This training gives you an overall understanding of information security systems and standards, and how they translate into technology standards and best practices.
In this basic training, participants learn which security requirements the latest international standards call for and how they can be implemented.
- Duration: 1 day
- Level: basic
Participants
- Risk managers who want to learn about requirements standards and catalogs and the security goals outlined in international standards
- Product owners who want to learn the basics of deriving security requirements from standard catalogs
Training goals
- Introduction to information security standards
- ISO 27001 (Information Security Management)
- ISO 27005 (Information Security Risk Management)
- OWASP ASVS (Application Security Verification Standard) v4.X
- OWASP MASVS (Mobile Application Security Verification Standard) v1.2
- NIST 800-53 (Catalog of Security and Privacy Controls)
Requirements
- Basic knowledge of management systems
- Basic knowledge of security standards
Do you have any questions about our trainings?
Feel free to send us a message. We will be more than happy to help you.
Introduction to ISO/SAE 21434 cybersecurity management and engineering activities for the entire lifecycle in context of UNECE R155.
This advanced IT security training focuses on ISO/SAE 21434 requirements and cybersecurity management overall in the context of the UN regulation 155 (UNECE WP.29). The training covers subjects like risk assessment as well as the different engineering phases from concept to development and post development.
Participants may acquire a personal certification as "Cybersecurity Automotive Professional" by TÜV Rheinland.
- Duration: 2 days
- Level: advanced
Participants
- Security manager, product manager or project manager.
- System engineer, software engineer, hardware engineer or developer.
Training goals
- Learn the building blocks of ISO/SAE 21434 compliant security engineering.
- Get an overview on how ISO/SAE 21434 helps you to meet the requirements of the UN regulation 155.
- Understand the risk-based approach of ISO/SAE 21434 to product security.
- Learn from our firsthand expertise for the ISO/SAE 21434 through dedicated case studies.
- Get to know more about security engineering during the concept phase (incl. cybersecurity relevance assessment, security goals and security concept).
- Find out about the importance of security engineering in the development phase (incl. cybersecurity DIA, design, implementation and V&V).
- Benefit from our knowledge about cybersecurity in production, operations, maintenance and decommissioning.
Requirements
- Basic technical understanding of automotive systems on engineering level
Content
- Introduction to security engineering
- Governance & ecosystem
- Risk management
- Concept and development
- Production and operation
Do you have any questions about our trainings?
Feel free to send us a message. We will be more than happy to help you.