cybersecurity

cybersecurity

2022 1st Run: Jan. 22

2022 2nd Run: Jul. 2

2022 3rd Run: Dec. 3

Time: 0900-1700H (3.5 hours synchronous, 4.5 hours asynchronous)

Module Fee: P9,895

This module introduces the participant to the theories, principles, frameworks, and practices in Cybersecurity. The aim of this program is to prepare and equip the learners to allow them to pursue their cybersecurity career. This foundational approach is a combination of classroom and laboratory exercises to capture the real-life scenarios of cybersecurity cases from the industry.

Module Objectives

At the end of the module, the participant will be able to:

  • Identify the terms, techniques, and methods used in developing cybersecurity plans and program.
  • Demonstrate thorough understanding of the cybersecurity knowledge.
  • Determine the right approach, techniques, methods, and tools in solving cybersecurity problems.
  • Evaluate solutions, programs, or plans to determine effectivity of cybersecurity solution.

Module Outline

  • History and Importance of Cybersecurity
  • Information Security vs IT Security
  • Defense In-Depth
  • Security Principles
  • Security Service and Security Mechanisms
  • Security Concepts in Business Case Building
  • Types of Access Controls
  • Types of Authentications

Lecturer: Justin Pineda

Justin Pineda is a Security Architect and Head of Cybersecurity for a Digital Transformation company in the Philippines where he helps build productized solutions for various clients such as cybersecurity advisory, technology build and managed security operations.

He also worked at one of the biggest Philippine conglomerates as Cybersecurity Manager where he spearheaded conglomerate-wide Security Operations Program and Policies that were implemented across various business units in the fields of real estate, bank, retail, manufacturing, media, and airline. Apart from IT Security Governance, he had notable technical stints in one of the largest beverages company in the world where he built and implemented an in-house Application Security Program for the Asia Pacific, Latin America, and Europe Regions; and a US-based Managed Security Service Provider (MSSP) as part of Security Operations Center (SOC) for more than 500 clients mostly banks and credit unions in the United States.

In the academe, he helped develop the curriculum and course content of cybersecurity courses in an IT College in the Philippines. He has also published and presented several cybersecurity research papers in local and international conferences. Some certifications he holds include Certified Information Systems Security Professional (CISSP), GIAC Web Application Penetration Tester (GWAPT), GIAC Mobile Security Analyst (GMOB) and Certified Ethical Hacker (CEH). He finished a Master in Information Systems (MIS) and BS Computer Science.

2022 1st Run: Feb. 5 & 12

2022 2nd Run: Jul. 16, 23

Time: 0900-1200H, 1300-1800H (16 total hours)

Module Fee: P12,895

This module will provide a basic understanding of IT systems and Architecture Design. A simple overview of web application components will be discussed, followed by a discussion about how these systems have evolved over time.

Once students have a basic understanding of how systems evolved they will be introduced to Micro-Services, CIA Triad, Disaster Recovery, Business Continuity, and High availability. Then cloud solutions, containerization, and virtualization will be discussed leading to a final project.

Module Outline

Topic 1: Why is it important to incorporate security controls into System Architecture

Topic 2: Understand the Stages to System Architecture

Topic 3: Understand how the CIA triad works

Topic 4: Understand Basic Security Controls for System Architecture

Topic 5: Understanding of Modern System Architecture and the use of Microservices

Topic 6: Understanding of Historic / Legacy Systems

Topic 7: Understanding of Multi-Tiered systems

Topic 8: Understanding the Cloud

Topic 9: Understanding Containers and Containerization

Lecturer: Paul "Scott" Milbury

Collaborative and highly skilled Information Security Professional. Aligns cybersecurity initiatives to business objectives to strengthen risk posture, enabling the business to grow and operate, while protecting assets. Delivers security risk assessments based on various frameworks and standards including GDPR, ISO 2700K series, HIPPA, HiTrust, and PCI. Deployed security architectures, achieving regulatory and standards-based compliance for private and public entities. Deployed multiple Security tools to reduce risks while increasing workforce productivity by 50%.

