Telecoms Cyber Security Certification

Program Overview

Overview: 
 

The Cyber Security for Telecoms program is our newest and most popular program. This course provide telecoms professinals with the opportunity to learn about the latest risks and containment approaches focused specifically on the fraud and security risks unique to the telecoms industry.

While there are dozens of programs which aim to help I/T and Security teams deal with the cyber attacks aimed at accounting, operational and office systems, none of these teachers or programs understand or appreciate the very real and very severe risks that these attacks represent to the telecom.

 

 

This program is designed to provide internal audit, revenue assurance, security, fraud, I/T and other risk management professionals with an exhaustive review of the many different cyber attack vectors emerging daily, and examines them against the risk telecoms face as;

- The providers of internet services to consumers, businesses, government and the military

- The owners of massive voice networks exposed to hundreds of new fraud and hacking risks due to the compromising of the global SS7 signalling network

- The owners of the worlds largest and most vulnerable data networks.

 

 Certification - Up to 40 Hours CPE Credit : 

This program provides audit, security, network, I/T, revenue assurance and fraud management professionals with the chance to distinguish themselves and position themselves for key positions in the emerging world of cyber risk and cyber containment strategies. 

Use this certification to open doors and claim your role in the new world of telecoms cyber security. 

 

There is no program like this offered anywhere at any price!

  • Learn what cyber security is, and the emerging responsibilities of audit, revenue assurance, fraud management, cyber security and risk managent are regarding its detection, containment and management 
  • Fundamental components of cyber hacking and cyber security violations 
  • Develop and understanding of the comprehensive nature of, and intrinsic need for 360 degree cyber security 
  • Learn how IP networks work, and exactly how cyber hackers implement their attacks 
  • Learn about the 7 categories of cyber risk, the nature of the risks in each category, the consequence of the failure of cyber security and the methods of protection and implementation for each 
  • Review of primary strategic approaches to the protection of the telecom, and application of best fit to telecoms environment 
  • Walk through of hack attack planning methodology and defensive strategy development 
  • Understanding the hybrid Zero Trust / Defensible Perimeter Methodology and how to apply it 
  1. Telecoms Cyber Risk : Fundamentals and Key Issues
  2. Cyber Targets : What do Cyber Attackers Want?
  3. Cyber Criminals : Who are the Cyber Attackers?
  4. Cyber Attack Fundamentals – How do cyber Attackers accomplish their objectives?
  5. Data Networks : Understanding the Attack Points
  6. Physical Hacking : How do Cyber Attackers get into our systems
  7. Logical Hacking: How do Cyber attackers bypass controls
  8. Social Engineering :Cyber Hackers Golden Ticket
  9. Hacking Workshop : Creating a cyber attack strategy
  10. Category I : Simbox, PBX Hack, Injection Frauds
  11. Category II: Attacking the Carrier Autonomous System
  12. Category III : Core Network Hacks
  13. Category IV: Attacks on Consumers
  14. Category V: SS7 and Voice Network Attacks
  15. Cyber Security Strategies
  16. The Zero Trust Model
  17. Implementing Zero Trust

Training Session

What you will learn

Telecoms Cyber Risk : Fundamentals

  • Formal definition of cyber risk
  • Components of cyber risk attack
  • Limitations and proven failures of current cyber risk strategies
  • Organized approach to understanding and addressing cyber risks

Cyber Targets : What do Cyber Attackers Want?

  • Comprehensive survey of the different targets of cyber attack upon telecoms systems, revenues and customers
  • Introduction of the CyberTarget Category Methodology
  • Definition of each cyber target category, the risks represented, current failures and open risk windows
  • Objectives for cyber attack in each target category.

Cyber Criminals : Who are the Cyber Attackers?

  • Profiling of different types of cyber attackers:
  • Organized – Special Focus Criminal Organizations (Simbox, Premium Rate, Roaming etc.)
  • Carrier Sponsored Cyber Attack and Cyber Mischief
  • Internally launched cyber attacks (collusion, vendor and outsource attack)
  • National / Patriot Hacking
  • Individual : Free Lance Cyber Attacks
  • Consumer Attack Vectors
  • Cyber Mischief and consequences

Cyber Attack Fundamentals – How do cyber Attackers accomplish their objectives?

