0345 4506120

Information Security & Cyber Security Training Courses

Information Security and IT Governance training has become a priority in recent years as organisations need to build the skills to deal with compliance and performance issues. With information at the heart of the modern economy, Information Security and IT Governance are topics for all business managers - not just CIOs. The positive news is that in a recent survey 75% of organisations have adopted at least one recognised governance framework such as COBIT, ITIL or ISO27001.

Our IT Governance and Information Security training courses are available in London, Aberdeen, Bedford, Birmingham, Cambridge, Manchester, Leeds, Glasgow, Warwick & 20 UK cities. As well as the most comprehensive schedule of courses aligned to international certifications, Focus offers introductory security courses, and specialist training in areas such as Cloud computing, and Malware. Cloud security training includes the CCSK course from the Cloud Security Alliance.

+ read more

Get a quote for onsite training

Privacy Notice

In order to provide you with the service requested we will need to retain and use your contact information in accordance with our Privacy Notice. If you choose to provide us with this information you explicitly consent to us using the information as necessary to provide the requested service to you. If you do not agree please do not proceed to request the service from us.

Marketing Permissions

Would you like to receive our newsletter and other information on products and services which we think will be of interest to you by email. We will always treat your information with care and in accordance with our Privacy Notice. You are free to withdraw this permission at any time.

 

Frequently Asked Questions


Is IT Governance different from Corporate Governance?

Corporate governance is one of the most topical areas of business management. Its relevance goes far beyond high profile cases such as Enron, Parmalat and BP. Organisations large and small are recognising the customer, shareholder and legal ramifications of weak leadership when it comes to clarity of core policies, well defined decision making processes, transparency and accountability.

With the prominent role of IT and knowledge management within many organisations, IT governance becomes a key subset.  IT Governance is a framework for the leadership, organisational structures and business processes, standards and compliance to these standards, which ensure that the organisation’s IT supports and enables the achievement of its corporate strategies and objectives.

Central components are Information Security and Legal Compliance, but topics also include Business Continuity, Service Level Management, Knowledge Management, Project Governance and Risk Management.   The latest version of ITIL reflects the central contribution of IT Governance with more emphasis on integration of IT with the rest of the business - rather than just alignment.

Which Information Security Certification should I choose?

There is a bewildering array of Information Security qualifications.

They range from those which take a more managerial approach to the topic (eg CISM) to those which are hands on technical (eg Certified Ethical Hacker).

For more information download our guide to Information Security Training & Certification.  It's free.

What is COBIT?

Along with ITIL and ISO27001, COBIT is a leading international codification of best practice with regard to IT Governance.

COBIT, or Control Objectives for Information and related Technology, now in version 4.0, was developed by America's IT Governance Institute. COBIT is increasingly accepted as good practice for control over information, IT and related risks. Its guidance helps organisations implement effective governance over enterprise wide IT. In particular, COBIT's Management Guidelines component contains a framework for the control and measurability of IT by providing tools to assess and measure the enterprise’s IT capability for the 34 identified COBIT processes.

What is ISO27001?

ISO/IEC 27001 is an information security management system (ISMS) standard published in October 2005 by the International Organisation for Standardisation and the International Electrotechnical Commission. Its full name is ISO/IEC 27001:2005 - Information technology -- Security techniques -- Information security management systems -- Requirements but it is commonly known as ISO 27001.

It is intended to be used in conjunction with ISO 17799, the Code of Practice for Information Security Management, which lists security control objectives and recommends a range of specific security controls. Organisations that implement an ISMS in accordance with the best practice advice in ISO 17799 are likely simultaneously to meet the requirements of ISO 27001, but certification is entirely optional.

ISO 27001 was based upon and replaced BS 7799 part 2 which was withdrawn.  ISO 27001 is the first in a family of international information security standards that will underpin and protect IT worldwide over the next decade. ISO27001 is designed to harmonise with ISO9001:2000 and ISO14001:1996 so that management systems can be effectively integrated. It implements the Plan-Do-Check-Act (PDCA) model and reflects the principles of the 2002 OECD guidance on the security of information systems and networks.

What are ISC Qualifications?

The International Information Systems Security Certification (ISC2) is a US not for profit organisation which aims to set the globally recognised Gold Standard for certifying information security professionals throughout their careers. They have certified over 50,000 information security professionals in more than 120 countries. The six ISC2 qualifications are:

CISSP - Certified Information Systems Security Professional
ISSAP - Information Systems Security Architecture Professional
ISSMP - Information Systems Security Management Professional
ISSEP - Information Systems Security Engineering Professional
CAP - Certification and Accreditation Professional
SSCP - Systems Security Certified Practitioner

What are ISACA qualifications?

The Information Systems Audit and Controls Association (ISACA) is a US based membership organisation for information governance, control, security and audit professionals. It operates through a network of international chapters.  Its IS auditing and IS control standards are followed by practitioners worldwide.

Its Certified Information Systems Auditor (CISA) certification is recognised globally and has been earned by more than 50,000 professionals since inception.

The Certified Information Security Manager (CISM) certification targets the information security management audience and has been earned by more than 6,500 professionals.

What is Sarbane Oxley?

The Sarbanes-Oxley Act of 2002 is a United States federal law passed in response to a number of major corporate and accounting scandals including those affecting Enron and Tyco International. These scandals resulted in a decline of public trust in accounting and reporting practices.

Most provisions of the Act relate to accounting standards, financial controls and transparency.

The impact on IT systems is largely indirect. The Act has heightened focus on data security and integrity.  Controls for financial processes have been tightened and this has resulted in increased use of IT oriented standards such as COBIT and ITIL to assure compliance.

Which laws govern data protection?

There is now a raft of legislation which touches upon data protection and information security for organisations in the UK.  This legislation includes:

  • The Human Rights Act 1998
  • The Copyright, Designs and Patent Act 1988
  • The Computer Misuse Act 1990
  • The Telecommunications Regulations 1998 (Data Protection and Privacy)
  • The Data Protection Act 1998, the Regulation of Investigatory Powers Act 2000
  • The Freedom of Information Act 2000.

A rigorous framework such as ISO 27001 can help ensure compliance.

Why choose Focus on Training for your Information Security training?

We are specialist providers of Project Management, Business Analysis and IT training. We work alongside expert trainers to ensure our scheduled public courses and in house training provision is of a consistently high standard.

Focus customers include Cambridgeshire Fire & Rescue, East Sussex County Council, Leeds City Council and RNIB.

What delivery formats are available for Information Security training?

As well as instructor led classroom courses we also offer online courses and in-house Information Security training.  Information Security onsite training is a convenient and cost-effective study method for organisations looking to train a group of delegates.

Our online Information Security courses let you study in your own time and are usually the least expensive study option.

What other training requirements can Focus help with?

We have an extensive range of  courses suitable for business, IT and project professionals. This includes training in the areas of Prince2, MSP, APM, ITIL, Business Analysis, Microsoft Project and Software Testing.

Our most popular courses include Prince2 Foundation & Practitioner, MSP Practitioner, ITIL Foundation and ISTQB Software Testing Foundation. Contact a member of our sales team today to discuss your requirements.

Our Customers Include