CyberTraining

Learn why cyber-security is important in the process of protection of classified information and how to protect classified information from the perspective of INFOSEC (security of electronic classified information).

3 DAYS ADVANCED TRAINING

1st Day

09:00 – 09:30  Opening Session

09:30 – 11:30  Introduction to the protection of classified information

1. Categories of information

2. History of regulations

3. The current applicable legislation

4. Definitions and classification of information

5. Objectives and measures

11:30 – 13:00  Protection of personnel designated to ensure the security of classified information or who has access to such information

1. Authorities and institutions with specific attributions

2. Ways to realize the protection

3. Security officer / Security structure

4. Access to classified information

5. Access of foreign citizens to classified information

6. Staff training

13:00 – 14:00  Lunch 

14:00 – 16:30  Classified contracts between a public authority and a private contractor

1. Definitions. Authorities

2. Security annex

3. Special situations

4. Negotiation of classified contracts

5. Industrial security clearance. Certificate of industrial security

6. Contracts involving maximum RESTRICTED Level of Classified Information

2nd Day

09:00 – 12:00  PRACTICAL APPROACHES

Procedures for public institutions and private contractors that manage classified information

1. The decision for designation of the security officer

2. List of positions and list of persons

3. List of categories of classified information

4. Objectives, sectors and places of special importance for the protection of classified information

5. Attributions attached to the job description

6. Specific procedural documents

7. Preparation of training sheets

8. Security certificate and authorization to access classified information

9. Confidentiality commitment

Rules for issue/emit a classified information

12:00 – 13:00  Program for preventing the leakage of classified information

13:00 – 14:00  Lunch

14:00 – 16:30  INFOSEC specific tools (VPN, IPSec, DMZ, antivirus, Firewall, SSI)

Elaboration of the information security implementation program

TEMPEST

3rd Day

09:00 – 13:00 Accreditation of computer systems that manage classified information – INFOSEC

1. Authorities and competences

2. ICT security component and security structure

3. Operational Security Procedures, Specific Security Requirements, Risk Analysis Report

4. Security administrators

5. Users and visitors

6. Specific measures of physical and personnel security

7. Information security in electronic format

13:00 – 14:00  Lunch

14:00 – 16:30  Security incident

1. Defining the incident. Identification of the security incident

2. Solving infringement cases

Multimedia Training Session