Professional Master’s Degree

Advanced Cybersecurity Management

Today's world is moving towards complete digitalization. More and more processes, operations and basic tasks of all kinds are being performed through an electronic device. But this progress also has certain risks, as computers, smartphones, tablets and all kinds of digital applications can be susceptible to cyber-attacks. For that reason, many companies are looking for experts who can effectively lead and manage the cybersecurity of their services. Thus, this new professional profile is in great demand, so this program has been designed to provide the latest knowledge and techniques to the computer scientist, who will be prepared to be the director of cybersecurity in any company that requires it.

Certificate

duration

1 year

enrolment period

start date

hours

1500

financing up to

12 months

Price

The world's largest faculty of information technology”

Description

This program will prepare you intensively to specialize in cybersecurity management, the most demanded professional profile in the IT field today"

maestria direccion ciberseguridad avanzada

In recent years, the digitization process has accelerated, driven by the continuous advances in information technology. Thus, not only technology has enjoyed great improvements, but also the digital tools themselves with which many tasks are performed today. For example, these advances have made it possible for many banking operations to be carried out from a mobile application. There have also been new developments in the healthcare field, in appointment systems or in access to medical records. In addition, thanks to these technologies, it is possible to consult invoices or request services from companies in areas such as telephony.

But these advances have also led to an increase in computer vulnerabilities. Thus, while the options for performing various activities and tasks have expanded, attacks on the security of devices, applications and websites have increased proportionally. As a result, more and more companies are looking for cybersecurity professionals who are able to provide them with adequate protection against all types of cyber-attacks.

Thus, the profile of Cybersecurity Manager is one of the most sought after by companies that operate on the Internet or have services in the digital environment. And to respond to this demand, TECH has designed this Professional Master’s Degree in Advanced Cybersecurity Management, which will provide the computer scientist with all the necessary tools to exercise this position effectively and taking into account the latest developments in protection and vulnerabilities in this technological field.

In this program, you will be able to delve deeper into aspects such as security in the development and design of systems, techniques or security in Cloud Computing environments. It will do so through a 100% online methodology with which you will be able to combine your professional work with your studies, without rigid schedules or uncomfortable trips to an academic center. In addition, you will enjoy numerous multimedia teaching resources, taught by the most prestigious and specialized faculty in the field of cybersecurity.

Get to know, first hand, the best security techniques applied to Cloud Computing environments or Blockchain technology"

This Professional Master’s Degree in Advanced Cybersecurity Management contains the most complete and up to date scientific program on the market. Its most notable features are:

The development of case studies presented by IT and cybersecurity experts
The graphic, schematic, and practical contents with which they are created, provide scientific and practical information on the disciplines that are essential for professional practice
Practical exercises where the self assessment process can be carried out to improve learning
Its special emphasis on innovative methodologies
Theoretical lessons, questions to the expert, debate forums on controversial topics, and individual reflection work
Content that is accessible from any fixed or portable device with an Internet connection

You will enjoy numerous multimedia contents to speed up your learning process, while receiving the support of a faculty of great prestige in the field of cybersecurity”

The program includes, in its teaching staff, professionals from the sector who bring to this training the experience of their work, in addition to recognized specialists from prestigious reference societies and universities.

The multimedia content, developed with the latest educational technology, will provide the professional with situated and contextual learning, i.e., a simulated environment that will provide immersive training programmed to train in real situations.

This program is designed around Problem Based Learning, whereby the professional must try to solve the different professional practice situations that arise throughout the program. For this purpose, the student will be assisted by an innovative interactive video system created by renowned and experienced experts.

TECH online methodology will allow you to choose the time and place to study, without hindering your professional work"

magister direccion ciberseguridad avanzada

You will be able to become the Cybersecurity Manager of the best companies in your field"

Syllabus

This program is structured in 10 specialized modules that will allow the professional to deepen in aspects such as digital identification, access control systems, information security architecture, the structure of the security area, information security management systems in communications and software operation or the development of the business continuity plans associated with security. This will enable the IT specialist to gain a comprehensive understanding of all the relevant issues of today's cybersecurity.

mejor maestria direccion ciberseguridad avanzada

You won't find more complete and innovative content than this to specialize in Advanced Cybersecurity Management"

