Cybersecurity & Data Protection Consulting

Protect your business and manage risk with ISAAA® Certified Data Protection Officers (CDPO)

CONTACT US

To protect your business and manage your risk, kindly fill the form and submit.

*We shall get in touch with shortly.

About ISAAA®

ISAAA is a consortium of Information Security Professionals, with the common objective of providing our shared expertise and consulting on data protection, IT audit, cybersecurity, business continuity and compliance to IT Laws globally.

ISAAA (acronym for Information Security Audit & Assurance), is set up 2013. We at ISAAA recognize that all businesses face countless cyber security & compliance issues. ISAAA is dedicated to providing high caliber Professionals to manage your data security risks, strengthen your cybersecurity and provide you Professional Services who can manage personal data security, privacy protection and compliances with GDPR, Privacy Laws, PCI DSS, ISO 27001, HIPPA and other standards and frameworks.

Vision & Mission

The primary objective of the ISAAA is to provide the consulting services of Leaders in the field of Information Security to organizations worldwide.

Our Vision is to become a center of excellence for Cyber Security, Data Protection, IT Audit and Risk Advisory Services.

Our mission is to protect organization from data breaches and protection of their information assets by empowering businesses with the cutting-edge skills and experiences of Security Audit & Assurance Professionals, catering to all facets of Technology & Cyber Security.

Information Security Staffing
Courses

The CDPO training is based around Information Security and Personal Data Protection Laws, GDPR (General Data Protection Regulations of Europe). This training provides the participant with the opportunity to develop the expertise needed to support an organization or provide Leadership in implementing and managing Information Security Management Systems and Personal Data Protection Management Systems.

Course Objectives

  • Understanding the application of an Information Security & Privacy Protection Management Systems
  • Mastering the concepts, approaches, standards, methods and techniques allowing effective management of a Data Protection Management System.
  • Understanding the relationship between an Information Security Management System & Data Protection Laws, including Risk Management and controls and compliance with the requirements of different stakeholders of the organization
  • Acquiring expertise to support an organization in implementing, managing and maintaining Personal Data Protection Management System & GDPR based on International Standards.
  • Acquiring the expertise necessary to manage a team in implementing the Data protection and information security standards
  • Developing personal skills and knowledge required to advise organizations on best practices in management of information security
  • Improving the capacity for analysis and decision making in a context of personal data protection and information security management.
  • Be a champion in managing a full life cycle of implementation of Information Security and Personal Data Protection including GDPR.
  • Internal Compliance Audit

Product Type: Classroom Training

Level: Masters

Duration: 20 days (over a period of 2 months adapted for working professionals)

Language: English

Delivery Format: Classroom

Course Fee & Details: On Request

Course Contents:

  • Introduction to Management Systems and the Continually Improving Approach.
  • Detailed Presentation of ISO standards like 27001, 27002, 27005 & British Standards
  • Fundamental principles of GDPR & Personal Data Protection (PDP)
  • Preliminary analysis and determining the level of maturity of the existing Information Security Management System (ISMS)
  • Defining the scope of the PDP & ISMS
  • Top Level Policy & Leadership Requirements
  • Establishment of the Security Governance Framework
  • Role of Data Protection Officer & Chief Information Security officer
  • Definition of roles & responsibilities
  • Identifying Information Assets and Classifying Assets
  • Data Inventory & Data Flow
  • Asset management and Asset valuation
  • Drafting of Risk Assessment framework and performing Risk Assessments
  • Impact Assessment & Risk management according to ISO/IEC 27005:2008: identification, analysis and treatment of risk based on security parameters
  • Identifying Sensitive and Special Categories of Personal Information
  • Drafting of Risk Assessment framework and performing Risk Assessments
  • Drafting of the Security Policies
  • Day to day responsibilities of for compliance to Data Privacy Laws.
  • Operations management of Information Security and Privacy Protection
  • Development of metrics, performance indicators and the dashboard
  • Implementation of a continuous improvement program
  • Control of Documented Information
  • Selecting Controls based in Impact Assessments and Risk Appetite
  • Development of a training & awareness program and communication around the information security
  • Incident Management & Change Management
  • Business Continuity and continuity plans
  • Monitoring controls and the management of records
  • Embedding Data Protection & Information Security is the Organisation Culture
  • Conducting an Internal Audit
  • Management review meeting
  • Preparing for the Certification Audit

