Cybersecurity Summer BootCamp - Topics

The Cybersecurity Summer BootCamp program offers cutting-edge training in cybersecurity, with up-to-date programs taught by professionals specialized in different topics.

You can check below the syllabus of each target audience.

This training is focused on technical staff working in a national CERT/CSIRT.

These people can receive one of the following trainings:

 

Level 1

  • Creation of a CSIRT (5 h)
  • Legal aspects and cooperation (5 h)
  • Operations (10 h)
  • Threat analysis (10h)
  • Introduction to forensics analysis (10 h)

Total: 40 hours

 

Level 2

  • Cybersecurity intelligence for CSIRT (40 h)

Total: 40 hours

 

Carnegie Mellon: Creating/Managing a Computer Security Incident Response Team (CSIRT)

As a new feature, within the Cybersecurity Summer BootCamp 2019, there will be a course instructed by staff from the CERT® Division at Carnegie Mellon University's Software Engineering Institute. It is designed for current and future managers of computer security incident response teams (CSIRTs). This training is just available in English.

The course provides a high-level overview of the key issues and decisions that must be addressed in establishing a CSIRT. As part of the course, attendees will develop an action plan that can be used as a starting point in planning and implementing their CSIRT. It also provides CSIRT managers a pragmatic view of the issues that they will face in operating an effective team.

Attendees will gain insight into the work that CSIRT staff may be expected to handle. The course also provides prospective or current CSIRT managers with an overview of the incident handling process and the types of tools and infrastructure needed to be effective. Technical issues are discussed from a management perspective.

The course incorporates interactive instruction, exercises, and role playing. During a simulated incident, attendees will gain experience with the type of decisions they might face on a regular basis.

Topics:

  • Incident management process
  • Hiring and mentoring CSIRT staff
  • Developing CSIRT policies and procedures
  • Requirements for developing CSIRT services
  • Handling media issues
  • Building and managing the CSIRT infrastructure
  • Coordinating response
  • Handling major events
  • Working with law enforcement
  • Evaluating CSIRT operations
  • Incident management capability metrics

Total: 40 hours

This training is aimed at people working in law enforcement authorities that fight against cybercrime.

These people can receive one of the following trainings:

 

Level 1

  • Introduction and general concepts (Internet Architecture, Operating Systems, Cybersecurity) (10 h)
  • Cyber Crime Investigations (10 h)
  • DFIR in Windows and in the Cloud (10 h)
  • Deep web & OSINT Introduction (10 h)

Total: 40 hours

 

Level 2

  • Cyber Security Intelligence for Law Enforcement (OSINT + INTEL, Cryptocurrencies and Final Challenge (CTF))

Total: 40 hours

The training for Policy Makers has a variable duration depending on whether you choose the extended or intensive program. For the extensive, the training will have a duration like the other groups (from July 16 to 27). However, the intensive training is one week long, being possible to receive the training the first week, from July 15 to 19, or the second week from July 22 to 27. In any case, the same subjects will always be taught, but the depth in which it is taught will vary depending on the level and whether it is intensive or extensive training.

Topics Level 1:

  1. Introduction to Cybersecurity: general concepts
  2. Cybersecurity institutional organization importance: Cybersecurity Governance in Spain
  3. Configuring Security and privacy preferences: workshop
  4. Tech research in the case-law of the Supreme Court
  5. Digital evidence problems. Accidental Findings // Rights and Freedoms in a digital world. New challenges of the criminal process
  6. Technological research restrictions: Practical analysis
  7. Open source research. Technological innovation as a tool for Law Enforcement Agencies
  8. Technological research problems. Cryptocurrency tracking
  9. Illegal content on the internet: Hate crimes
  10. Cyber-crimes commission against honour
  11. Right to be forgotten on the internet: private collaboration

 

Topics Level 2:

  1. Obtaining digital evidence and international collaboration. European regulations e-privacy and e-evidence
  2. Cybersecurity governance in Spain: Regulatory update
  3. Legal liability and corporate crimes in companies that suffer security incidents: compliance
  4. Platforms responsibility for hosting illegal or false content. New Copyright Policy
  5. Impact of privacy regulation and data protection
  6. Crimes committed by drones: legal aspects for investigation and prosecution
  7. Tech research in the case-law of the Supreme Court
  8. Digital evidence problems
  9. Technological research restrictions: Practical analysis
  10. Recent case-law analysis of the CJEU (Court of Justice of the European Union) and European Court of Human Rights regarding cybercrime
  11. Open source research. Technological innovation as a tool for Law Enforcement Agencies
  12. Technological research problems. Cryptocurrency tracking
  13. Illegal content on the internet: Hate crimes
  14. Cyber-crimes commission against honour
  15. Right to be forgotten on the internet: private collaboration

Total: 30 - 40 hours, depending on whether extensive or intensive training is carried out.