Module 1. Security in System Design and Development

1.1. Information Systems

1.1.1. Information System Domains
1.1.2. Information System Components
1.1.3. Information System Activities
1.1.4. Life Cycle of an Information System
1.1.5. Information System Resources

1.2. IT Systems Types

1.2.1. Types of Information Systems

1.2.1.1. Corporate
1.2.1.2. Strategic
1.2.1.3. According to the Area of Application
1.2.1.4. Specific

1.2.2. Information Systems Real Examples
1.2.3. Evolution of Information Systems: Stages
1.2.4. Methods of Information Systems

1.3. Information System Security Legal Implications

1.3.1. Access to Data
1.3.2. Security Threats: Vulnerabilities
1.3.3. Legal Implications: Criminal Offenses
1.3.4. Maintenance Procedures of an Information System

1.4. Information System Security Security Protocol

1.4.1. Information System Security

1.4.1.1. Integrity
1.4.1.2. Confidentiality
1.4.1.3. Availability
1.4.1.4. Authentication

1.4.2. Security Services
1.4.3. Information Security Protocols Types
1.4.4. Information System Sensitivity

1.5. Information System Security Access Control Measures and Systems

1.5.1. Security Measures
1.5.2. Type of Security Measures

1.5.2.1. Prevention
1.5.2.2. Detection
1.5.2.3. Correction

1.5.3. Access Control Systems Types
1.5.4. Cryptography

1.6. Network and Internet Security

1.6.1. Firewalls
1.6.2. Digital Identification
1.6.3. Viruses and Worms
1.6.4. Hacking
1.6.5. Examples and Real Cases

1.7. Computer Crimes

1.7.1. Computer Crimes
1.7.2. Computer Crimes Types
1.7.3. Computer Crimes Attack Types
1.7.4. The Case for Virtual Reality
1.7.5. Profiles of Offenders and Victims Criminalization of the Crime
1.7.6. Computer Crimes Examples and Real Cases

1.8. Security Plans in Information Systems

1.8.1. Security Plan Objectives
1.8.2. Security Plan Plan
1.8.3. Risk Plan Analysis
1.8.4. Security Policy Implementation in the Organization
1.8.5. Security Plan Implementation in the Organization
1.8.6. Security Procedures Types
1.8.7. Security Plan Examples:

1.9. Contingency Plan

1.9.1. Contingency Plan Functions
1.9.2. Emergency Plan Elements and Objectives
1.9.3. Contingency Plan in the Organization Implementation
1.9.4. Contingency Plans Examples:

1.10. Information Systems Security Governance

1.10.1. Legal Regulations
1.10.2. Standards
1.10.3. Certifications
1.10.4. Technologies

Module 2. Information Security Architectures and Models

2.1. Information Security Architecture

2.1.1. ISMSI / PDS
2.1.2. Strategic Alignment
2.1.3. Risk Management
2.1.4. Performance Measurement

2.2. Information Security Models

2.2.1. Based on Security Policies
2.2.2. Based on Protection Tools
2.2.3. Bases on Teamwork

2.3. Security Model Key Components

2.3.1. Risk Identification
2.3.2. Definition of Controls
2.3.3. Continuous Assessment of Risk Levels
2.3.4. Awareness Plan for Employees, Suppliers, Partners, etc.

2.4. Risk Management Process

2.4.1. Asset Identification
2.4.2. Threat Identification
2.4.3. Risk Assessment
2.4.4. Prioritization of Controls
2.4.5. Reassessment and Residual Risk

2.5. Business Processes and Information Security

2.5.1. Business Processes
2.5.2. Risk Assessment Based on Business Parameters
2.5.3. Business Impact Analysis
2.5.4. Business Operations and Information Security

2.6. Continuous Improvement Process

2.6.1. Deming's Cycle

2.6.1.1. Planning
2.6.1.2. Do
2.6.1.3. Verify
2.6.1.4. Act

2.7. Security Architectures

2.7.1. Selection and Homogenization of Technologies
2.7.2. Identity Management Authentication
2.7.3. Access Management Authorization
2.7.4. Network Infrastructure Security
2.7.5. Encryption Technologies and Solutions
2.7.6. Endpoint Detection and Response (EDR)