Audience

  • IT Graduates planning a career in Information Security & Data Protection
  • Network / Cyber Security Personnel
  • Security Analysts & SOC Operators
  • IT Project Managers
  • Software Professionals
  • IT Security Auditors who wants to master the Information Security Management System implementation process
  • Persons responsible for the Information Security or Compliance in an organization
  • Member of the information security team
  • Expert advisors in information technology
  • Technical experts wanting to prepare for an information security career or for an DPMS project management function
  • Students preparing for a career in Information Security Audit and Assurance.
  • Quality Standards Professionals
  • Any Professional degree (including MBA) and who has the flair for processes and who wants to take up Information Security Management as a Career

APPLY NOW

ISACA CISA Certified Information Systems Auditor Series provides the student with the knowledge and proficiency to prepare for the globally recognized CISA certification exam. The CISA certification has become very popular since it originated in 1978, and is a benchmark for IS audit, security, control, and assurance personnel to validate their skill set. This course will immerse the student into the subject, with in-depth coverage of the information covering the five domains that make up the "Body of Knowledge" for the CISA exam and will provide the student the tools to build their technical skills to develop, manage, and perform IT security audits.

Product Type: eLearning

Level: Advanced

Access Duration: One Year

Prerequisites: This course assumes the user has some experience with computer hardware, software, and understands the concept of a computer network.

Language: English(en-US)

Delivery Format: eLearning. Delivered using ISAAA eLearning Platform
You will receive your user credentials within 24 hours of receipt of payment.

Course Fee : Rs.3000.00

Course Outline :

  • Manage Audit Function
  • Audit and Assurance Standards
  • ITAF Standards
  • Risk Analysis
  • Internal Controls
  • Performing an Audit Part 1
  • Performing an Audit Part 2
  • Control Self-Assessment
  • Evolving the Audit Process
  • Introduction to Governance
  • IT Governance
  • Strategy and Models
  • IT Investment and Allocation
  • Policies and Procedures
  • Risk Management
  • IS Management Practices
  • IS Structure and Responsibilities
  • Auditing IT Governance
  • Business Continuity Planning
  • Buisness Realization
  • Project Management Structure
  • Project Management Practices
  • Business Application Development
  • Business Applications Systems
  • Alternative Forms of Software Project Organization
  • Data-Oriented System Development
  • Infrastructure Acquistion Practices
  • Information Systems Maintenance Practices
  • System Development Tools and Productivity
  • Process Reengineering
  • Application Controls
  • Auditing Application Controls
  • Auditing Systems Dev Acquisition and Maintenance
  • Information Systems Operations
  • Information Systems Hardware
  • IS Architecture and Software
  • Network Infrastructure
  • LANs and WANs
  • Disaster Recovery Planning
  • Importance of Information Security
  • Logical Access
  • Network Infrastructure Security
  • Auditing Info Sec Management Framework
  • Auditing Network Infrastructure Security
  • Environmental Exposure and Physical Access

Target Audience : Developers and IT Professionals preparing for CISA exams

APPLY NOW

The ISACA CISM certification program is developed specifically for experienced information security managers and those who have information security management responsibilities. CISM is globally recognized as the leading credential for information security managers. Our CISM Certified Information Security Manager course provides the student with the knowledge and proficiency to prepare for the globally recognized CISM certification exam. The CISM certification combines the achievement of passing a comprehensive exam with recognition of work, management and educational experience, providing you with greater credibility in the marketplace. This course will immerse the student into the subject, with in-depth coverage of the information covering the four domains that make up the "Body of Knowledge" for the CISM exam and will provide the student the tools to build their technical skills to manage, design, oversee and assess an enterprise's information security.

Product Specification

Product Type: eLearning

Access Duration: One year from date of order

Prerequisites: This course assumes the user has some experience with computer hardware, software, and understands the concept of a computer network.

Language: English (en-US)

Delivery Format: eLearning. Delivered using ISAAA eLearning Platform.
You will receive your user credentials within 24 hours of receipt of payment.

Course Fee & Details: Rs.2400.00

Course Outline :

  • Overview
  • Information Security Governance
  • Information Security Concepts
  • Information Security Manager
  • Scope of Governance
  • Governance Metrics
  • Information Security Strategy
  • State of Security
  • Information Security Development
  • Strategy Resources
  • Strategy Constraints
  • Plan to Implement
  • Risk Management Overview
  • Information Security Risk Management
  • Information Security Management Concepts
  • Risk Management Framework
  • Risk Assessment
  • Controls and Countermeasures
  • Recovery Point Objectives
  • Develop Information Security Program
  • Technology Resources
  • Info Sec Management Scope and Charter
  • Info Sec Management Framework
  • Framework Concepts
  • Program Resources Part 1
  • Program Resources Part 2
  • Implementing an Info Sec Program
  • Info Sec Architecture
  • Info Sec Program Metrics
  • Info Sec Activities
  • Incident Management Overview
  • Incident Response Procedures
  • Incident Management Organization
  • Incident Management Resources
  • Incident Management Objectives
  • Incident Management Metrics and Indicators
  • Current State of Response Capability
  • Developing an Incident Response Plan
  • Recovery Options
  • Testing Response and Recovery Plans
  • Executing the Plan

