Evaluating Your Organization’s Security Posture

This course will teach you about completing a holistic security evaluation, and how to shape it into a repeatable practice that helps raise the IT security posture for the whole company.
Course info
Level
Intermediate
Updated
Dec 11, 2018
Duration
3h 23m
Table of contents
Course Overview
The Case for Evaluating Your Organization’s Security
Planning and Organizing the Evaluation
Collecting Data and Conducting Interviews
Evaluating Your Organization’s Physical Security
Evaluating the External Footprint
Evaluating the Internal IT Security Posture
Evaluating the Weakest Link - Social Engineering
Setting the Benchmark and the Concept of Iterative Evaluations
Wrapping the Security Evaluation
Description
Course info
Level
Intermediate
Updated
Dec 11, 2018
Duration
3h 23m
Description

Assessing your organization’s security is a long process consisting of many moving parts. In this course, Evaluating Your Organization’s Security Posture, you will gain the ability to complete an end-to-end security evaluation to provide a “map” of your company’s security posture. First, you will learn about the practices of security evaluation. Next, you will discover the many tools and techniques available. Finally, you will explore how to effectively juggle the amount of work, evidence, and data collection required of an assessment. When you’re finished with this course, you will have the skills and knowledge of auditing, governance, and critical thinking needed to evaluate your organization’s security.

About the author
About the author

Paul has deeply enjoyed technology since taking apart his grandmother's digital clock at a young age. He believes IT is a powerful enabler for business and improving our lives.

Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone, my name is Paul Mealus, and welcome to my course Evaluating Your Organization's Security. I'm a governance analyst and team lead at Guild Mortgage Company. Six billionths of a second, the time between one packet to the next on a network. Four times faster than a mouse trap snaps shut. A nimble, self-repairing IT security posture, this is what we require in this modern age. Completing a holistic security evaluation is your first step towards that. As a security professional, you likely have a good technical grasp. In this course, we are going to put that to the test and cover the many practices and thought patterns that make up a security evaluation. Some of the major topics that we will cover include planning, organizing, and iterating a security evaluation, evaluating internal and external security posture, practices and controls that help us protect against threats like social engineering, and shaping your evaluation practice to help meet the ever growing regulatory requirements that levied on all companies these days. By the end of this course, you will know how to complete a security evaluation from start to finish and provide all important data and narrative for decision makers. Before beginning the course, you should be familiar with the very basics of IT security and auditing. I hope you'll join me on this journey to learn about end to end security assessment in the Evaluating Your Company's Security course available on Pluralsight.