2022 1st Run: Feb. 19, 26

2022 2nd Run: Aug. 6, 13

Time: 0900-1700H (3.5 hours synchronous, 4.5 hours asynchronous)

Module Fee: P12,895

This module exposes the learner to the approaches, theories and practices in the areas of Risk Management in relation to Cybersecurity Governance. It includes the development and maintenance of policies that allows the business to establish Cybersecurity Plans that aims to ensure the security of personnel, and consequently, assures the continuity of business operations.

Module Objectives

At the end of the module, the participant will be able to:

  • Demonstrate a clear understanding of the difference between governance and management.
  • Facilitate the adoption of the Risk Management Lifecycle.
  • Adapt to the inherent connection between cybersecurity incidents and the Business Continuity or Disaster Recovery Plans.
  • Review the process used in the development of a Business Continuity and/or Disaster Recovery Plan
  • Direct the development, update or retirement of information/cyber security policies.
  • Assess the effectiveness of a Cybersecurity Plan using the above capabilities.

Module Outline

Session 1:

  • Governance and Management in Cybersecurity
  • Risk Management and Evaluation
  • Business Impact Analysis (BIA)

Session 2:

  • Incident Management (IM)
  • The Business Continuity (BCP)
  • Disaster Recovery Planning (DRP)
  • Policy Development, Maintenance and Retirement

Lecturer: Luis A. Jacinto MBA, CISA, CISM, CRISC, PIE, CPISI

Mr. Luis A. Jacinto has retired as the Chief Information Security Officer (CISO) of Rizal Commercial Banking Corporation (RCBC). He has been an Information Technology (IT) practitioner for over thirty-six (36) years, through which he gained his IT governance experience. He has concurrently spent more than twenty-eight (28) of those years, both as a training professional and as an educator.

Chito, as he is better known by his peers, is presently the Vice-President and a founding member of the Information Security Officers Group (ISOG), a Philippine-based organization of senior level information / cyber security professionals. He is also a past president of the ISACA Manila Chapter, a post to which he was elected for calendar years 2007 and 2008. He has served ISACA in various capacities since he joined the association, and presently sits in the current Board of Trustees of the Manila Chapter.

He has become a part of different professional institutions in various capacities. Aside from ISOG and ISACA, he is presently a member of the board and Corporate Secretary of the Philippine Institute of Industrial Engineers (PIIE). He was also a part of the Business Continuity Managers Association of the Philippines (BCMAP) as a member of the original forum.

During these years, Chito earned various certifications. He is a Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Professional Industrial Engineer (PIE), and Certified Payment Card Industry Security Implementer (CPISI). He also holds a Masteral degree in Business Administration (MBA).

2022 1st Run: Mar. 19, 26

2022 2nd Run: Aug. 27 & Sep. 3

Time: 1230-1930H (14 total hours)

Module Fee: P11,495

This module covers the fundamental concepts of data privacy and protection. Participants will learn through lectures and activities the concepts and requirements of Data Privacy and relevant data protection processes and techniques. The course is ideal for participants who want to embark on or increase their knowledge about Data Privacy and apply practical knowledge when they go back to their respective organizations or businesses.

Module Objectives

At the end of the module, the participant will be able to:

  • Understand the objectives of data privacy and protection.
  • Identify relevant legal provisions and regulations pertaining to privacy.
  • Apply privacy principles and measures to personal information.
  • Apply the compliance requirements of NPC on privacy through organizational, physical, process and technological controls.
  • Increase practical understanding of Data Privacy through the means of
    presentations, case studies and interactive workshop activities.

Module Outline

Session 1:

  • DPA Structure, Sections and Principles
  • Rights of Data Subjects
  • NPC Five Pillars
  • Personal Data Protection and Security

Session 2:

  • Operational Compliance
  • Privacy by Design
  • Breach Management
  • Incident Response Lifecycle

Lecturer: Jay Gomez

Jay is an experienced IT, Information Security and Data Privacy executive. He has 26 years of experience in various roles and capacities in diverse industries in the Philippines as well as in North and Central America, EMEA, and APAC regions. His experience include the following industries: Power Distribution, Graduate School of Business, IT Support Services, High-End Retail, Contact Center, Business Process Outsourcing (BPO), Media and Entertainment, Consulting and Risk Solutions. He is currently Senior Vice President – Cyber Risk at Kroll Associates (Asia) Limited, Hong Kong.

