Description

This course is an immersive journey into the world of proactive security risk management, equipping you with essential skills and knowledge.

We start with Physical Threat Modeling. Learn why developing and maintaining a threat model is crucial for protection. We guide you through creating a PTM and explain the Bowtie methodology, a tool for visualizing and managing risk.

The bowtie methodology is initially used for risk assessment, risk management and risk communication. The strength of the methodology lies in its simplicity; the phrase "less is more" is certainly applicable.

In this course all steps of Physical Threat Modeling are performed with BowtieXP to assess, manage and communicate the threats and residual risks.

In the next module we learn how to think like a threat actor.

We'll delve into their mindset and explore how they strategize their actions. How do they prepare for an attack, and what are the key steps in their process?

In literature, the plan involves eight stages known as the criminal or terrorist planning cycle.

Every threat actor follows these 8 stages, whether it's a criminal, terrorist, state actor, or malicious competitor.

Contrary to popular belief, the criminal planning cycle isn't a circle. <break time="1s"/> It's more like a puzzle with numerous pieces that need solving for successful execution. Each piece represents a different element of the plan.

The threat actor doesn't know of how many pieces this puzzle exist. Each new piece may lead to more questions.

In this course, we explore the different pieces of this puzzle and learn to view things from a threat actor's perspective.

The Threat Assessment module, is a guide designed to equip you with the necessary skills and knowledge.

In this module, participants will learn the essential skills required to effectively spot even the slightest deviation and understand the factors that determine when it is a threat or when the threat is dismissed.

Awareness of potential threats to the assets is crucial, along with understanding the typical methods of operation.

Communication plays a vital role; guards should be curious and asking questions to understand what they have noticed.

We cover all these aspects in this module including the distinction between a risk and a threat.

The module Red Teaming provides an in-depth exploration into the significance of Red Teaming within the realm of Proactive Security Risk Management. By engaging in Red Teaming, companies can thoroughly assess their current security measures, identify vulnerabilities, and better understand how an adversary might exploit these weaknesses. Throughout the course, learners will be equipped with the knowledge to understand the critical role Red Teaming plays in enhancing organizational security, its implications, and how it differs from traditional Penetration tests.

By the end, attendees will have a solid foundation in preparing, executing, and evaluating Red Teaming exercises, ensuring they can contribute to a robust security posture.

In the module Standard Operating Procedures we will explore the development of the SOP.

The SOP serves as a guide that informs the security guard about a wide range of crucial topics and procedures integral to the proactive security process.

We also teach participants not only how this effective way of security can be implemented within your organization but also the underlying principles that make it successful.

The core principles we focus on are ownership, competency management, education, and skills training.

Ownership is about taking responsibility for one's actions and decisions, ensuring accountability at every level.

Competency management involves assessing and developing the skills necessary for effective performance.

Education and skills training provides practical, hands-on experience, equipping security guards with the tools they need to succeed.

The course concludes with a theory exam.

Successful completion of the exam results in the Proactive Security theory diploma and entitles the holder to enroll in the Associate Certified Security Profiler register. Looking forward to seeing you in class.

What you'll learn