Education and TrainingOne of the main goals is to convey students a certain understanding of network design, architecture, and implementation of a secure computer and network environment.
EducationA fundamental education of people which are responsible for computer and network security covers among other topics concepts of firewalls, routers, screens, the DMZ, network protocols, security awareness and security policy.
The advanced education has its focus on pentration tools, encryption, PKI, Incident Management and Handling, intrusion detection, computer network defense and Systems Management.
TrainingTraining is more formal and interactive than an awareness program. It is directed towards building knowledge, skills, and abilities that facilitate job capabilities and performance. Theoretical lectures have been replaced with interactive and meaningful training.
An important first step to launch a successful training program, is to convince senior managers that training is valuable and essential, because it can help to ensure the integrity, availability, and confidentiality of the IT system assets and its information.
To be most effective, training must be iterative (learn, exercise, review, analyze, repeat) and should involve as many realistic scenarios as possible since companies become exposed to a wide variety of potential emergency situations.
The key is to make use of the knowledge that something has happened, that something is about to happen, or that something is perhaps amiss.