Jay is a Certified Information Security Manager (CISM), Certified Data Privacy Solutions Engineer (CDPSE), Certified Information Privacy Manager (CIPM) and lastly, a Certified DPO ACE (Level 1 & 2). He is currently a Board of Trustee in ISACA Manila and a member of the International Association of Privacy Professionals (IAPP).

2022 1st Run: Apr. 2, 23

2022 2nd Run: Sep. 17, 14

Time: 0900-1700H (14 total hours)

Module Fee: P16,895

This module introduces students to vulnerability assessment and penetration testing. Through understanding how a penetration testing work, they can more effectively protect their organization or their clients from potential cyber-attacks. In simulating the capabilities of real-world cybersecurity attackers, students can gain knowledge in this module to prepare themselves in conducting a successful penetration testing engagement. In essence, penetration testers find security holes before cybercriminals do.

Instructional Tools

Synchronous Teaching Strategies:

  • Online Lecture & Discussion

Asynchronous Teaching Strategies:

  • Information Gathering
  • Penetration Testing

Target Audience

This module is intended for:

  • Individuals who are interested in pursuing a career in Offensive Security
  • Government employees who would like to protect their online assets
  • Security professionals who would like to transition from other areas of Cybersecurity to Offensive Security

Module Objectives

At the end of the module, the participant will be able to:

  • Understand the difference between Vulnerability Assessment and Penetration Testing.
  • Understand the objectives of performing a Vulnerability Assessment and Penetration Testing.
  • Learn how to perform detailed reconnaissance using different tools to build a technical understanding of the target environment.
  • Analyze the results or output of tools and to remove false positive findings.
  • Manually discover security vulnerabilities and perform exploitation.
  • Evaluate the impact and risks of identified security vulnerabilities.
  • Learn how to properly write a technical report.

Module Outline

Session 1:

  • Introduction to VAPT
  • Penetration Testing Phases
  • Information Gathering

Session 2:

  • Common Website Vulnerabilities
  • Different Penetration Testing Tools
  • Penetration Testing
  • Offensive Security Certifications

Lecturer: Allan Jay Dumanhug

AJ is the co-founder of a cybersecurity startup in the Philippines where he helps organizations in protecting their applications by performing penetration tests. He is a Certified Ethical Hacking (CEH), Certified Security Analyst (ECSA), Certified Offensive Security Professional (OSCP), Certified Red Team Professional (CRTP), Certified Red Team Expert (CRTE), and lastly an Offensive Security Web Expert (OSWE).

He also taught Web Application Penetration Testing courses at the University of the Phillippines System IT Foundation and Adamson University Continuing Professional Development Department. He is currently finishing his Master's degree in Cybersecurity at the Holy Angel University in Angeles, Pampanga.

During his free time, he actively participates in various capture the flag (CTF) competitions locally and online with hackstreetboys, a professional and competitive cybersecurity group. Last 2019, AJ with Ameer and Nathu from hackstreetboys, won the ROOTCON Capture the Flag competition. In 2020, AJ and Ameer finished 3rd place in the HackTheBox's 12-hour Battle Ground 2v2 tournament.

Aside from CTFs, he is also actively participating in various bug bounty programs. In 2020, he was invited to participate in a private live hacking event organized Facebook Security Team. He finished 7th place out of hundreds of invited cybersecurity professionals from different countries after reporting multiple vulnerabilities that could lead to security and privacy issues.

2022 1st Run: May 14, 21

2022 2nd Run: Oct. 8, 15

Time: 14 total hours

Module Fee: P16,895

This diploma program introduces the learner to the theories, practices, processes, and techniques used in Cybersecurity Defense (Blue Team). The aim of this program is to prepare and equip the learners to allow them to specialize in the field in Cybersecurity Defense (Blue Team).  This introductory approach is a combination of classroom and laboratory exercises to capture the real-life scenarios of incidents and breaches from the industry. 