Target Audience : Developers and IT Professionals

APPLY NOW

This course is part of a series covering the ISC(2) Certified Information Systems Security Professional or CISSP. It covers risk management and authentication. It will look at risk from a negative perspective or the likelihood of something bad happening. Topics covered will be plans, programs and infrastructure providing the foundation for all other domains including access control, validating, and verifying the use of resources. Access control is the heartbeat of information security. This course will talk about role access, layers of access, control characteristics, administrative controls and technical access. It will also cover architecture computer security concepts. Operations security is where all the theory and policies are put into action. Topics in this course will include administration responsibilities, redundancy and fault tolerance, and threats to operations. Also, an overview of cryptography and how it can be used in something like access will be discussed. It will cover symmetric and asymmetric cryptography and their history will be covered along with topics like Public key infrastructure, and various attacks. Also network and communication security will be discussed with topics including: network topologies, cabling and finally end with looking at network solutions. This course will discuss protocols and structures of communications transmitted across networks. OSI hierarchy and the devices that manage communications and how to protect them. It will cover ports, services and switches and how they must be secured and network based attacks to be prepared for. This course will discuss protocols and structures of communications transmitted across networks. OSI hierarchy and the devices that manage communications and how to protect them. Malicious software exists in many forms. This course will cover many types of malware including worms, Trojans, viruses along with rootkits and back-doors. It then will cover business continuity, hot and cold sites, redundancy, and backups. It will look at specifics of how to recover from disasters and and how it ties into risk management. It covers incident management, types of laws and computer crimes and how to handle evidence, physical security and how to integrate with information security. Finally, this course covers security fundamentals, risk management, threat modeling. governance, compliance, ethics, policies, and personnel security. When complete you'll have a comprehensive understanding of how security integrates with all of these key areas of knowledge.

Product Specification

Product Type: eLearning

Access Duration: One year from date of order

Prerequisites: This course assumes the user has some experience with computer hardware, software, and understands the concept of a computer network.

Language: English (en-US)

Delivery Format: eLearning. Delivered using ISAAA eLearning Platform.
You will receive your user credentials within 24 hours of receipt of payment.

Course Fee : Rs.5400.00

Course Outline :

  • Risk Definitions
  • Risk Management
  • Risk Assessment
  • Responding to Risk
  • Understanding Security
  • Security Controls
  • Roles and Responsibilities
  • Human Resources
  • Access Control Methodology
  • Biometrics and Passwords
  • Single Sign-on
  • Intrusion Detection Systems
  • Access Control Types
  • More Access Control Types
  • Information Classification
  • Access Control Models
  • Trusted Computing Base
  • Protection Mechanisms
  • Security Models
  • Evaluation Criteria
  • Admin Responsibilities
  • Redundancy and Fault Tolerance
  • Operational Issues
  • Threats to Operations
  • Cryptography Terms
  • Historical Uses of Cryptography
  • Cryptography Foundations
  • Modern Cryptography
  • Symmetric Algorithms
  • Asymmetric Cryptography
  • Public Key Infrastructure
  • Cryptography and Attacks
  • Network Communications Security
  • Network Topologies
  • Network Technologies and Cabling
  • OSI Model
  • Network Devices
  • Network Security Sentries
  • Protocols and Services
  • Telephony
  • VPN
  • Wireless
  • Network-Based Attacks
  • Security Architecture
  • Architectural Models
  • Components and Threats
  • Software Security Concerns
  • Software Lifecycle Process
  • Web Application Security
  • Database Models
  • Software Development
  • Malware Attacks
  • Project Initiation
  • Business Impact Analysis
  • Disaster Preparation
  • Development Plan
  • Emergency Response
  • Incident Management
  • Law
  • Computer Crime
  • Evidence Handling
  • Physical Security
  • Security and Risk Management
  • Asset Security
  • Security Engineering
  • Communication and Network Security
  • Identity and Access Management
  • Security Assessment Testing
  • Security Operations
  • Software Development Security

Target Audience : Developers and IT Professionals

APPLY NOW

This course will explore types of security threats, both digital and physical. It will start off with an overview, look at types of threats, social engineering and identity theft. The course will continue by exploring types of security threats, both digital and physical. It starts with protecting digital information and then discusses types of malware such as viruses, worms, trojans and phishing as well as software detection and finishes with file extensions.

