CYBER-SECURITY FOR PROTECTION OF CLASSIFIED INFORMATION
Learn why cyber-security is important in the process of protection of classified information and how to protect classified information from the perspective of INFOSEC (security of electronic classified information).
3 DAYS ADVANCED TRAINING
1st Day
09:00 – 09:30 Opening Session
09:30 – 11:30 Introduction to the protection of classified information
1. Categories of information
2. History of regulations
3. The current applicable legislation
4. Definitions and classification of information
5. Objectives and measures
11:30 – 13:00 Protection of personnel designated to ensure the security of classified information or who has access to such information
1. Authorities and institutions with specific attributions
2. Ways to realize the protection
3. Security officer / Security structure
4. Access to classified information
5. Access of foreign citizens to classified information
6. Staff training
13:00 – 14:00 Lunch
14:00 – 16:30 Classified contracts between a public authority and a private contractor
1. Definitions. Authorities
2. Security annex
3. Special situations
4. Negotiation of classified contracts
5. Industrial security clearance. Certificate of industrial security
6. Contracts involving maximum RESTRICTED Level of Classified Information
2nd Day
09:00 – 12:00 PRACTICAL APPROACHES
Procedures for public institutions and private contractors that manage classified information
1. The decision for designation of the security officer
2. List of positions and list of persons
3. List of categories of classified information
4. Objectives, sectors and places of special importance for the protection of classified information
5. Attributions attached to the job description
6. Specific procedural documents
7. Preparation of training sheets
8. Security certificate and authorization to access classified information
9. Confidentiality commitment
Rules for issue/emit a classified information
12:00 – 13:00 Program for preventing the leakage of classified information
13:00 – 14:00 Lunch
14:00 – 16:30 INFOSEC specific tools (VPN, IPSec, DMZ, antivirus, Firewall, SSI)
Elaboration of the information security implementation program
TEMPEST
3rd Day
09:00 – 13:00 Accreditation of computer systems that manage classified information – INFOSEC
1. Authorities and competences
2. ICT security component and security structure
3. Operational Security Procedures, Specific Security Requirements, Risk Analysis Report
4. Security administrators
5. Users and visitors
6. Specific measures of physical and personnel security
7. Information security in electronic format
13:00 – 14:00 Lunch
14:00 – 16:30 Security incident
1. Defining the incident. Identification of the security incident
2. Solving infringement cases
Multimedia Training Session