Module Objectives

At the end of the module, the participant will be able to:

  • Understand different network and host security implementations
  • Apply techniques and tools in analyzing security incidents
  • Explain the findings and analysis to different stakeholders

Module Outline

Session 1: Host Security

  • Device Monitoring
  • Discovery and Vulnerability Scanning
  • HIDS/HIPS/Endpoint Firewalls
  • Patching & Secure Baseline Configurations

Session 2: Network Security

  • Discovery and Vulnerability Scanning
  • NIDS/NIPS/NGFW
  • Network Data Encryption
  • Network Security Monitoring Tools

Lecturer: Paolo Pedro C. Martinez  MSEM, CISSP, CHFI, CIH, AWS CCP, ITIL4

Paolo graduated with a Bachelor of Science in Computer Engineering and Master of Science in Engineering Management (Risk and Reliability Management) in Mapua University, a premier Engineering and Technological School in the Philippines.

His professional experience focused on Leading Security Operations, Digital Forensics and Incident Response, CyberInvestigation, Litigation, and Cyber security Transformation on multiple multinational and global organizations; handled different position such as Senior Consultant, Director, and Principal. He is a current Senior Assistant Vice President and Head of IT Security Operations of a universal bank.

Paolo was certified on various information security certifications such as Certified Information Systems Security Professional (CISSP), Certified Incident Handler (CIH), and Certified Hacking and Forensics Investigator (CHFI). Also, is certified in IT Service Management (ITIL) and cloud technology (AWS Certified Cloud Professional). He is also one of the Scientific and Technological Specialists in the Philippines that was awarded by the Department of Science and Technology.

2022 1st Run: May 28

2022 2nd Run: Oct. 29

Time: 0800-1600H (4.5 hours synchronous, 2.5 hours asynchronous)

Module Fee: P9,895

This certification program exposes the learner to the approaches, theories and practices in the areas of managing and implementing Education, Awareness, and Training in the field of information/cyber security. It focuses on determining the needs as well as particular content to be included in materials to be prepared. As a consequence, this allows the development of the specific approach in providing knowledge or skill, or both, to target participants. The differences and similarities of education, awareness and training will be established, thus cultivating the ability to develop the syllabus, based on the different role requirements of their target participants.

Module Objectives

At the end of the module, the participant will be able to:

  • Demonstrate a clear understanding of the differences among education, awareness and training
  • Facilitate the identification of learning and development requirements of target personnel
  • Adapt education, awareness and training toward achieving the strategic goals of effective information security implementation in the work area

Module Outline

  • Information/Cyber Security Education, Awareness and Training
  • The application: Engage, Equip, Empower
  • Learning and Development Analysis
  • The Information Security Education, Awareness and Training (ISEAT) Program

Lecturer: Luis A. Jacinto MBA, CISA, CISM, CRISC, PIE, CPISI

Mr. Luis A. Jacinto has retired as the Chief Information Security Officer (CISO) of Rizal Commercial Banking Corporation (RCBC). He has been an Information Technology (IT) practitioner for over thirty-six (36) years, through which he gained his IT governance experience. He has concurrently spent more than twenty-eight (28) of those years, both as a training professional and as an educator.

Chito, as he is better known by his peers, is presently the Vice-President and a founding member of the Information Security Officers Group (ISOG), a Philippine-based organization of senior level information / cyber security professionals. He is also a past president of the ISACA Manila Chapter, a post to which he was elected for calendar years 2007 and 2008. He has served ISACA in various capacities since he joined the association, and presently sits in the current Board of Trustees of the Manila Chapter.

He has become a part of different professional institutions in various capacities. Aside from ISOG and ISACA, he is presently a member of the board and Corporate Secretary of the Philippine Institute of Industrial Engineers (PIIE). He was also a part of the Business Continuity Managers Association of the Philippines (BCMAP) as a member of the original forum.

During these years, Chito earned various certifications. He is a Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Professional Industrial Engineer (PIE), and Certified Payment Card Industry Security Implementer (CPISI). He also holds a Masteral degree in Business Administration (MBA).

2022 1st Run: Jun. 11, 18

2022 2nd Run: Nov. 12, 19

Time: 1230-2030H (16 total hours)

Module Fee: P12,895

This program provide its participants with an overview and initial understanding of what is Security Operations and equip its participants with the knowledge on particular activities in a Security Operations Center (SOC), such as defining and handling security threats, the use of various SOC tools, and other pertinent information on different workstreams.

