Professional & Academic

Certifications

BCS, RESILIA Practitioner Certificate

Although information is an organisation's most powerful asset, it can come with high risk. Highly valued by adversaries, the ever-changing digital landscape means it is easier than ever to be targeted and have that asset attacked. AXELOS has developed RESILIA™, a best practice portfolio that complements IT service management and project management practices. As an accredited exam institute, we are delighted to offer foundation and practitioner certification on behalf of AXELOS.

http://certifications.bcs.org/category/18473

CREST Certified Simulated Attack Manager

The (CC SAM) examination tests candidates’ knowledge and expertise in leading a team that specialises in Simulated Attacks. The candidate is expected to have a good breadth of knowledge in all areas of Simulated Attack and proven experience in managing incidents, penetration tests and simulated attack exercises. The exam will assess the candidate’s ability to conduct Simulated Attacks in a realistic, legal and safe manner, ensuring appropriate evidence is collated to provide the customer with actionable intelligence of organisational risks and failings while minimising the risks to the customer’s staff, data and systems.

http://www.crest-approved.org/examination/certified-simulated-attack-manager/index.html

CREST Certified Simulated Attack Manager

The (CC SAM) examination tests candidates’ knowledge and expertise in leading a team that specialises in Simulated Attacks. The candidate is expected to have a good breadth of knowledge in all areas of Simulated Attack and proven experience in managing incidents, penetration tests and simulated attack exercises. The exam will assess the candidate’s ability to conduct Simulated Attacks in a realistic, legal and safe manner, ensuring appropriate evidence is collated to provide the customer with actionable intelligence of organisational risks and failings while minimising the risks to the customer’s staff, data and systems.

http://www.crest-approved.org/examination/certified-simulated-attack-manager/index.html

CREST Practitioner Security Analyst

The CREST Practitioner Security Analyst (CPSA) examination tests a candidate’s knowledge in assessing operating systems and common network services at a basic level below that of the main CRT and CCT qualifications.  The CPSA examination also includes an intermediate level of web application security testing and methods to identify common web application security vulnerabilities.

http://www.crest-approved.org/examination/practitioner-security-analyst/index.html´╗┐

CREST Registered Technical Security Architect

The CREST Registered Technical Security Architect Examination (CRTSA) tests candidates’ knowledge and expertise in a common set of core skills and knowledge for systems architects.   In preparation for the role of Technical Security Architect, it is important that candidates understand its purpose which can typically be summarised as driving beneficial security change into a business through the development or review of architectures so that they: Fit the business requirements for security, Mitigate the risks and conform to relevant security policies, Balance information risk against the cost of countermeasures.

http://www.crest-approved.org/examination/technical-security-architecture/index.html

GCHQ, Practitioner Security Analyst

The CREST Practitioner Security Analyst (CPSA) examination tests a candidate’s knowledge in assessing operating systems and common network services at a basic level below that of the main CRT and CCT qualifications.  The CPSA examination also includes an intermediate level of web application security testing and methods to identify common web application security vulnerabilities. The examination covers a common set of core skills and knowledge.  The candidate must demonstrate that they can perform basic infrastructure and web application vulnerability scan using commonly available tools and interpret the results to locate security vulnerabilities.

https://www.ncsc.gov.uk/articles/about-certified-professional-scheme

GIAC Certifications, Global Industrial Cyber Security Professional (GICSP)

The GICSP bridges together IT, engineering and cyber security to achieve security for industrial control systems from design through retirement. This unique vendor-neutral, practitioner focused industrial control system certification is a collaborative effort between GIAC and representatives from a global industry consortium involving organizations that design, deploy, operate and/or maintain industrial automation and control system infrastructure. GICSP will assess a base level of knowledge and understanding across a diverse set of professionals who engineer or support control systems and share responsibility for the security of these environments.

http://www.giac.org/certification/global-industrial-cyber-security-professional-gicsp

GIAC Certified Forensic Analyst (GCFA)

The GCFA certification is for professionals working in the information security, computer forensics, and incident response fields. The certification focuses on core skills required to collect and analyze data from Windows and Linux computer systems.

http://www.giac.org/certification/certified-forensic-analyst-gcfa

GIAC Certified Intrusion Analyst (GCIA)

GIAC Certified Intrusion Analysts (GCIAs) have the knowledge, skills, and abilities to configure and monitor intrusion detection systems, and to read, interpret, and analyze network traffic and related log files.

http://www.giac.org/certification/certified-intrusion-analyst-gcia

GIAC Mobile Device Security Analyst (GMOB)