2.8. Regulatory Framework

2.8.1. Sectoral Regulations
2.8.2. Certifications
2.8.3. Legislations

2.9. The ISO 27001 Standard

2.9.1. Implementation
2.9.2. Certification
2.9.3. Audits and Penetration Tests
2.9.4. Continuous Risk Management
2.9.5. Classification of Information

2.10. Privacy Legislation GDPR

2.10.1. Scope of General Data Protection Regulation (GDPR)
2.10.2. Personal Data
2.10.3. Roles in the Processing of Personal Data
2.10.4. ARCO Rights
2.10.5. DPO Functions

Module 3. IT Security Management

3.1. Safety Management

3.1.1. Security Operations
3.1.2. Legal and Regulatory Appearance
3.1.3. Business Authorization
3.1.4. Risk Management
3.1.5. Identity and Access Management

3.2. Structure of the Security Area The CISO's office

3.2.1. Organisational Structure. Position of the CISO in the Structure
3.2.2. Lines of Defence
3.2.3. CISO Office Organization Chart
3.2.4. Budget Management

3.3. Government Security

3.3.1. Security Committee
3.3.2. Risk Monitoring Committee
3.3.3. Audit Committee
3.3.4. Crisis Committee

3.4. Government Security Functions

3.4.1. Policies and Standards
3.4.2. Security Management Plan
3.4.3. Control Panels
3.4.4. Awareness and Training
3.4.5. Supply Chain Security

3.5. Security Operations

3.5.1. Identity and Access Management
3.5.2. Configuration of Network Security Rules Firewalls
3.5.3. IDS/IPS Platform Management
3.5.4. Vulnerability Analysis

3.6. Cybersecurity Framework NIST CSF

3.6.1. NIST Methodology

3.6.1.1. Log In
3.6.1.2. Protect
3.6.1.3. Detect
3.6.1.4. Respond
3.6.1.5. Recover

3.7. Security Operations Center (SOC) Functions

3.7.1. Protection Red Team, Pentesting, Threat Intelligence
3.7.2. Detection SIEM, User Behavior Analytics, Fraud Prevention
3.7.3. Response

3.8. Security Audits

3.8.1. Intrusion Test
3.8.2. Red Team Exercises
3.8.3. Source Code Audits Secure Development
3.8.4. Component Safety (Software Supply Chain))
3.8.5. Forensic Analysis

3.9. Incident Response

3.9.1. Preparation
3.9.2. Detection, Analysis and Reporting
3.9.3. Containment, Eradication and Recovery
3.9.4. Post-Incident Activity

3.9.4.1. Retention of Evidence
3.9.4.2. Forensic Analysis
3.9.4.3. Gap Management

3.9.5. Official Cyber Incident Management Guides

3.10. Vulnerability Management

3.10.1. Vulnerability Analysis
3.10.2. Vulnerability Assessment
3.10.3. System Basing
3.10.4. Day 0 Vulnerabilities Zero-Day

Module 4. Risk Analysis and IT Security Environment

4.1. Analysis of the environment

4.1.1. Analysis of the Economic Situation

4.1.1.1. VUCA Environment

4.1.1.1.1. Volatile
4.1.1.1.2. Unsure
4.1.1.1.3. Complex
4.1.1.1.4. Ambiguous

4.1.1.2. BANI Environment

4.1.1.2.1. Broken
4.1.1.2.2. Anxious
4.1.1.2.3. Non-Linear
4.1.1.2.4. Incomprehensible

4.1.2. General Environment Analysis PESTLE

4.1.2.1. Politics
4.1.2.2. Economics
4.1.2.3. Social
4.1.2.4. Technological
4.1.2.5. Ecological/Environmental
4.1.2.6. Legal

4.1.3. Analysis of the Internal Situation SWOT Analysis

4.1.3.1. Objectives
4.1.3.2. Threats
4.1.3.3. Opportunities
4.1.3.4. Strengths

4.2. Risk and Uncertainty

4.2.1. Risk
4.2.2. Risk Management
4.2.3. Risk Management Standards

4.3. ISO 31.000:2018 Risk Management Guidelines

4.3.1. Object
4.3.2. Principles
4.3.3. Frame of Reference
4.3.4. Process

4.4. Methodology for Analysis and Management of Information Systems Risks (MAGERIT)

4.4.1. MAGERIT Methodology

4.4.1.1. Objectives
4.4.1.2. Method
4.4.1.3. Components
4.4.1.4. Techniques
4.4.1.5. Available Tools (PILAR)

4.5. Cyber Risk Transfer

4.5.1. Risk Transfer
4.5.2. Cyber Risks Types
4.5.3. Cyber Risk Insurance

4.6. Agile Methodologies for Risk Management

4.6.1. Agile Methodologies
4.6.2. Scrum for Risk Management
4.6.3. Agile Risk Management

4.7. Technologies for Risk Management

4.7.1. Artificial Intelligence Applied to Risk Management
4.7.2. Blockchain and Cryptography Value Preservation Methods
4.7.3. Quantum Computing Opportunity or Risk

