Skip to main content
Network Security in Cybersecurity Risk Management

Network Security in Cybersecurity Risk Management

$349.00
How you learn:
Self-paced • Lifetime updates
Your guarantee:
30-day money-back guarantee — no questions asked
Toolkit Included:
Includes a practical, ready-to-use toolkit containing implementation templates, worksheets, checklists, and decision-support materials used to accelerate real-world application and reduce setup time.
Who trusts this:
Trusted by professionals in 160+ countries
When you get access:
Course access is prepared after purchase and delivered via email
Adding to cart… The item has been added

This curriculum spans the design and operational enforcement of network security controls across governance, architecture, and compliance functions, comparable in scope to a multi-phase advisory engagement addressing enterprise-wide risk management and control implementation.

Module 1: Establishing Security Governance Frameworks

  • Selecting between ISO/IEC 27001, NIST CSF, and CIS Controls based on organizational maturity and regulatory obligations.
  • Defining roles and responsibilities for CISO, data stewards, and IT operations within a RACI matrix for security initiatives.
  • Integrating security governance into enterprise risk management (ERM) reporting structures and board-level oversight cycles.
  • Aligning security policies with business unit objectives while maintaining enforceable standards across departments.
  • Conducting gap assessments between current security practices and target framework requirements.
  • Developing an escalation protocol for security incidents that defines thresholds for executive notification.
  • Implementing policy exception management with documented risk acceptance and review timelines.
  • Establishing metrics for governance effectiveness, such as policy compliance rates and audit finding resolution times.

Module 2: Risk Assessment and Threat Modeling

  • Choosing between qualitative and quantitative risk assessment methods based on data availability and stakeholder needs.
  • Conducting asset classification exercises to prioritize systems based on business criticality and data sensitivity.
  • Mapping threat actors (e.g., nation-state, insider, script kiddie) to specific business functions and infrastructure components.
  • Using STRIDE or PASTA methodologies to model threats against cloud-hosted applications and hybrid architectures.
  • Updating risk registers quarterly or after major infrastructure changes, including M&A activity or cloud migration.
  • Calibrating risk scoring models to reflect organizational risk appetite, especially for high-impact, low-likelihood events.
  • Documenting assumptions in threat models to support auditability and peer review.
  • Integrating third-party risk data from vendors like Recorded Future or Mandiant into threat modeling outputs.

Module 3: Network Architecture and Segmentation

  • Designing zero trust network access (ZTNA) zones to replace flat network architectures in multi-site environments.
  • Implementing micro-segmentation in virtualized data centers using tools like VMware NSX or Cisco ACI.
  • Enforcing DMZ configurations with stateful firewalls and proxy services for externally exposed systems.
  • Deciding between VLAN-based segmentation and software-defined perimeter (SDP) solutions for remote workers.
  • Configuring routing policies to prevent lateral movement between business units with differing security postures.
  • Validating segmentation rules through regular firewall rule audits and penetration testing.
  • Managing exceptions for legacy systems that require broad network access due to technical constraints.
  • Documenting network topology changes in configuration management databases (CMDB) for compliance audits.

Module 4: Identity and Access Management Integration

  • Implementing just-in-time (JIT) privileged access for third-party vendors using PAM solutions like CyberArk.
  • Enforcing multi-factor authentication (MFA) for all remote network access, including exceptions for legacy applications.
  • Synchronizing identity sources across on-premises Active Directory and cloud IAM platforms like Azure AD.
  • Designing role-based access control (RBAC) models that reflect job functions without creating excessive privilege overlap.
  • Conducting access certification reviews quarterly with business owners to validate standing privileges.
  • Integrating SIEM alerts with identity lifecycle events to detect orphaned accounts or privilege creep.
  • Managing service account credentials with automated rotation and restricted network access.
  • Enforcing time-bound access for contractors using identity governance and administration (IGA) tools.