Mobile phones and tablets continue to demonstrate their usefulness and importance in enterprises and government offices. With the amount of sensitive data that can be accessed on these devices and their lack of security, mobile devices are enticing targets for nefarious attackers. The GMOB ensures that the people charged with protecting systems and networks know how to properly secure the mobile devices accessing vital information.

http://www.giac.org/certification/mobile-device-security-analyst-gmob

Courses

Abertay University, MSc/PGDip Ethical Hacking & Computer Security

Abertay is the only university in the UK that offers a Masters programme in Ethical Hacking and our students are passionate about their subject area and developing their knowledge. Ethical Hacking is the process of evaluating the security of a computer system by simulating an attack by a malicious hacker. The course is designed to teach students how to think like a hacker, providing them with a deep understanding of security issues and concerns.

http://www.abertay.ac.uk/courses//pg/ehcs/

American InterContinental University, MIT: Information Assurance and Security

The Master of Information Technology (MIT) with a Specialization in Information Assurance and Security degree is a program designed to bring students industry-current and important knowledge to help develop them as IT professionals in the digital world. Students enrolled in this information security masters degree program will not only build upon prior knowledge from undergraduate coursework, but will also explore the realities and challenges of maintaining digital security systems and processes in the current industry climate.

http://www.aiuniv.edu/degrees/masters/it/security

Anglia Ruskin University, MSc Cyber Security

Our course offers a good mix of practical skills and theoretical knowledge and is taught by industry professionals keen to share their expertise and knowledge to help you succeed, while visiting guest lecturers add to your experience. As a Cisco Academy Partner, our curriculum is in-line with the latest developments at Cisco Systems, the world’s largest provider of networking equipment for the Internet.

http://www.anglia.ac.uk/study/postgraduate/cyber-security

Birmingham City University, MSc Cyber Security

This course has been designed to provide you with technical cyber security knowledge, in-depth understanding of underpinning principles and practical professional skills to successfully meet emerging cyber security challenges facing modern organisations. The course aims to meet the rising industrial and commercial demand for security architects, engineers, analysts, administrators able to design, analyse, implement and manage secure systems. At the same time, it provides an opportunity to develop a research career in information security working with top experts in their fields at the Centre for Cyber Security.

http://www.bcu.ac.uk/courses/cyber-security-msc

Canterbury Christ Church University, MSc Computer Forensics and Security

Computer Forensics and Security are interesting, dynamic and growing areas of Computing. As cybercrime continues to rise, so too does the need for computing professionals to lead the fight against it. Computer security involves (amongst other things) protecting computer systems from malicious attacks, human error, and exploitation of vulnerabilities. This includes utilising an ethical hacking approach to highlight security vulnerabilities so that they can be fixed or mitigated.

http://www.canterbury.ac.uk/study-here/courses/undergraduate/computer-forensics-and-security-17-18.aspx

Canterbury Christ Church University, MSc Cybercrime Forensics

Cybercrime Forensics is a continuously evolving discipline that addresses the increasing use of computer technology in criminal activity. This is a taught HE Level 7 extension course currently offered as a closed part-time course to Law Enforcement Officers only. As an alternative, the School of Law, Criminal Justice and Computing offers MSc Forensic Computing degrees to those who are not employed in the UK Law Enforcement.

https://www.canterbury.ac.uk/study-here/courses/postgraduate/cybercrime-forensics.aspx

Cardiff University, MSc Information Security and Privacy

This programme addresses the key security issues that are faced by global communications and information systems. The programme provides a mix of business context with core security, trust and privacy issues that challenge the IT sector. As well as studying themes such as trust and identity and forensic investigation, security techniques and network and cyber security, the programme provides an understanding of the e-Commerce and business environment. This combined business/security approach provides valuable training for interacting with organisations, and understanding their business functions in a deeper context.

http://courses.cardiff.ac.uk/postgraduate/course/detail/p148.html

City University London, MSc in Cyber Security

MSc Cyber Security will prepare you for a successful career in the various roles directly and indirectly connected to the world of computer, network and information security. It will develop your specialist analytical, operational and development skills in both technical and socio-technical areas of cyber security. The primarily objective of MSc Cyber Security is to practise security with an interdisciplinary shared coursework that spans across all security related modules.

http://www.city.ac.uk/courses/postgraduate/cyber-security 

Coventry University, MSc Forensic Security

To pursue an exciting and expert career in forensic computing you will be required to acquire specialist knowledge and skills that can be gained on our MSc in Forensic Computing. The course covers a range of skills that are essential for the retrieval of computer-based information for criminal investigations. Your masters project can be conducted either as a placement in an external organisation or working with one of the University research groups.

