Data Protection and Privacy

remaining calm under pressure self-management communicating with non-technical colleagues about technical matters producing written and verbal reports managing suppliers prioritising complex sets of demands understanding business and user needs evaluating the probable social, commercial, cultural, ethical and environmental consequences of an action

Working in a cyber security role requires specialist knowledge, and some roles require a lot. Such knowledge can be acquired in several ways and, although the requirements for any given role are described here in terms of Knowledge Areas (KAs) from the Cyber Security Body of Knowledge (CyBOK), this doesn't mean that a cyber security specialist must read the relevant sections of CyBOK. Increasingly, however, cyber security qualifications, training and skills definitions are being mapped to CyBOK - so the KAs are a good way of describing the knowledge associated with a specialism. As with skills, as a Cyber Security Generalist you may, in some cases, need to have some knowledge of every aspect of cyber security. In most cases, however, you will not need to be able deliver the services, needing only to know enough to be able to commission and assess the provision of technical services by others, which may include external suppliers. The Knowledge Areas (KAs) listed below are therefore those you're most likely to need. You may need additional KAs, depending on which services you're most closely involved in delivering. You're most likely to have a very good understanding of the Core Knowledge, which is essential to performing the role. You may still need a good understanding of the Related Knowledge, but not to quite the same degree. You may need a much less detailed understanding of the elements of Wider Knowledge, which provides context for your work. Coming into such a role, you will not be expected to have all his knowledge initially. But, given the wide range of tasks and the rigour with which standards must be followed, you'll need to have most of the Core knowledge. CORE KNOWLEDGE Risk Management and Governance Security management systems and organisational security controls, including standards, best practices, and approaches to risk assessment and mitigation. Security Operations & Incident Management The configuration, operation and maintenance of secure systems including the detection of and response to security incidents and the collection and use of threat intelligence. And, if the responsibilities include Industrial Control Systems (ICSs): Cyber-Physical Systems Security Security challenges in cyber-physical systems, such as the Internet of Things and Industrial Control Systems, attacker models, safe-secure designs, and security of large-scale infrastructures.

Law & Regulation International and national statutory and regulatory requirements, compliance obligations, and security ethics, including data protection and developing doctrines on cyber warfare. Authentication, Authorisation & Accountability All aspects of identity management and authentication technologies, and architectures and tools to support authorisation and accountability in both isolated and distributed systems. Malware & Attack Technologies Technical details of exploits and distributed malicious systems, together with associated discovery and analysis approaches. Human Factors Usable security, social & behavioural factors impacting security, security culture and awareness as well as the impact of security controls on user behaviours. Privacy & Online Rights Techniques for protecting personal information, including communications, applications, and inferences from databases and data processing. It also includes other systems supporting online rights touching on censorship and circumvention, covertness, electronic elections, and privacy in payment and identity systems. Network Security Security aspects of networking and telecommunication protocols, including the security of routing, network security elements, and specific cryptographic protocols used for network security. And, if the responsibilities include public-facing systems: Web & Mobile Security Issues related to web applications and services distributed across devices and frameworks, including the diverse programming paradigms and protection models.

Secure Software Lifecycle The application of security software engineering techniques in the whole systems development lifecycle resulting in software that is secure by default. Forensics The collection, analysis, and reporting of digital evidence in support of incidents or criminal events.

Governance Legal and Regulatory Environment and Compliance Third Party Management Risk Assessment Information Risk Management Secure Operations Management Data Protection Cyber security awareness training Monitoring system performance and security

Entry Level British Computer Society Certificate in Information Security Management Principles (CISMP) – NCSC Certified PECB Certified ISO 31000 Risk Manager NIST Cyber Security Professional (NCSP®) Foundation Certificate – NCSC Certified PECB Certified ISO/IEC 27001 Foundation Cyber Incident Planning and Response (CIPR) – NCSC Certified Practitioner British Computer Society Certificate in Information Security Management Principles (CISMP) – NCSC Certified PECB Certified ISO 31000 Risk Manager NIST Cyber Security Professional (NCSP®) Boot Camp (Foundation and Practitioner) Certificate – NCSC Certified PECB Certified ISO/IEC 27001 Lead Implementer PECB Certified ISO/IEC 27001 Lead Auditor Cyber Incident Planning and Response (CIPR) – NCSC Certified