Module 5: Firewall and Network Security Device Management

  • Standardizing firewall rule naming conventions and change request workflows across vendor platforms.
  • Implementing change control processes that require peer review and testing before firewall rule deployment.
  • Consolidating redundant rules and removing unused access controls during quarterly firewall audits.
  • Deploying next-generation firewalls (NGFW) with application-aware filtering at internet gateways.
  • Configuring high availability and failover settings for firewalls in mission-critical network segments.
  • Integrating firewall logs with SIEM systems using standardized formats like syslog or CEF.
  • Managing firmware updates and vulnerability patches for firewalls according to vendor security advisories.
  • Enforcing secure administrative access to firewalls via jump hosts and encrypted protocols only.

Module 6: Intrusion Detection and Prevention Systems

  • Tuning IDS/IPS signatures to reduce false positives in environments with legacy protocols or custom applications.
  • Placing inline IPS devices at network chokepoints while using passive IDS sensors in high-availability zones.
  • Developing custom detection rules for organization-specific threats, such as known attacker TTPs.
  • Integrating IDS alerts with SOAR platforms to automate response actions like blocking IP addresses.
  • Conducting regular red team exercises to validate IDS/IPS detection coverage and response efficacy.
  • Managing signature update schedules to balance security coverage with operational stability.
  • Allocating sufficient network bandwidth and processing resources to handle full packet capture at peak loads.
  • Documenting approved bypass scenarios for encrypted traffic that cannot be decrypted for inspection.

Module 7: Secure Remote Access and VPN Governance

  • Replacing legacy IPsec VPNs with ZTNA solutions for cloud application access based on user and device posture.
  • Enforcing device compliance checks (e.g., disk encryption, patch level) before granting VPN access.
  • Configuring split tunneling policies to limit exposure of internal routes on remote devices.
  • Monitoring concurrent user sessions to detect credential sharing or account takeover attempts.
  • Rotating VPN pre-shared keys and certificates according to cryptographic lifecycle policies.
  • Logging and analyzing remote access connection metadata for anomaly detection.
  • Implementing geo-fencing rules to block login attempts from high-risk jurisdictions.
  • Decommissioning unused remote access gateways to reduce attack surface and maintenance overhead.

Module 8: Security Monitoring and Incident Response

  • Defining log retention periods based on regulatory requirements and forensic investigation needs.
  • Normalizing logs from heterogeneous network devices into a common schema within the SIEM.
  • Creating correlation rules to detect multi-stage attacks, such as reconnaissance followed by exploitation.
  • Establishing on-call rotations and escalation paths for 24/7 security operations center (SOC) coverage.
  • Conducting tabletop exercises to validate incident response playbooks for ransomware and data exfiltration.
  • Preserving chain of custody for network evidence during forensic investigations involving legal teams.
  • Integrating threat intelligence feeds to enrich alerts with known malicious IPs and domains.
  • Performing post-incident reviews to update detection rules and close process gaps.

Module 9: Third-Party and Supply Chain Risk

  • Requiring network-level security assessments as part of vendor onboarding for cloud service providers.
  • Negotiating right-to-audit clauses in contracts with critical infrastructure vendors.
  • Enforcing segmentation for third-party access, limiting connectivity to specific hosts and ports.
  • Monitoring contractor activity through session recording and privileged access management tools.
  • Validating security controls in SaaS applications through SOC 2 Type II reports or equivalent.
  • Mapping vendor dependencies to critical business processes for business continuity planning.
  • Requiring encryption of data in transit for all third-party integrations, including API connections.
  • Conducting annual reassessments of high-risk vendors based on access scope and data sensitivity.

Module 10: Compliance and Audit Management

  • Mapping control requirements from GDPR, HIPAA, or PCI DSS to specific network security configurations.
  • Preparing evidence packages for external auditors, including firewall rules, access logs, and change records.
  • Responding to audit findings with remediation plans that include timelines and ownership assignments.
  • Automating evidence collection for recurring compliance checks using GRC platforms.
  • Conducting internal audits to identify control gaps before external assessment cycles.
  • Documenting compensating controls when technical controls cannot meet compliance requirements.
  • Managing scope of compliance efforts to avoid over-securing non-regulated systems.
  • Updating policies and procedures following changes in regulatory requirements or enforcement precedents.
!