http://www.coventry.ac.uk/course-structure/2014/faculty-of-engineering-and-computing/postgraduate/forensic-computing-msc/

Cranfield University, MSc Cyber Defence and Information Assurance

The Cyber Defence and Information Assurance programme is designed to develop professionals who can effectively manage and exploit the threats and opportunities of cyberspace at the organisational level. The course specifically focuses on responses to serious present and emerging threats in the information domain. This necessitates sound technical understanding overlaid with an appreciation of the drivers and constraints within the business, and the knowledge to ensure the gap between the two can be bridged by the use of management tools, techniques and strategies.

http://www.cranfield.ac.uk/courses/masters/cyber-defence-and-information-assurance.html

Cranfield University, MSc Forensic Computing by Research

Forensic Computing also referred to as Computer Forensics, Digital Forensics or Cyber Forensics, refers to a branch of Forensic Science that is concerned with the investigation of digital devices to recover evidence of crime. The Forensic Computing MSc is available both full-time and part-time. Students will complete a number of taught modules each with theoretical and practical elements and, for the MSc, an individual research project.

https://www.cranfield.ac.uk/courses/masters/forensic-computing.html

De Montfort University, MSc Forensic Computing for Practitioners – Professional

Many professionals, who have developed a successful career in this domain, do not have a relevant first degree. This programme of modules is intended to provide a pathway to academic accreditation and recognition for current practitioners. The course recognises and addresses the need for continuing professional development and career progression within a rapidly changing environment.

http://www.dmu.ac.uk/study/courses/postgraduate-courses/fc4p/forensic-computing-for-practitioners.aspx

Edge Hill University, MSc in Cyber Security

This MSc in Cyber Security addresses these requirements by increasing relevant knowledge and skills in line with the UK Government’s National Cyber Security Strategy, while also addressing the national skills shortage in information security. You will develop an understanding of current issues in information security and cyber security, as well as gain in-depth knowledge of a variety of techniques for strategically managing IT, both as a resource and for analysing and controlling security risks.

https://www.edgehill.ac.uk/courses/cyber-security/

Edinburgh Napier University, MSc Advanced Security and Cybercrime

This course is focused on delivering to professionals already employed in the area of computing who wish to develop their skills into the areas of computer security and cybercrime. It allows employees to gain significant course credits by applying knowledge and skills gained from this course to their own company’s procedures and systems. Additionally, modules are available on a distance learning basis.

http://www.courses.napier.ac.uk/advancedsecurityandcybercrime_w56740.htm

Essex University,MSc Computer Networks and Security

Our MSc Computer Networks and Security will equip you with the in-depth knowledge of the principles and practice of the quickly changing world of computer networks. Increasingly, such networks cannot be considered without the important issue of security and the content of this course addresses this need for the modern computer network professional. The course includes content such as current and future internet protocols, programming networked services and securing these systems. We offer a strong practical element through laboratory programmes in software engineering and in computer networking. Laboratory work in security includes unique environments where the techniques of the attackers can be observed and stopped using specialist security tools. 

http://www.essex.ac.uk/coursefinder/course_details.aspx?course=MSC+H60112

Training Course: InfoSec Skills, Intrusion Analysis & Digital Forensics Essentials

This is the first cross discipline course of its' kind that covers the essential knowledge and skills needed for intrusion detection, incident handling, computer/network forensics and malware reverse engineering. This course raises the bar and sets a new security baseline for aspiring Intrusion Analysis and Digital Forensics professionals. Every team member should take this course before embarking upon their very own, more specialised, career path. Following this course a student may challenge the CREST core skills exam resulting in the CREST Registered Intrusion Analyst (CRIA) qualification.

https://www.infosecskills.com/Incident-Response

Training Course: InfoSec Skills, Practitioner Certificate in Business Continuity Management

The Practitioner Certificate in Business Continuity Management (PCiBCM) course is designed to provide a hands-on approach to all stages of the business continuity management (BCM) lifecycle from conducting a business impact analysis to the exercising of business continuity plans. Making full use of current standards (including BS 25999), students are able to make a significant contribution to the BCM process when returning to their organisation.

https://www.infosecskills.com/products/ia-governance

Training Course: InfoSec Skills, Practitioner Certificate in Information Assurance Architecture

The Practitioner Certificate in Information Assurance Architecture (PCiIAA) prepares the student for a career in security architecture. A Security Architect (SA) is a senior-level enterprise architect role, either within a dedicated security team or as part of a more general Enterprise Architecture (EA) team.

https://www.infosecskills.com/products/information-assurance-architecture

Training Course: InfoSec Skills, Practitioner Certificate in Information Risk Management

