Cybersecurity practitioners course

Introduction

Organizations across all industries are faced with unmanageable levels of cyber threats brought on by a changing threat landscape.

The optimum strategy to respond to these threats is to make security an integral part of culture and overall structure—to help organizations better prepare for digital transformation in the age of the fourth industrial revolution.

Build expertise in developing security systems that understand, reason, and learn; proactively reacting to cyber threats.

IBM SkillsBuild for Academia

Cybersecurity Overview

This course comprises a unique mix of cybersecurity technical and real-world industry skills, designed to provide awareness on the impact of cybersecurity threats in key industries across geographies.

Objectives

Cybersecurity Practitioners

Can elevate organizations’ overall security posture, by adopting practices, methods, and tools that increase enterprise cyber resilience. Practitioners provide awareness of the latest cyber threats and can help set the foundation for implementing an incident response team and a security operations center.

This course covers the following objectives:

  • Analyze top targeted industries and trends
  • Explore how cyber criminals are using operating system tools to get control
  • Uncover why cyber criminals are changing their techniques
  • Determine what steps you can take to protect your organization against these threats
  • Understand the tools used by penetration testers and ethical hackers (network CLI tools, Telnet, SSH, Nmap, Wireshark, and many others)
  • Leverage high-end security enterprise solutions in high demand such as IBM QRadar SIEM, Vulnerability Manager, UBA, IBM QRadar Advisor with Watson, I2 Analyst Notebook, and IBM Cloud X-Force Exchange
  • Gain real-world practice on critical threat modeling methodologies and frameworks such as MITRE, Diamond, IBM IRIS, and IBM Threat Hunting
  • Participate in Security Operation Center (SOC) role-playing scenarios: experiencing research insights through design thinking practices
  • Experience the basis for SOC—enacting the roles of triage analysts, incident response analysts, and threat intelligence analysts

Analyze tens of millions of spam and phishing attacks daily, and billions of web pages and images to detect fraudulent activity and brand abuse.

How undetected phishing creates a risk for a data breach

Prime Valley Healthcare, Inc., is a not-for-profit, medium-sized, healthcare system resulting from the 2013 integration of two healthcare systems.

Today, Prime Valley includes 36 hospitals, 550 patient care sites, 4500 beds, more than 5,300 active physicians, and 30,000 employees. In the past two years, annual revenue increased by $700 million and operating income more than doubled to $500 million.

In recent years, healthcare reform in the United States has focused on controlling rapidly rising health costs and increasing financial access to healthcare.

Healthcare delivery has not been touched to the same degree by the revolution that has been digitally transforming nearly every other aspect of society, although there has been a recent increase in telehealth practices during the Covid-19 pandemic.

One impediment to the greater use of communications and information technology is the absence of national standards for the capture, storage, communication, processing, and presentation of health information. Another is concern over privacy and confidentiality of patient medical records (patient health information), and data security issues.

Meghan Compton, the CISO at Prime Valley Healthcare, Inc., was looking over the morning IT infrastructure risk assessment reports when a call came in from Alex, a member of her security team. Alex has been keeping an eye on Dr. Froth’s online account. He is a new physician that just joined the physicians’ network at Prime Valley. Dr. Froth’s risk score has been increasing over the past month including multiple logins on his account from different offices and there has been activity from Europe at odd hours of the day.

While the security team has been monitoring Dr. Thomas Froth’s risk score, they find another risk score increasing, this time for the Head of Mergers&Acquisitions, Roy Smith. It is the same IP address that was linked to Dr. Froth that is also linked to Roy Smith’s account.

It seems that Prime Valley has joined the unfortunate trend of breaches caused by an undetected phishing attack.

Because of the increasing risk assessment, Prime Valley has had to notify the President and CEO and implement a threat investigation. Pressure is mounting on Meghan’s team to identify exactly what has happened and ensure that patient data hasn’t been breached.

One week later Alex found something. Alex presents some key findings from his analysis to Meghan using IBM QRadar Advisor with Watson. He tracked the attack back to legacy software that was used by the physician network. The attackers were in the physician network 3 months before Prime Valley Healthcare, Inc. finalized the acquisition. The attackers got into the physician network through a Facebook message.

The M&A team must have been in such haste that they overlooked making sure the network was secure before connecting accounts into Prime Valley’s corporate network. Using IBM X-Force Exchange to perform a threat intelligence investigation, the Threat Hunter on Meghan’s team identified a pattern from the Balkans with responsibility for other attacks on the US health system.

What Is Cybersecurity?

Too many events. Too many false alarms. Too many systems to track threats from root to damage. And not enough expertise to manage all this data and keep a team ahead of the enemy. The reality is that analysts need an assist from artificial intelligence (AI).

AI and machine learning make it easier and faster to find the root cause and chain of events comprising advanced persistent threats and insidious insider activity.

