François Chung, Ph.D.

Tag: information security

ISO 9001 & ISO 27001

ISO 9001 & ISO 27001

Advisera training, MOOC (2022). These 2 online courses provide all of the key information needed to know about both ISO 9001 (quality management) and ISO 27001 (information security) standards, including the requirements, best practices for compliance and how to implement them for any type of business. These courses are made for beginners with no prior knowledge in quality management, information security and ISO standards.

ISO 9001: Quality management

Main topics:

  • Introduction to ISO 9001;
  • The planning phase;
  • Operations;
  • The Check and Act phases.

ISO 27001: Information security

Main topics:

  • Introduction to ISO 27001;
  • The planning phase;
  • Risk management;
  • The Do phase;
  • The Check and Act phases.

References

Cybersecurity specialization

Cybersecurity specialization

Coursera training, MOOC (2022). This specialization from The University of Maryland (US) covers the fundamental concepts underlying the construction of secure systems, including the hardware, the software and the human-computer interface, with the use of cryptography to secure interactions. These concepts are illustrated with examples drawn from modern practice, and augmented with hands-on exercises involving relevant tools and techniques.

Course 1: Usable security

Main topics:

  • Human-Computer Interaction (HCI);
  • Design methodology and prototyping;
  • A/B testing, quantitative and qualitative evaluation;
  • Secure interaction design;
  • Biometrics, two-factor authentication (2FA);
  • Privacy settings, data inference.

Course 2: Software security

Main topics:

  • Low-level security: attacks and exploits;
  • Defending against low-level exploits:
  • Web security: attacks and defenses;
  • Designing and building secure software;
  • Static program analysis;
  • Penetration and fuzz testing.

Course 3: Cryptography

Main topics:

  • Computational secrecy and modern cryptography;
  • Private-key encryption;
  • Message authentication codes;
  • Number theory;
  • Key exchange and public-key encryption;
  • Digital signatures.

Course 4: Hardware security

Main topics:

  • Digital system design: basics and vulnerabilities;
  • Designing intellectual property protection;
  • Physical attacks and modular exponentiation;
  • Side-channel attacks and countermeasures;
  • Hardware trojan detection;
  • Trusted integrated circuit;
  • Good practice and emerging technologies.

References

Training

Usable security (course certificate)
Software security (course certificate)
Cryptography (course certificate)
Hardware security (course certificate)

Related articles

Blockchain essentials (Cognitive Class training)
Bitcoin and cryptocurrency technologies (Coursera training)

Learn more