Product Type: eLearning

Level: Awareness

Access Duration: One year from date of order

Prerequisites: none

Language: English (en-US)

Delivery Format: eLearning. Delivered using ISAAA eLearning Platform.
You will receive your user credentials within 24 hours of receipt of payment.

Course Fee : Rs.1500.00

Course Outline :

  • Overview
  • Types of Threats
  • Social Engineering
  • Social Engineering Defense
  • Social Engineering Precautions
  • Identify Theft
  • Identify Theft Defense
  • Identify Theft Actions
  • Protecting Digital Information
  • Password Management
  • Malware Definitions
  • Malware Infections
  • Malware Detection
  • File Extensions

Target Audience : IT Professionals and Office users

APPLY NOW

This series covers everything you need to know becoming a Certified Virtualization Security Expert. Students will learn about routing and the security design of VMware, Remote DataStore security, Penetration Testing 101, information gathering, scanning and enumeration, penetration testing and the tools of the trade, DMZ virtualization and common attack vectors, hardening your ESX server, hardening your ESXi server, hardening your vCenter server, and 3rd party mitigation tools.

Product Type: eLearning

Level: Awareness

Access Duration: One year from date of order

Prerequisites: This course assumes the user has some experience with computer hardware, software, and understands the concept of a computer network.

Language: English (en-US)

Delivery Format: eLearning. Delivered using ISAAA eLearning Platform.
You will receive your user credentials within 24 hours of receipt of payment.

Course Fee : Rs.3750.00

Course Outline :

  • Introduction to Networking
  • Virtual Network Security
  • Remote Access
  • Linux
  • The Virtualization Layer
  • Page Sharing and Isolation
  • Virtual Switches and Ports
  • Remote Data Store Security
  • Exploits and Malware
  • Penetration Testing
  • Footprinting
  • Port Scanning
  • Enumeration
  • Vulnerability Scanners
  • Password Cracking
  • Pen Testing Tools
  • Virtualized DMZ
  • Common Attack Vectors
  • Hardening VMs
  • Verify File Permissions
  • Configure Service Console and Firewall
  • Service Console
  • Control Access
  • Control Access Part 2
  • Configure ESX
  • Hardening an ESXi Server
  • Hardening VirtualCenter
  • Hardening VirtualCenter Demo
  • Hardening Virtual Center Demo Part 2
  • Third Party Mitigation Tools

Target Audience : Developers and IT Professionals

APPLY NOW

Cybersecurity overview course enables you to understand various terms in cyberspace, such as cyber risks, threats, vulnerabilities, risk management, and so on. It reviews the impact of several cybercrimes committed over the past few years citing relevant real life case studies and examples.
The course emphasizes on the importance of cybersecurity and provides guidance to senior top management as well as employees on the steps to adopt cybersecurity for an organization. Along with understanding the cybersecurity lifecycle, the course identifies industry standard frameworks and best practices that help an organization to achieve a robust and mature cybersecurity posture.

Product Type: Classroom

Level: Professional

Duration: 1 Day

Language: English (en-US)

Delivery Format: Classroom + Courseware

Fee & Details: Rs.5250 per delegate (Above 5 delegates per organisation, discounted fee applicable)

Learning Objectives

  • Understand cyber risks, threats, vulnerabilities, and risk management.
  • Understand the impact of cybercrimes with relevant real life case studies/examples.
  • Understand what is cybersecurity and its relationship with IT Security.
  • Understand what boards of organizations need to ask and consider for adopting or strengthening cybersecurity in their organizations.
  • Understand the cybersecurity strategy lifecycle.
  • Identify industry standard frameworks and best practices that help an organization to achieve a robust and mature cybersecurity posture.
  • Understand why cybersecurity is not enough today and the necessity of adopting cyber resilience.

Course Outline

Cyber Crimes: Concept, Impact and Examples

  • Basic terminologies
  • Definition of cybercrimes
  • What is Crimeware?
  • Cybercrimes: Main actors and their motives
  • Why do cybercrimes occur?
  • When, and where, and how do cybercrimes occur?
  • Who are targeted by cybercrimes?
  • How do cybercrimes occur? Anatomy of cyberattacks
  • Elements involved in a typical cybercrime breach
  • Consequences of cybercrimes
  • Real life impacts of cybercrimes with case studies

