- Cybersecurity
- English
- Jennita Rao Appanah Appayya
- Manish Lobin
- Kaleem Ahmed USMANI
Intermediate
Description
Critical Information Infrastructure is defined as those assets systems and functions that are vital to the nations that their incapacity or destruction would have a devastating impact on the economy, government capability to function, public health and safety as well as on national defense and security. This training course focuses on protecting and strengthening the cyber resilience of critical information infrastructures. The course will also introduce participants to the key terms, policy, guidance, and preparedness efforts required to safeguard critical information infrastructures. Implementation aspects legal framework of a critical Information Infrastructure policy will also be discussed.
This training is aimed at critical infrastructure owners, operators and managers, government officials and other officers or managers with critical infrastructure responsibilities, CIOs and IT Managers.
The participants should have the basic knowledge in managing critical information infrastructure.
Upon completion of this course, participants will be able to:
- Define the concept and characteristics of Critical Information Infrastructures (CII)
- Explain appropriate organizational structures, policies, and processes of CII
- Assess and manage security risks pertaining to CII
- Implement security measures to protect essential services and systems
The training will be carried out online through the ITU Academy Platform. It will include presentations by instructors and explanations on the exercises. The training will be conducted online by an instructor through zoom sessions.
An exam consisting of 25 – 30 multiple choice questions will be conducted on the last day.
A total score higher than 70% is required to obtain the ITU certificate.
Day 1
10.30am – 12:30pm (CEST)
Introduction to Critical Information Infrastructure Protection
- CIP Concepts and Principles
- CII Identification Approach
- CIIP Action Planning
- Governance
- Legal Framework
- CIIP Challenges
Key learning points
- Describe the concept and characteristics of Critical Information Infrastructures (CII)
Training activities details
- Lecture slides
- Group work
Day 2
10.30am – 12:30pm (CEST)
Risks to Critical Information Infrastructures
- Identify risks to critical infrastructures
- CII Risk Management Models
Information Sharing
- CII Approach to information sharing
Supply Chain Security
- Maintain Supply Chain Security in CII
Key learning points
- Assess and manage security risks pertaining to CII
- Explain the concept of information sharing and supply chain security in CII
Training activities details
- Lecture slides
- Group work
- Case Study
Day 3
10.30am – 12:30pm (CEST)
CIIP Implementation, Audit and Compliance
- Implementation approaches
- CIP Processes of Maintaining Compliance
- Compliance Framework
Cybersecurity Awareness
- Cybersecurity awareness in the context of CII
Key learning points
- List the processes of maintaining compliance in CII
- Characterize the importance of cybersecurity awareness in CII
Training activities details
- Lecture slides
- Case Study
Day 4
10.30am – 11.30pm (CEST)
Exam
The exam will be conducted on 27 of September and it will have a duration of 1 hour.