwC Portugal
-
Response plans (legal frameworks)
-
Incident management (CERT/CSIRT teams)
-
Analysis of incident impacts
-
Contingency plans
-
Disaster recovery
-
Business continuity
-
Image recovery and communication
-
Self-evaluation Quiz
Module 6
Cybersecurity Law
(3h)
Dra. Magda Cocco
Head of Practice of Information, Communication & Technology
VdA - Vieira de Almeida
-
The importance of the legal dimension
-
Main legal concepts
-
Cybersecurity legal and regulatory framework – main trends
-
The legal impacts of a cyber incident
-
A strategic approach to cybersecurity regulatory framework (general and sector-specific legislation)
-
Self-evaluation Quiz
Module 7
a. Economic Evaluation of Cybersecurity Investments (1,5h)
Prof. Telmo Vieira
Managing Partner
PremiValor Consulting
Certified Public Accountant / Statutory Auditor (CPA)
-
Cybersecurity Due Diligence in Mergers & Acquisitions (M&A) processes
-
The economic evaluation of Cybersecurity Investments:
-
The financial model
-
Key assumptions
-
Economic and financial indicators (KPIs):
-
ALE – Annual Loss Expectancy
-
ROSI – Return on Security Investment
-
-
-
Self-evaluation Quiz
Module 7
b. Cybersecurity risks and challenges on Banking and Fintech sector (1,5h)
Eng. Luís Gonçalves
Head of Cybersecurity, IT Risk and Compliance
Banco de Portugal
-
Major trends and Cybersecurity concerns in the financial sector
-
Cooperation, Proactivity and Systemic Approaches to Cyber Threats
-
Cybersecurity Governance: Engaging the Executive Boards
-
Narrowing the Cyber Language GAP between Operational/ Tactical and Executive Boards
-
Self-evaluation Quiz
Module 8
Asymmetric Threats - Cyber Threats (2h)
Major André Castro (Portuguese Air Force)
Cyber Defense Chief in Portuguese Air Force
INFOSYS and INFOSEC Officer for NATO Networks for 11 years
-
Cyber war
-
Asymmetric conflicts, threats, cyber attacks, cyber attacks examples
-
Cost vs impact
-
Who is the enemy
-
Who is the target
-
Vectors
-
What to do
-
Attack strength
-
Case study
-
Self-evaluation quiz
Module 9
Case studies and Tabletop exercise (2h)
Contra-Almirante António Gameiro Marques
General Director
Gabinete Nacional de Segurança (GNS)
-
Target and MAERSK case studies – to be first discussed by students and then in class with the professor/lecturer as a way to cement the knowledge obtained throughout the course
-
Tabletop exercise to stimulate leaders in the decision associated with a crisis originating in cyberspace
-
Final remarks on the program
Final self-evaluation quiz on learned topics (50 min)
-
Participants are required to complete a final self-evaluation quiz to receive the graduation certificate from Faculty of Sciences of University of Lisbon
Instructors
Contra-Almirante António Gameiro Marques
General Director
Gabinete Nacional de Segurança (GNS)
Eng. José Alegria
CISO, Head of CyberSecurity & Privacy (DSCY)
(Altice Portugal)
Prof. Ana Respício
Assistant Professor of Informatics
(FCUL)
Eng. Paulo Moniz
Information Security and IT Risk Director
(EDP)
Eng. Marcelo Rodrigues
Director of Cybersecurity & Privacy
(PWC Portugal)
Eng. Pedro Santinhos
Risk Assurance Director
(PWC Portugal)
Dra. Magda Cocco
Head of Practice of Information, Communication & Technology
(VdA - Vieira de Almeida)
Prof. Telmo Vieira
Manging Partner (PremiValor Consulting)
Certified Public Accountant / Statutory Auditor (CPA)
Eng. Luís Gonçalves
Head of Cybersecurity, IT Risk and Compliance
(Banco de Portugal)
