This is an example post

An increasing number of businesses are embracing the ‘bring your own device’ policy, allowing employees to use their smartphones and tablets to access the company’s information and work on the go.

This policy can add a new dimension to IT project management training, with products now able to be developed remotely and flexibly using mobile devices. However, it also means that a greater emphasis now needs to be placed on mobile cyber security to ensure that businesses are keeping their information secure.

Threats being detected in the Android app store

Although all kind of devices has risks associated with them, those operating on the Android platform are shown to be particularly vulnerable to malware from apps. It’s therefore essential that companies with employees using Android devices are extra vigilant and aware of the possible threats.

The most prominent threat to Android users is apps, with the Google Play Store being invaded by numerous applications containing malware. Google Play Protect detected and removed 1,700 Android apps infected with the malware Bread (also known as Joker) before ever being downloaded by users.

Likewise, an analysis by G DATA showed that the number of malicious apps reached a record level in 2019. This problem is growing, and businesses have to look out for ransomware and Trojans that might compromise their data for money.

How can businesses protect themselves?

Due to the magnitude of this risk, it’s important for businesses to know the security measures they should take to defend employees mobile devices from malware. Lukas Stefanko, expert at security solutions company ESET, emphasises that the best approach to security is preventative.

“Don’t delay taking security measures until something unusual happens – in most cases it’s too late as the device may already be compromised and the data lost,” he said in an interview with We Live Security.

Businesses should require that all employees using their personal devices to access company information to have the latest operating system and antivirus software installed to defend against cyber threats. They should also encourage people to be careful of the apps they download, and always check the reviews before installing anything.

It is apparent how mobile security has become an integral aspect of information security training, and companies need to ensure they protect all channels of data access. ALC Training can help by educating employees in all aspects of cyber security, resulting in better protection for businesses in the long run.

Source:

Google Security Blog – Read the full details here .

G Data IT Security Trends 2020

Digital Transformation is the ability of an organisation to remain competitive.  By using new technologies more effectively than their competitors, this leads to greater market share, lower price points, improved product and/or service quality and constant innovation for clients.  But where do you start?

This article is designed for medium to large organisations that want to know how to do this.  I’ll draw on my 20 years of experience as an enterprise and solution architect with DXC technology. I was fortunate enough to help a range of clients which I can now couple with my knowledge as a trainer, across the 12+ courses that I now run.

Click to open the infographic below to see a snapshot of the steps to take to perform a digital transformation successfully.

Here is my list of key steps in order:

• Use an Agile framework to help structure the entire transformation.  My recommendation is to use the Scaled Agile Framework or SAFe, coupled with The Open Group Architecture framework or TOGAF.  This will involve sending all the senior leaders on a Leading SAFe 2-day course, your architects, engineering and development functions on TOGAF Part 1 and Part 2 4 day course.
• Understand what business objectives you’d like to achieve in the next 3-5 years.
• Work with all the key stakeholders to develop a common mission and vision.
• Send your security experts to become certified on the Certified Cloud Security Professional certification.
• Identify key execution leaders, usually the program manager, a senior project manager and the lead architect, to go onto the 4-day Implementing SAFe course to become SAFe program consultants.  I wouldn’t recommend relying on outside consultants unless you want to hire someone.
• Run a value stream workshop with the key stakeholders to determine the best value stream to take forward that will deliver your first epic and the associated top 5-10 features.
• Start running internal Leading SAFe workshops to ensure everyone know how SAFe works and outline the value stream that we’re going to take forward.  Use the workshop to seek feedback and help improve the decision-making process.
• Think about training for your technical resources.  So unless you’ve been living under a rock, you’re probably looking at Office 365 Security & Compliance (2 Days) and either AWS Quickstart (1 Day) or Azure Fundamentals (1 Day).  My personal pick is to stay with Azure.  It’s the most popular with my students in Australia. You could also consider Google and Oracle.  I’ve had a handful of people use Google and only 2 use Oracle.  I think they were from Oracle.
• Identify the first Agile Release Train, be clear on what success looks like and ask your people to self-organise across the train, using the SAFe principles.  Blend in the principles from the enterprise / solution architecture function and seek feedback from the teams.
• Perform a training needs analysis workshop, by involving all those people that are required to build and deliver the solution.  This is where you’ll need to identify the technical and soft skills that will be missing.  This will include specific vendor product training, probably through eLearning methods and vendor training.
• For soft skills, start thinking about cultural change programs for everyone on the trains.  I’d recommend DevOps Foundation for everyone, DevSecOps Engineering for security and lead developers and DevOps Leader for the key leaders managing the train.
• Don’t forget to bring the business on the journey too, so I can recommend the Cloud Computing Foundation (2 Days), designed for non-technical professionals and leads to an accredited APMG certification.
• Almost certainly your transformation will contain a significant data component, so I can recommend training for all your technical resources on the newly released Enterprise Big Data Professional certification.
• At this stage, you’ll be very close to deploying your first Agile Release Train, so you’ll need to ensure the relevant people have attended the SAFe Product Manager, Scrum Master and SAFe for Teams courses.
• Finally, launch your train through a face-to-face Program Increment (PI) Planning workshop and allow your SAFe Program Consultants and Scrum Masters to coach the teams to success.  Don’t forget to measure at every step to show progress.  This is all explained in the SAFe implementation roadmap.  If followed correctly, you’ll be delivering multiple features in the first 50 days.
• Over time you’ll launch more trains, that are aligned to value streams to deliver more epics and features.  As you grow, the trains will become much faster and with a team of 125 people or more, you’ll delivering features much faster than ever before.
• Importantly, constantly track where you are in your business objectives, your mission and vision, to ensure you keep the trains on the tracks.  There is where the Lean Portfolio Management components in SAFe that helps with the governance piece of this.