Module Objectives

At the end of the module, the participant will be able to:

  • Understand the concept, importance, and features of a Security Operations Center.
  • Examine how incident lifecycle management fits into the overall SOC process.
  • Analyze the people, process, and technology aspect of SOC and be able to define best practices and each of these pillars.
  • Evaluate common security incidents in the industry.
  • Formulate use cases to cater to different security incident scenarios and be able to articulate how each of these use case can streamline operational and tactical efforts in the organization.

Module Outline

Session 1:

  • Security Threats 101
  • What is Security Operations Center (SOC)?
  • Cybersecurity Kill Chain & Defensible Matrix
  • Incident Lifecycle, Service Value Chain and Continual Improvement

Session 2:

  • SOC Tools
  • Phishing/Email Security
  • Web Application Firewall (WAF)
  • Data Loss Prevention (DLP)
  • USB/Tools Health/File Permission and File Integrity Monitoring

Lecturer: John Panes

John is currently a Cyberdefense Operations manager handling various security workstreams of 60+ security consultants and analysts. He liaises with global security leaders to ensure that the organization is protected from targeted attacks as well as continuously upscale security tools and processes through automation and orchestration initiatives. He has a demonstrated history of performing Technical Vulnerability Management, Threat Modelling, Security by Design, Social Engineering, Gap Analysis, Policy Mapping, Risk Management, Cybersecurity Strategy Implementation, and Information Security Assessment. He also has extensive understanding and meaningful hands-on experience on various international standards and security frameworks. John was also internationally deployed onsite and managed security teams across Singapore, Poland, USA, Malaysia, Philippines, and India.

He is a certified:

  • ITILv4 Service Management Practitioner
  • Microsoft Technology Associate (MTA)

executive diploma program in cybersecurity

This diploma program introduces the learner to the theories, principles, frameworks, and practices in Cybersecurity. The aim of this program is to prepare and equip the learners to allow them to pursue their cybersecurity career. This foundational approach is a combination of classroom and laboratory exercises to capture the real-life scenarios of cybersecurity cases from the industry.

specialized cybersecurity short course

REGISTER HERE

2021 1st Run: Apr. 17, 24

2021 2nd Run: Oct. 16, 23

2022 1st Run: Jun. 11, 18

2021 2nd Run: Nov. 12, 19

Time: 0900-1700H (5 hours synchronous, 11 hours asynchronous)

Module Fee: P12,895

This certification program introduces the learner to the theories, practices, processes and techniques used in Digital Forensics and Incident Response (DFIR). The aim of this program is to prepare and equip the learners to allow them to specialize in the field in DFIR. This introductory approach is a combination of classroom and laboratory exercises to capture the real-life scenarios of incidents and breaches from the industry.

Module Objectives

At the end of the module, the participant will be able to:

  • Respond to incidents and collaborate with different stakeholders
  • Contain, eradicate and recover from incidents
  • Conduct Incident Response tabletop exercises within their own organization
  • Understand the chain of custody and common forensic artifacts
  • Collecting and analyzing forensic artifacts to be able to provide Iindicators of compromise for Security Operations monitoring
  • Relate and consider the legal requirements and compliance related to the DFIR

Module Outline

Session 1:

  • DFIR Ethics, Legal, and Compliance
  • Incident Response
  • Cyber Kill Chain & MITRE ATT&CK
  • Containment and Eradication
  • Common Pitfalls of implementing IR
  • Cybercrime

Session 2:

  • Digital Forensics
  • Memory and Storage Media
  • Forensic Acquisition
  • Data Storage Recovery and Analysis
  • Memory Acquisition
  • Memory Recovery and Analysis

Lecturer: Bryant Cabantac

An experienced information security professional working in a top managed security services provider that has helped different industries secure their infrastructure - from banking, utilities, energy, education and telecommunications. A graduate of Royal Holloway University of London, with distinction honours and a specialization in Digital Forensics. Currently holds professional certifications from ISC2, SANS GIAC, and ISACA which are CISSP, GCIH, GCFA, GNFA, CISM, and CISA.

for inquiries

Look for: Jhune Tavera

4/F School of Design and Arts (SDA) Campus
950 Pablo Ocampo Street, Malate, Manila, Philippines
✆  (+63) 8230-5100 local 3802, 
(+63) 8400-5425, (+63) 8400-7405
✉  space@benilde.edu.ph

Do you need help?