The Practitioner Certificate in Information Risk Management (PCIRM) course is designed to provide foundation knowledge of the terminology and principles of information risk management. It is intended for individuals from information technologies or IT security backgrounds who are embarking on information risk management responsibilities or those who already fulfil information risk management roles who wish to formalise their accumulated experience. It is equally suitable for business managers who need to gain a formal insight into information risk management in support of wider business risk decision-making.

https://www.infosecskills.com/products/ia-governance

Training Course: IRM, Attack and Defence Simulator

This one day course comprises of a half day ethical hacking and incident response workshop designed to introduce delegates to the theory of both cyber topics. This is then followed by a half day ethical hacking and incident response simulation exercise focused around a fictitious website in order to test the practical application of theory taught during the first half of the course. The fast paced and interactive course tests and improves cyber security threat awareness, theory and technical security skills, in addition to how teams cooperate in the midst of a cyber security incident. The Attack and Defence Simulator was first created for Oxford University’s Cyber Security Centre in order to provide cyber professionals of the future with the necessary intelligence and practical experience to defend the UK’s most crucial businesses.

http://www.irmplc.com/training/attack-and-defence-simulator/

Training Course: IT Governance, CMI Malware Investigation

On this 3 day practical training course, extend your knowledge beyond conventional static computer forensics analysis.

http://www.itgovernance.co.uk/shop/p-470-cmi-malware-investigation-hands-on-training-course.aspx#.VX6W9_lViko

Training Course: IT Governance, EC-Council - Ethical Hacking and Countermeasures

This 5-day course is the ideal preparation tool for you wish to sit the examination in Ethical Hacking and Countermeasures.

http://www.itgovernance.co.uk/shop/c-210-training-courses.aspx

Training Course: IT Governance, ISO27005 Certified ISMS Risk Management

This course is designed to provide delegates with the knowledge and skills required to undertake information security risk management based on the best practice guidance as outlined in ISO27005 and fully meeting the requirements of the ISO27001 standard. Delegates who successfully complete this Advanced Level course will be awarded the ISO27005 Certified ISMS Risk Management (CIS RM) qualification issued by the International Board for IT Governance Qualifications (IBITGQ).

http://www.itgovernance.co.uk/shop/p-1309-iso-27005-certified-isms-risk-management.aspx#.VX6WwPlViko

Training Course: IT Governance, Managing Cyber Security Risk

This three-day classroom course provides those responsible for cyber security risk management with the knowledge and practical skills to develop and deploy effective cyber security risk management strategies to protect their organisations in cyberspace.

Delegates who successfully complete this Advanced Level course will be awarded the Managing Cyber Security Risk (CCRMP) qualification issued by the International Board for IT Governance Qualifications (IBITGQ).

http://www.itgovernance.co.uk/shop/p-1408-managing-cyber-security-risk-training-course.aspx

Training Course: IT Governance, Principles in Cyber Crime

This course delivers an introduction to cyber security and provides a practical guide to mitigating the risks posed by the threat of cyber crime. On the completion of a one-day classroom session, delegates will understand the types of cyber threat, perform a risk assessment and have a plan of action that they can implement in their organisation.

http://www.itgovernance.co.uk/shop/p-1703-principles-in-cyber-crime.aspx#.VX6VzflViko

Training Course: PGI Advanced Threat Methodology

The Advanced Threat Methodology course will teach you precisely how an external threat may attack your organisation, which will help you to develop strategies, system management techniques and user policies to defend your network and critical information. You will receive in-depth, hands-on training on a variety of tools for gaining access to a remote network.

http://courses.independent.co.uk/training/pgi/advanced-threat-methodology-586948

Training Course: SANS, FOR578: Cyber Threat Intelligence

Construct and exploit threat intelligence to detect, respond, and defeat advanced persistent threats (APTs), Fully analyze successful and unsuccessful intrusions by advanced attackers, Piece together intrusion campaigns, threat actors, and nation-state organizations, Manage, share, and receive intelligence on APT adversary groups, Generate intelligence from their own data sources and share it accordingly, Identify, extract, and leverage intelligence from APT intrusions,  Expand upon existing intelligence to build profiles of adversary groups, Leverage intelligence to better defend against and respond to future intrusions.

http://www.sans.org/course/cyber-threat-intelligence

Training Course: SANS, ICS410: ICS/SCADA Security Essentials

The course will provide you with: An understanding of industrial control system components, purposes, deployments, significant drivers, and constraints. Hands-on lab learning experiences to control system attack surfaces, methods, and tools Control system approaches to system and network defence architectures and techniques Incident-response skills in a control system environment Governance models and resources for industrial cyber security professionals.

