Module 04 – IT Security Management

Information Security Training – Virtual Learning with Experts

 Monday, 14 March 2022 - Wednesday, 30 March 2022

 11:00 – 13:00 UTC


IT Security Management  – Module Overview

This course looks at the process of how to best select and implement security measures to effectively address an organization’s security requirements. This process involves examining three fundamental questions: (a) what assets need to be protected, (b) how those assets are threatened, and (c) what can be done to counter those threats. IT security management is the formal process of answering these questions, ensuring that critical assets are sufficiently protected in a cost-effective manner.

The training is open to all ASREN members, member organizations and partners.
Who will benefit from attending this training programme?
  • System/network administrators at NRENs or NREN member organisations
  • System administrators at computing centres or NOCs
Learning Objectives
  • Understand the process involved in IT security management.
  • Describe an organization’s IT security objectives, strategies, and policies.
  • Detail some alternative approaches to IT security risk assessment.
  • Detail steps required in a formal IT security risk assessment.
  • Characterize identified threats and consequences to determine risk.
  • Detail risk treatment alternatives
  • Solid understanding of information security fundamentals
  • Understand network, hardware, software, and application security
Sessions Schedule (live online) 
All materials will be added to the ASREN Training Portal, to access the Training Portal please click here.
 Session Title  Date  Time (UTC)
 Introduction to security incident response  Monday 3/14/2022  11:00 -13:00
 Security intelligence and SOC tooling  Wednesday 3/16/2022  11:00 -13:00
 Overview of international security collaboration  Monday 3/21/2022  11:00 -13:00
 Campus Security Talks  Wednesday 3/23/2022  14:00 -16:00
 Brazilian NREN CSIRT Experience  Monday 3/28/2022  11:00 -13:00
 IT security management  Wednesday 3/30/2022  11:00 -13:00
Meet the experts
  • Eriko Porto, For more than 16 years Eriko has been working in the roll-out of network infrastructures across various continents. Eriko has worked for RedCLARA from 2004 to 2010, leading the network implementation, and successfully establishing the network infrastructure for research and education, within the Latin American region and towards Europe. From 2010 to 2016 Eriko has successfully developed the R&E network for the Caribbean region – C@ribNET. Eriko delivered the strategic planning and the implementation of the supporting regional network infrastructure; leaded the teams of network engineering and operations; and provided guidance and support for the development of the embryonic NRENs in the Caribbean region. Eriko has also worked as a Professor of Computer Networks related courses for universities in Brazil, and as Instructor on several workshops developed and delivered to the R&E community.At present Eriko is a consultant for Information Technology and Security, working with ASREN – The Arab States Research and Education Network – based in Rio de Janeiro, Brazil.
  • Edilson Lima, security manager at CAIS, security team (CSIRT) of the Brazilian Education and Research Network - RNP. With 17 years of experience in the security area, he led several projects and teams in companies in the financial, teaching and research sectors.
  • Emilio Nakamura is the CISO at RNP with more than 23 years of experience in information security and privacy. M.Sc., CISSP, CISSP-ISSAP, ISSMP Executive MBA. Author of network security books and national and international papers in risk management, network security, privacy, security management, access control, IoT security and blockchain.
  • Roderick Mooi joined GÉANT in 2021 as an Information Security Officer focused on DDoS mitigation and cyber threat intelligence. Prior to this he had various roles in the research and education sector including the establishment of the South African NREN Computer Security Incident Response Team (SA NREN CSIRT). Roderick is keen to support collaboration between GÉANT, R&E stakeholders and the broader community.
Programme outline

The training program consists of a number of live online, instructor-led sessions covering a wide range of subjects (sub-modules) on:

  • Module 1: Information Security Fundamentals, 24 May - 9 June 2021, Online
  • Module 2: Internet Security, 5 - 21 July 2021, Online
  • Module 3: Computer Security, 6 - 22 September 2021, Online
  • Module 4: IT Security Management, 14 - 30 March 2022, Online