4.8. IT Risk Mapping Based on Agile Methodologies

4.8.1. Representation of Probability and Impact in Agile Environments
4.8.2. Risk as a Threat to Value
4.8.3. Re-Evolution in Project Management and Agile Processes Based on KRIs

4.9. Risk-Driven in Risk Management

4.9.1. Risk Driven
4.9.2. Risk-Driven in Risk Management
4.9.3. Development of a Risk-Driven Business Management Model

4.10. Innovation and Digital Transformation in IT Risk Management

4.10.1. Agile Risk Management as a Source of Business Innovation
4.10.2. Transforming Data into Useful Information for Decision Making
4.10.3. Holistic View of the Company through Risk

Module 5. Cryptography in IT

5.1. Cryptography

5.1.1. Cryptography
5.1.2. Fundamentals of Mathematics

5.2. Cryptology

5.2.1. Cryptology
5.2.2. Cryptanalysis
5.2.3. Steganography and Stegoanalysis

5.3. Cryptographic Protocols

5.3.1. Basic Blocks
5.3.2. Basic Protocols
5.3.3. Intermediate Protocols
5.3.4. Advanced Protocols
5.3.5. Exoteric Protocols

5.4. Cryptographic Techniques

5.4.1. Length of Passwords
5.4.2. Password Management
5.4.3. Types of Algorithms
5.4.4. Summary of Functions Hash
5.4.5. Pseudo-Random Number Generators
5.4.6. Use of Algorithms

5.5. Symmetric Cryptography

5.5.1. Block Ciphers
5.5.2. DES (Data Encryption Standard)
5.5.3. RC4 Algorithm
5.5.4. AES (Advanced Encryption Standard)
5.5.5. Combination of Block Ciphers
5.5.6. Password Derivation

5.6. Asymmetric Cryptography

5.6.1. Diffie-Hellman
5.6.2. DSA (Digital Signature Algorithm)
5.6.3. RSA (Rivest, Shamir and Adleman)
5.6.4. Elliptic Curve
5.6.5. Asymmetric Cryptography Types

5.7. Digital Certificates

5.7.1. Digital Signature
5.7.2. X509 Certificates
5.7.3. Public Key Infrastructure (PKI)

5.8. Implementations

5.8.1. Kerberos
5.8.2. IBM CCA
5.8.3. Pretty Good Privacy (PGP)
5.8.4. ISO Authentication Framework
5.8.5. SSL and TLS
5.8.6. Europay, MasterCard, and Visa (EMV)
5.8.7. Mobile Telephony Protocols
5.8.8. Blockchain