https://www.sans.org/course/ics-scada-cyber-security-essentials

Training Course: SANS, ICS515: ICS Active Defence and Incident Response

Students can expect to come out of this course fully understanding and able to deconstruct targeted ICS attacks, with a focus on delivery methods and observable attributes. This knowledge demystifies adversary capabilities and gives actionable recommendations to defenders. The course uses a hands-on approach that shows real-world malware and breaks down cyber attacks on ICS from start to finish. Students will gain a practical and technical understanding of concepts such as generating and using threat intelligence, performing network security monitoring, and executing threat triage and incident response to ensure the safety and reliability of operations. The strategy presented in the course serves as a basis for ICS organizations looking to show that defence is do-able.

https://www.sans.org/course/industrial-control-system-active-defense-and-incident-response

Training Course: SANS, MGT405: Critical Infrastructure Protection

This course begins by examining in depth the events of the past 20 years, including the lessons learned about the interdependencies of the critical infrastructures following the Oklahoma City bombing and the terrorist attacks against the World Trade Centre and what we learned in the aftermath of hurricanes Katrina and Rita in the summer of 2005. While there are many cross-sector interdependencies to consider, we will focus on the dependence of the various infrastructure sectors on the Internet and the impact of highly complex computer controlled systems. We will also discuss the creation of the US Department of Homeland Security and its role in protecting the nation's critical infrastructures from cyber intrusions.

https://www.sans.org/course/critical-infrastructure-protection

Training Course: SANS, SEC503: Intrusion Detection In-Depth

Intrusion Detection In-Depth delivers the technical knowledge, insight, and hands-on training you need to defend your network with confidence. You will learn about the underlying theory of TCP/IP and the most used application protocols, such as HTTP, so that you can intelligently examine network traffic for signs of an intrusion. You will get plenty of practice learning to configure and master different open-source tools like tcpdump, Wireshark, Snort, Bro, and many more. Daily hands-on exercises suitable for all experience levels reinforce the course book material so that you can transfer knowledge to execution.

https://www.sans.org/course/intrusion-detection-in-depth

Training Course: SANS, SEC504: Hacker Tools, Techniques, Exploits and Incident Handling

The course is particularly well-suited to individuals who lead or are a part of an incident handling team. General security practitioners, system administrators, and security architects will benefit by understanding how to design, build, and operate their systems to prevent, detect, and respond to attacks.

https://www.sans.org/course/hacker-techniques-exploits-incident-handling

Training Course: SANS, SEC550: Active Defence, Offensive Countermeasures and Cyber Deception

Active Defence, Offensive Countermeasures and Cyber Deception is based on the Active Defence Harbinger Distribution live Linux environment funded by the Defence Advanced Research Projects Agency (DARPA). This virtual machine is built from the ground up for defenders to quickly implement Active Defences in their environments. The course is very heavy with hands-on activities - we won't just talk about Active Defences, we will work through labs that will enable you to quickly and easily implement what you learn in your own working environment.

https://www.sans.org/course/active-defense-offensive-countermeasures-and-cyber-deception

Training Course: SANS, SEC566: Implementing and Auditing the Critical Security Controls - In-Depth

The course shows security professionals how to implement the controls in an existing network through cost-effective automation. For auditors, CIOs, and risk officers, the course is the best way to understand how you will measure whether the Controls are effectively implemented.

https://www.sans.org/course/implementing-auditing-critical-security-controls

Training Course:The National Skills Academy, Senior Professional Risk Management

You will be able to describe the basic concepts of information security management and its policies, and identify information security principles and guidelines with the consideration of legal and privacy issues. You will implement approaches for industry-specific threat analyses and the generation of vulnerability reports, identify security weaknesses and recommend appropriate security mechanisms in different information systems.

https://www.itskillsacademy.org.uk/cyber-security-learning-pathways/cyber-academy-learning-pathways1/information-security-professional/level-4/

University of Southampton, MSc in Cyber Security

There is currently a worldwide shortage of skilled practitioners in cyber security. In the UK, the National Audit Office recently named "addressing the UK's current and future ICT and cyber security skills gap" as a "key challenge", whilst at a time when cybercrime “as-a-service” is on a steep rise, the Department for Business, Innovation & Skill calls for companies to make of cyber security a Board level responsibility. Our MSc is specifically designed to give students a well-rounded, multi-disciplinary view of the subject area, embracing not only the technical subjects, but also aspects of criminology, risk management, law and social sciences.  We believe a broad grounding in cyber security will give our students a key advantage in the marketplace.

http://www.ecs.soton.ac.uk/programmes/msc-cyber-security