Cyber attacks continue to advance in scale and complexity. At the same time, IT budgets are thin, and security talent is simply outstripped by demand. The modern security operations center (SOC), whether on-site or virtual, needs to deploy a combination of technologies and people to close the gap between attacks and remediation.

With the right process you can get clear visibility into enterprise-wide infrastructure activities, coupled with the ability to respond dynamically to help protect against advanced, persistent, and opportunistic threats, whether they come from outside or inside the organization.

Tools

This course uses the following tools:

  • IBM X-Force Exchange
  • IBM i2 Analyst’s Notebook
  • Mozilla Firefox
  • PuTTY
  • IBM QRadar Vulnerability Manager
  • IBM QRadar
  • IBM Watson User Behavior Analytics
  • Wireshark
  • Zenmap

Prerequisites

Instructor Workshop

Facilitator has taken the course and successfully passed the exam.

  • Avid speaker with good presentation skills
  • Pedagogical group management skills
  • Encourage critical thinking and domain exploration
  • Experience handling data sets and IP copyrights

Classroom Format

Individuals with an active interest in applying for entry-level jobs in cybersecurity related fields.

  • Basic IT Literacy skills*

*Basic IT Literacy – Refers to skills required to operate at the user level a graphical operating system environment such as Microsoft Windows® or Linux Ubuntu®, performing basic operating commands such as launching an application, copying and pasting information, using menus, windows and peripheral devices such as mouse and keyboard. Additionally, users should be familiar with internet browsers, search engines, page navigation, and forms.

Digital credential

Practitioner Certificate

IBM Cybersecurity Practitioner Certificate Badges

IBM Cybersecurity Practitioner Certificate

See badge

About this Certificate

Through validated Cybersecurity instructor-led training, this badge earner has demonstrated the ability to have acquired the skills and understanding of Cybersecurity concepts and technologies

The certificate program earner has demonstrated proficiency and understanding of Cybersecurity technical topics and design thinking.

The earner has gained the ability to apply the concepts and technology to design and develop a Cybersecurity solution prototype that is applicable to real-world Cybersecurity scenarios, and suitable for educational purposes.

Skills

Cybersecurity, Cyber resilience, Network security, IoT security, Application security, Data security, Cloud security, i2, X-Force exchange, IBM Watson, QRadar, SIEM, AI, AI security, Vulnerability manager, UBA, IBM QRadar Advisor with Watson, MITRE, Diamond, IBM IRIS, Threat hunting, Incident Response, Security operations center, SOC, Industry expertise, Security analyst, Design Thinking, Use cases, Communication, Collaboration, Teamwork, Problem-solving, Empathy, Personas, User-centric, Innovation, Stakeholder, Security breach, Scenarios, Browser security, Nmap, Wireshark, CLI.

Criteria

  • Must attend a training session at a higher education institution implementing the IBM Skills Academy program
  • Must have completed the instructor-led Cybersecurity Practitioners training.
  • Must have earned the Enterprise Design Thinking Practitioner Badge.
  • Must pass the Cybersecurity practitioners exam and satisfactorily complete the group exercise.

Instructor Certificate

IBM Cloud Computing Practitioner Certificate-Instructor

IBM Cybersecurity Practitioner Certificate: Instructor

See badge

About this Certificate

Through an IBM instructor-led workshop, this badge earner has acquired skills in Cybersecurity concepts, technology, and use cases.

This certificate program earner has demonstrated proficiency in the following topics: Cybersecurity Foundations, Enterprise Cyber Resilience, Cyber Threats Landscape, Implementation of an Incident Response Team, Security Operations Center Roles, Tools and Practices, Design Thinking for Cybersecurity, and Cybersecurity Industry Use Cases.

The earner has demonstrated the capacity to deliver the Cybersecurity course as an instructor applying pedagogical skills to drive the group work using role playing techniques and challengs based scenarios.

Skills

Cybersecurity, Cyber resilience, Network security, IoT security, Application security, Data security, Cloud security, i2, X-Force exchange, IBM Watson, QRadar, SIEM, AI, AI security, Vulnerability manager, UBA, IBM QRadar Advisor with Watson, MITRE, Diamond, IBM IRIS, Threat hunting, Incident Response, Security operations center, SOC, Industry expertise, Security analyst, Design Thinking, Use cases, Trainer, Lecturer, Advisor, Communication, Collaboration, Teamwork, Problem-solving, Empathy, Personas, User-centric, Innovation, Stakeholder, Security breach, Scenarios, Browser security, Nmap, Wireshark, CLI.

Criteria

  • Must be an instructor of a Higher Education Institution which has or is implementing the IBM Skills Academy Program.
  • Must have completed the IBM Cybersecurity Practitioners — Instructors Workshop.
  • Must have earned the Enterprise Design Thinking Practitioner Badge.
  • Must fulfill the requirements of IBM’s Skills Academy teaching validation process.