The training is aimed at the following professionals:

• Policymakers and government officials  
• ICT professionals and senior managers 
• ICT/Telecommunications regulators

The maximum number of participants is limited to 40. 

Members of the above-mentioned target population are invited to apply for the training if they meet the following criteria:

• Hold an undergraduate degree in a relevant field or have a minimum of three years of experience in cybersecurity-related topics.  
• Possess a fluent level of English.
• Complete the application questionnaire available on the ITU Academy.
• Government officials and policymakers from developing countries, particularly women, are encouraged to apply.
• Selection will be conducted by the course organizers, who will consider the above entry requirements along with an analysis of the application questionnaire of each applicant.

Upon completion of this course, participants will be able to: 

• Outline the characteristics of the cybersecurity threats and vulnerabilities; and design a vulnerability management plan.
• Describe threat intelligence, cyber threat hunting, and demonstrate the use of a threat intelligence platform
• Discuss the key characteristics of the System, Infrastructure, and Software platform security and monitoring
• Analyze future trends in security awareness
• Explain the web application and social engineering security framework including the access control models
• Describe the concept and applications of Risk Management and Compliance.

The course will run for two weeks. The course delivery method involves the following: 

• Presentations and pre-recorded videos made available through the ITU Academy platform at the beginning of the course to facilitate self-study. Each week is based on two hours of lectures.
• Weekly discussion Forums based on discussion topics and case studies, with instructor moderation and feedback.
• Weekly live Q&A session via Zoom platform to answer any questions you may have about the material covered for the week and the assignments. One additional chat session might occur if needed.
• Mandatory online quizzes at the end of each week. 
• Two case study submissions.

The live sessions will take place as per the below schedule: 

• Week 1 session: Friday, 15 November 2024 starting from 2 pm CET
• Week 2 session: Friday, 22 November 2024 starting from 2 pm CET
   

Participants are evaluated based on their contributions to the discussion forum and active participation in online sessions. Evaluation is structured as follows:

• Two quizzes: 30% (15% each)
  • Quizzes consist of multiple-choice questions.
• Individual assignment: 40%
  • Submission format templates are provided on the ITU Academy platform.
• Two live sessions: 10%
• Two discussion forums: 20%

To obtain the ITU course completion certificate, a total score of 70% or above is required.

Week 1

Session 1: Introduction to Cybersecurity and Threat Landscape

• Learning Outcomes:
  • Explain digital infrastructure threats and vulnerabilities.
  • Identify threats and deception techniques.
  • Understand application and IP vulnerabilities.
  • Explain cybersecurity governance and compliance.
  • Understand security standards, policies, and regulations.

Session 2: Vulnerability Management

• Learning Outcomes:
  • Explain the vulnerability management process.
  • List and explain popular vulnerability assessment tools.
  • Identify and classify vulnerabilities using CVSS.
  • Prioritize vulnerabilities with risk assessment models.

Session 3: Threat Intelligence and Cyber Threat Hunting

• Learning Outcomes:
  • Explain threat intelligence services and information sources.
  • Describe threat data collection and analysis methods.
  • Demonstrate threat hunting techniques and behavioral analysis.

Session 4: Network Security and Monitoring

• Learning Outcomes:
  • Explain network security architecture and components.
  • Demonstrate the use of Windows and Linux tools for network security.
  • Evaluate network traffic and implement access controls.

Session 5: Endpoint Security and Incident Response

• Learning Outcomes:
  • Describe endpoint threats and protection solutions.
  • Define incident response stages and team roles.
  • Create a basic incident response plan.
  • Understand digital forensic techniques and incident analysis.

Week 2

Session 6: Cloud Security

• Learning Outcomes:
  • Explain cloud security domains and mitigation techniques.
  • Secure cloud data and configure cloud security controls.
  • Utilize CASB tools for cloud infrastructure security.

Session 7: Web Application and Social Engineering Security

• Learning Outcomes:
  • Explain web application vulnerabilities and OWASP Top 10.
  • Demonstrate secure coding practices and WAF configuration.
  • Understand social engineering attacks and tools.

Session 8: Identity and Access Management (IAM)

• Learning Outcomes:
  • Describe IAM components and best practices.
  • Implement Multi-Factor Authentication (MFA) and SSO.
  • Understand the concepts and benefits of Identity Federation.

Session 9: Risk Management and Compliance

• Learning Outcomes:
  • Explain risk management and compliance requirements.
  • Create a risk management plan.
  • Map security controls to compliance requirements.

Session 10: Security Awareness and Future Trends

• Learning Outcomes:
  • Describe the importance of security awareness.
  • Create a security awareness program.
  • Understand future trends in cybersecurity, including AI and quantum computing.