Do you have questions with these steps?  Contact our awesome ALC Training team!

Believe it or not, Office 365 now contains 27 separate apps that are provided by Microsoft.   Many of these apps are provided with advanced security features.  Clearly managing these security features within each admin tool is a complex and onerous task.  So Microsoft have moved as much security as possible into the Office 365 Security & Compliance Centre.  This is now the central place to manage the majority of security functions in Office 365.

Click on the diagram below to link to the Microsoft TechNet article describing all the key Office 365 services:

You can augment this list by adding third-party apps that are available in the Microsoft AppSource app store.   You can also incorporate various Azure services that integrate with Office.  One service that is already included, is Azure Active Directory. 

Azure Active Directory or AAD, is a mandatory service that manages all the authentication and authorisations in Office 365.  It integrates with your existing corporate Active Directory, which probably lives in your data centre (on-premise), using a service called AAD Connect.  For companies that have very complex requirements around transferring data between your on-premise Active Directory and AAD, you can use the Microsoft Identity Manager product and the Active Directory Federation Service.

Here is a great link to a video that outlines some of the basics of Active Directory:

It becomes quite technical towards the end of the video, so just close it down, once you have the knowledge you need. 

Understanding Active Directory is key to understanding the fundamentals of how the Office 365 Security & Compliance Centre works, so check out my 2 day course where we cover all the basics, in non-technical language, so that anyone can start security their Office 365 tenancy:

Not only do we cover AAD, but we also run through:

• Overview of the 27 apps that Microsoft provides.
• Various short overview demo’s of the Security & Compliance centre, covering key security concepts such as threat management, data governance, search & investigation, service assurance and reporting.
• Azure Information Protection and how it fits with Office 365.
• A short introduction to Powershell.
• A primer on Cloud Computing and DevSecOps engineering.

Let’s pick out a couple of my favourite Office 365 services…Flow.

Flow is a product that allows you to integrate various cloud services, providing a platform for automating many of your tasks.  It’s a competitor to IFTTT.com, which stands for If This Then That, which provides a similar set of services.  For example, if an email comes into your inbox from a customer, there may be a series of manual tasks that need to be undertaken to start servicing that customer.  This can be automated and free up your time to focus on talking with customers, rather than having to do repetitive manual tasks.

Click on the graphic to be taken to a video outlining potential uses of the tool:

Now, let’s look at some of the key features of Data Loss Prevention

If want to know more about Office 365 services, please reach out to me on Linkedin.  Click on the image below to see my profile and start reaching out….

It may not be obvious, by the concept of a value stream is one of the most important concepts in a digital transformation.  Why?   Because once you understand a value stream, you start to truly understand your business and you’re on a clear path to improving customer experience.  Exceptional customer experience is your key business differentiator in the world of digital disruption and needs to be the core focus of any digital transformation.

Let’s define a value stream.  I’ll use what I consider, to be the best sources of knowledge reference. 

First from Scaled Agile.  

If you click on the image it will take you to the Leading SAFe 2 Day course I run at ALC Training.

Second from the TOGAF certification, written by the Open Group:

• Value Stream Mapping: the breakdown of activities that an organization performs to create the value being exchanged with stakeholders.  It illustrates how an organization delivers value and are in the context of a specific set of stakeholders, and leverage business capabilities in order to create stakeholder value and align to other aspects of the Target Business Architecture.