5.9. Steganography

5.9.1. Steganography
5.9.2. Stegoanalysis
5.9.3. Applications and Uses

5.10. Quantum Cryptography

5.10.1. Quantum Algorithms
5.10.2. Algorithm Protection Against Quantum Computing
5.10.3. Quantum Key Distribution

Module 6. Identity and Access Management in IT Security

6.1. Identity and Access Management (IAM)

6.1.1. Digital Identity
6.1.2. Identity Management
6.1.3. Identity Federation

6.2. Physical Access Control

6.2.1. Protection Systems
6.2.2. Security of the Areas
6.2.3. Recovery Facilities

6.3. Logical Access Control

6.3.1. Authentication Types
6.3.2. Authentication Protocols
6.3.3. Authentication Attacks

6.4. Logical Access Control. MFA Authentication

6.4.1. Logical Access Control. MFA Authentication
6.4.2. Passwords Importance
6.4.3. Authentication Attacks

6.5. Logical Access Control. Biometric Authentication

6.5.1. Logical Access Control Biometric Authentication

6.5.1.1. Biometric Authentication Requirements

6.5.2. Operation
6.5.3. Models and Techniques

6.6. Authentication Management Systems

6.6.1. Single Sign On
6.6.2. Kerberos
6.6.3. AAA Systems

6.7. Authentication Management Systems: AAA Systems

6.7.1. TACACS
6.7.2. RADIUS
6.7.3. DIAMETER

6.8. Access Control Services

6.8.1. FW- Firewalls
6.8.2. VPN - Virtual Private Networks
6.8.3. IDS - Intrusion Detection System

6.9. Network Access Control Systems

6.9.1. NAC
6.9.2. Architecture and Elements
6.9.3. Operation and Standardization

6.10. Access to Wireless Networks

6.10.1. Types of Wireless Networks
6.10.2. Wireless Network Security
6.10.3. Wireless Network Attacks

Module 7. Security in Communications and Software Operation

7.1. Computer Security in Communications and Software Operation

7.1.1. IT Security
7.1.2. Cybersecurity
7.1.3. Cloud Security

7.2. IT Security in Communications and Software Operation Types

7.2.1. Physical Security
7.2.2. Logical Security

7.3. Communications Security

7.3.1. Main Elements
7.3.2. Network Security
7.3.3. Best Practices

7.4. Cyberintelligence

7.4.1. Social Engineering
7.4.2. Deep Web
7.4.3. Phishing
7.4.4. Malware

7.5. Secure Development in Communications and Software Operation

7.5.1. Secure Development HTTP Protocol
7.5.2. Secure Development Life Cycle
7.5.3. Secure Development PHP Security
7.5.4. Secure Development NET Security
7.5.5. Secure Development Best Practices

7.6. Information Security Management Systems in Communications and Software Operation

7.6.1. GDPR
7.6.2. ISO 27021
7.6.3. ISO 27017/18

7.7. SIEM Technologies

7.7.1. SIEM Technologies
7.7.2. SOC Operations
7.7.3. SIEM Vendors

7.8. The Role of Security in Organizations

7.8.1. Roles in Organizations
7.8.2. Role of IoT Specialists in Companies
7.8.3. Recognized Certifications in the Market

7.9. Forensic Analysis

7.9.1. Forensic Analysis
7.9.2. Forensic Analysis Methodology
7.9.3. Forensic Analysis Tools and Implementation

7.10. Cybersecurity Today

7.10.1. Main Cyber Attacks
7.10.2. Employability Forecasts
7.10.3. Challenges

Module 8. Security in Cloud Environments

8.1. Security in Cloud Computing Environments

8.1.1. Security in Cloud Computing Environments
8.1.2. Security in Cloud Environments Security Threats and Risks
8.1.3. Security in Cloud Computing Key Security Aspects

8.2. Types of Cloud Infrastructure

8.2.1. Public
8.2.2. Private
8.2.3. Hybrid

8.3. Shared Management Model

8.3.1. Security Elements Managed by Supplier
8.3.2. Elements Managed by the Client
8.3.3. Definition of the Security Strategy

8.4. Prevention Mechanisms

8.4.1. Authentication Management Systems
8.4.2. Authorization Management System: Access Policies
8.4.3. Key Management Systems

8.5. Securing Systems

8.5.1. Securing Storage Systems
8.5.2. Protection of Database Systems
8.5.3. Securing Data in Transit

8.6. Infrastructure Protection

8.6.1. Secure Network Design and Implementation
8.6.2. Security in Computing Resources
8.6.3. Tools and Resources to Protect the Infrastructure

8.7. Detection of Threats and Attacks

8.7.1. Auditing, Logging and Monitoring Systems
8.7.2. Event and Alarm Systems
8.7.3. SIEM Systems

8.8. Incident Response

8.8.1. Incident Response Plan
8.8.2. Business Continuity
8.8.3. Forensic Analysis and Remediation of Incidents of the Same Nature.