Cybersecurity in focus

  • Cybersecurity definition
  • Benefits of Cybersecurity
  • Cyber Security considerations for management
  • What the Board-of-Directors needs to ask and consider
  • Cybersecurity lifecycle
  • Cybersecurity frameworks
  • NIST Cybersecurity Framework (CSF)
  • ISO 27001 Cybersecurity Framework
  • ISO 27032 Cybersecurity Framework
  • COBIT 5
  • Cybersecurity best practices and tips for employers and employees
  • Cybersecurity vs. Cyber Resilience

Target Audience

The Cybersecurity Overview course is related to the Cybersecurity Foundation course and is developed to help business leaders and IT professionals understand and plan the adoption of NIST CyberSecurity Framework. For example:

  • CEO, CIO, CISO and other top management executives
  • Relevant administrators and IT managers
  • All employees and individuals of an organization, especially those that are working in the cloud or cyberspace environment

Course Agenda :

Day 1

  • CyberCrimes - Concept, Impact, and Examples
  • Cybersecurity in focus

APPLY NOW

Training Registration
1. Courses
Browse through our courses
2. Register
Register and pay (on isaaa.net)
3. Get access
We give you access to ISAAA eLearning Portal
4. Start learning
You get one years access. Enjoy your eLearning Program.

Joe Bastian

Chief Information Security Officer

CISA, CISM, CRISC (ISACA USA)

A business focused, technology driven Entrepreneur with extensive experience of 30+ years in the areas of Information Security, Digital Transformation, Stakeholder Engagement and Leadership. Joe Bastian is an Information Security, Privacy Protection & System Auditor by profession who has been in the forefront of Information Technology in India and abroad.

His notable contribution to the world’s largest franchisee retailer MH Alshaya Retail Kuwait (52000+ staff and US$ 5.2 billion in sales) is the setting up and Heading their Information Security Department in Kuwait to manage their data protection and cyber security. ISO 27001 & PCI DSS Certifications for Alshaya and managing it for 8 years gave immense stakeholder benefits and brought cultural changes within the organization. Other senior positions he has held includes Head of IT for Galfar Engineering in Qatar, Head of IT (India) for Alshaya Kuwait. ISO 27001 Certifications for PWC Logistics in Kuwait, Rane Madras in Chennai were under his leadership and expertise.

Zigma Consultants Pvt. Ltd, he co-founded in 1999, has till date placed 10000+ Indians abroad, directly influencing over 50000 of their family members attain great living standards, financial stability, and our endeavor continues in a selfless, transparent and professional manner.

He is currently the Chairman & Executive Director of Zigma Consultants Pvt Ltd., CEO of Mariba Techno Ventures Pvt. Ltd, promoting multiple ventures, and Director of Infodit Cyber Security Labs Pvt. Ltd. focusing on Data Protection.

  • Program Management of Information Security & Data Protection initiatives across geographies
  • Define IT Security & Technology strategies; Provide management directions & roadmap
  • Implement / Certify Information Security Management
  • Systems (ISMS) based on ISO 27001:2013
  • Implement Credit Card security standards based on PCI DSS
  • Personal Data Protection Management Systems
  • Identify Process & Control weakness across IT Functions and providing remediation.
  • Perform External / Internal Audits on IT General Controls and Compliance Audits
  • Define and Develop IT Policies & Procedures and design the control requirements framework.
  • Business Impact Assessment across IT Systems and Processes and Risk Mitigation Advisory
  • Design and implemented IT Continuity Plans based on Impact Assessments
  • Advisory on IT Support and Operations Process Maturity roadmap.

  • Certified Information Systems Auditor (CISA), ISACA - USA , 2004
  • Certified Information Security Manager (CISM), ISACA, 2007
  • Certified in Risk and Information Systems Control (CRISC), ISACA
  • Certified Lead Auditor – ISO27001:2013
  • Certified Lead Implementer of ISO 27001
  • Lead Auditor of BS 25999 (Business Continuity)
  • Certified Payment Card Industry Security Implementer (CPISI)
  • Certified Implementer of Personal Data Protection & GDPR

Awards & Recognitions

He is winner of CIO award 2018 in Doha, Qatar for his work on Digital Transformation at Galfar AlMisnad Engineering

UAE Emirates Award for highest scorer in CISM exam in Middle East conducted by ISACA USA, 2007

His Professional Affiliations:

Managing Committee Member of Computer Society of India - Cochin Chapter
Member of ISACA, USA
Life member of Indian Society for Technical Education
Member of BNI (Business Network International).
Member of TiE
Alumnus of BMS College of Engineering in Bangalore.

ISAAA

Our Program Director, a veteran in this industry, committed to the highest of ethical standards and professionalism.

PHONE

+91 8129314119

E-MAIL

partner@isaaa.net

To Know More About Our Courses

Great opportunity to get trained on Information Security and jump start a great career.