  • Cyber attack methodology
  • Walk through of a typical cyber attack progression
  • The Diamond Defense Strategy Approach
  • The Intrusion Kill Chain Analysis

Data Networks : Understanding the Attack Points

  • Fundamentals of IP and Packet network design
  • AAA for Data networks
  • Understanding and Securing authentication
  • Authorization fundamentals
  • DNS, DHCP, NAT, TRACERT and Key appliances of the data universe

Physical Hacking : How do Cyber Attackers get into our systems

  • How hackers create physical breaches in data networks.
  • The different attack vectors and controls required to fraud proof a physical data network
  • Ways to hack fixed networks (cable, fiber, DSL) and how fraudsters use them
  • Ways to hack wireless (mobile, WiFi, WiMax, microwave, satellite) and how fraudsters use them

Logical Hacking: How do Cyber attackers bypass controls

  • Gaining physical access to the network is just the first step in a fraud attack
  • different ways fraudsters spoof identities, gain security clearance, and actually gain control of internal systems and operations.
  • Cyber hacking,
  • DDOS and other methods of attack are reviewed.
  • Top ten IP based hack approaches. How they work, how to detect, how to prevent

Social Engineering :Cyber Hackers Golden Ticket

  • Focus on the different techniques of social engineering,
  • how they are executed, and how to protect against them.
  • Indepth review of the different methods customer use to spoof and fool our sales and provisioning operations

Hacking Workshop : Creating a cyber attack strategy

  • Case study reviews of actual successful hacking cases
  • Development of a discipline for cyber attack strategy
  • Workshops / cases assigned to develop hack sequence planning skills

Category I : Simbox, PBX Hack, Injection Frauds

  • Review of currently active and effective cyber attacks against the interconnect line of business
  • Review of SImbox, PBX, T-In, Injection and other Cyber frauds, their effectiveness and containment techniques

Category II: Attacking the Carrier Autonomous System

  • Issues and cases where the key appliances and controls of the telcos own, customer facing autonomous system is hacked
  • DNS, DHCP, Proxy and Firewall attack and their effects
  • Protecting the Autonomous System

Category III : Core Network Hacks

  • Vulnerability and attacks on core network components.
  • HSS , HLR, IN, and other billing and policy component vulnerabilities
  • How will hackers profit from core network attacks and how to defend.

Category IV: Attacks on Consumers

  • Vulnerability of attack against customers
  • Hati-Hati , Smart Phone Hacks, Virus delivery via wifi, Direct Wifi SmartPHone Attacks
  • Ways that cyber attackers target telecom customers
  • Issues and protections

Category V: SS7 and Voice Network Attacks

  • New vulnerability of SS7 Networks to hack attack
  • The Whats App / SS7 Hack
  • Attacking the Email/SMS Portable
  • SS7 Denial of Service – Cases and Issues
  • Securing the SS7 future

Cyber Security Strategies

  • Comparison of major Cyber Strategy Programs/Approaches
  • Zero Trust
  • Defensible Perimeter
  • NIST
  • DOD

The Zero Trust/Defended Perimeter Hybrid

Model

  • Applying Zero Trust / Defensible Perimeter to existing systems and issues
  • Issues and strengths of each
  • When to apply, one, the other or both

Implementing ZT/DP

  • Strategies and approaches for the hardening of systems, operations and business teams
  • Hardening your: employees
  • Hardening your customer facing systems
  • Hardening your operations
  • Hardening your controls

Who Should Attend:
Telecoms Audit, Revenue Assurance, Fraud, Security and Cyber Security professionals commission with responsiblity for the protection of systems, customers and revenues from cyber attack.

  • Auditors working in telecoms looking for a comprehensive introduction in how to incorporate the  industry's best practices in cyber security to the full range of audits performed each year. 
  • Revenue assurance and fraud management teams interested in learning how to increase the effectiveness of their efforts in the protection of companies systems and revenues from cyber attack
  • Experienced I/T, Security and Other Cyber professionals interested in learning about the unique and esoteric risks that telecoms networks provide and proven approaches for the cyber protection of telecoms systems and customers
  • Audit Managers, Revenue Assurance Managers, Fraud Managers interested in learning how they can better organize and deploy their teams to better address cyber risks