8.9. Security in Public Clouds

8.9.1. AWS (Amazon Web Services)
8.9.2. Microsoft Azure
8.9.3. Google GCP
8.9.4. Oracle Cloud

8.10. Regulations and Compliance

8.10.1. Compliance with Safety Regulations
8.10.2. Risk Management
8.10.3. People and Process in the Organizations

Module 9. Security in IoT Device Communications

9.1. From Telemetry to IoT

9.1.1. Telemetry
9.1.2. M2M Connectivity
9.1.3. Democratization of Telemetry

9.2. IoT Reference Models

9.2.1. IoT Reference Models
9.2.2. IoT Simplified Architecture

9.3. IoT Security Vulnerabilities

9.3.1. IoT Devices
9.3.2. IoT Devices Usage Case Studies
9.3.3. IoT Devices Vulnerabilities

9.4. Connectivity to IoT

9.4.1. PAN, LAN, WAN Networks
9.4.2. Non IoT Wireless Technologies
9.4.3. LPWAN Wireless Technologies

9.5. LPWAN Technologies

9.5.1. The Iron Triangle of LPWAN Networks
9.5.2. Free Frequency Bands vs. Licensed Bands
9.5.3. LPWAN Technology Options

9.6. LoRaWAN Technology

9.6.1. LoRaWAN Technology
9.6.2. LoRaWAN Use Cases Ecosystem
9.6.3. Security in LoRaWAN

9.7. Sigfox Technology

9.7.1. Sigfox Technology
9.7.2. Sigfox Use Cases Ecosystem
9.7.3. Security in Sigfox

9.8. IoT Cellular Technology

9.8.1. IoT Cellular Technology (NB-IoT and LTE-M)
9.8.2. Cellular IoT Use Cases Ecosystem
9.8.3. IoT Cellular Security

9.9. WiSUN Technology

9.9.1. WiSUN Technology
9.9.2. WiSUN Use Cases Ecosystem
9.9.3. Security in WiSUN

9.10. Other IoT Technologies

9.10.1. Other IoT Technologies
9.10.2. Use Cases and Ecosystem of Other IoT Technologies
9.10.3. Security in Other IoT Technologies

Module 10. Business Continuity Plan Associated with Security

10.1. Business Continuity Plans

10.1.1. Business Continuity Plans (BCP)
10.1.2. Business Continuity Plans (BCP) Key Aspects
10.1.3. Business Continuity Plan (BCP) for Company Valuation

10.2. Metrics in Business Continuity Plans (BCP)

10.2.1. Recovery Time Objective (RTO) and Recovery Point Objective (RPO)
10.2.2. Maximum Tolerable Downtime (MTD)
10.2.3. Minimum Recovery Levels (ROL)
10.2.4. Recovery Point Objective (RPO)

10.3. Continuity Projects Types

10.3.1. Business Continuity Plans (BCP)
10.3.2. ICT Continuity Plan (ICTCP)
10.3.3. Disaster Recovery Plan (DRP)

10.4. Risk Management Associated with the BCP

10.4.1. Business Impact Analysis
10.4.2. Benefits of Implementing a BCP
10.4.3. Risk-Based Mentality

10.5. Life Cycle of a Business Continuity Plan

10.5.1. Phase 1: Analysis of the Organization
10.5.2. Phase 2: Determining the Continuity Strategy
10.5.3. Phase 3: Response to Contingency
10.5.4. Phase 4: Tests, Maintenance and Review

10.6. Organizational Analysis Phase of a BCP

10.6.1. Identification of Processes in the Scope of the BCP
10.6.2. Identification of Critical Business Areas
10.6.3. Identification of Dependencies between Areas and Processes
10.6.4. Determination of Appropriate BAT
10.6.5. Deliverables Creating a Plan

10.7. Phase of Determination of the Continuity Strategy in a BCP

10.7.1. Roles in the Strategy Determination Phase
10.7.2. Tasks of the Strategy Determination Phase
10.7.3. Deliverables

10.8. Contingency Response Phase in a BCP

10.8.1. Roles in the Response Phase
10.8.2. Tasks in this Phase
10.8.3. Deliverables

10.9. Testing, Maintenance and Revision Phase of a BCP

10.9.1. Roles in the Testing, Maintenance and Revision Phase
10.9.2. Tasks in the Testing, Maintenance and Revision Phase
10.9.3. Deliverables

10.10. ISO Standards Associated with Business Continuity Plans (BCP)

10.10.1. ISO 22301:2019
10.10.2. ISO 22313:2020
10.10.3. Other Related ISO and International Standards

estudiar direccion ciberseguridad avanzada

The best teaching staff and its innovative teaching system are combined with the most complete and up to date syllabus: you have a great opportunity to progress as a computer scientist”