And here is a picture of a sample value stream map for an online purchase:

And here is another, outlining an emergency hospital admission:

As you can see it’s a simple overview, usually shown in 5-9 stages, of how a product or service starts life and is delivered to the consumer. 

As you can see, the business processes beneath can vary in complexity.  With an online purchase, the process is relatively simple.  With say intensive care, the process can be extremely complex and there are probably 1000’s or paths, depending on the type of care required.

It can also be known as:

• Value Chain Diagram
• Functional Reference Model

Clearly, there are many values streams and they are quite different between industries.

Once we understand our value stream, we can then consider decomposing each component into systems and people.  An example of this is from Scaled Agile, where they define two types of value streams:

You’ll notice that the operational value stream is the one that is focused on the customer.  Whereas the development value stream is aligned to delivering systems in an agile manner.  In fact, these are development value streams are also known as a CI/CD pipeline:

• CI = Continuous Integration – committing code at least once a day.
• CD = Continuous Delivery – making sure code is always in a releasable state.

So what we’ve now done, is to understand our business in the context of delivering value through software.  We cover this in our DevOps Foundation course:

Any questions on Scaled Agile or DevOps concepts, as always please reach out via twitter – @MusicComposer1 or find me on LinkedIn:

There are a number of examples in history, of how governments have fallen.  Either through the ballot box, through a coup d’etat or via a civil or military war.  But have you ever stopped to think that a lack of progress in a digital transformation, could be a fourth reason?

Let me back up a bit…and outline what I believe are the reasons we have a government.  Why does it exist and why we need one.  There are five:

• Keep citizens safe.
• Maintain law and order.
• Grow the economy.
• Provide services that require high capital expenditure to deliver.
• Collect tax revenue.

Here is a great video that provides some more information on what government is?

Failure by governments to maintain those outcomes and deliver great customer experiences will result in disruption.  We’ve already seen this movie before right:

• Uber disrupting the transportation industry.
• Netflix disrupting the entertainment industry.
• Google disrupting traditional advertising revenues.

But hey, they’re all commercial examples.  Have you got anything that is relevant to government?  Sure:

• Russian interference in the US democratic system.
• UK leaving the EU.  Affectionately known as Brexit.
• Chinese attacks on Australian government services.

Here is a great video explaining Brexit:

You can also extend that to local government, such as Queensland in Australia:

• Parents opting to homeschool their children and not use the Government funded system.
• Students choosing to study at universities that offer the best blended, digital vs classroom-based experience.
• Tesla disrupting cars, trucks and eventually planes and trains, which forces say the Dept of Transport and Main Roads to rethink transportation strategies and plans.

I talk about digital disruption and governments in the latest #AskTheCEO discussion here:

The same forces that have helped Uber, Netflix, Google and especially Apple become commercial disrupting forces, are the same for the government:

• High customer expectations, driven by an app store always-on mindset.
• Generational shifts, as we move into an ageing population, whilst we have adults that have been brought up with social media.
• Customers expecting costs to drop and value to increase, driven by innovations started by Google, Amazon, e-Bay, Microsoft, Apple and others.
• The increased use of technology to scale crime and scale warfare, driven by the low-cost barrier to entry, the relative ease to learn and use new tools due to the proliferation of the internet, and the prevalence of unprotected and unpatched systems.  

So what is the solution.  Well it’s important to understand what needs to transform in government and then do so, quickly.  Using the latest Lean-Agile and DevOps principles, along with great talent, is how Spotify undermined their competition, so government needs to do the same.  Here are three examples:

• Attract and maintain talent by allowing them to be autonomous, attain mastery in their craft and provide them with clear purpose that inspired them.  Think Elon Musk, heading to Mars and SpaceX.
• Create fast and effective feedback loops, to allow everyone to learn quickly.  A great example is the Uber App, which asks you to rate the driver at the end of the journey.  Taxi companies don’t do this, so they can never learn as fast.
• Decentralise decision-making, not all decisions, but ones that empower your workforce.  Short-term, localised decisions,  where people doing the work are the best informed to make the right decision.  So let the sales-man close the $1m deal.  Move the people to the work.

Interesting in learning more about digital transformation.  Check out a range of courses that I run at ALC Training:

DevOps Foundation

Cloud Security

Cloud Computing

Scaled Agile

Enterprise Big Data

Microsoft is one of the world leaders when it comes to cloud computing services.  In the last comparison of revenue streams from the cloud giants, back in Feb 2018, it seems that Microsoft was just ahead in front of AWS.

Want to learn more about Azure?  Well, there are options.  There is a great free resource from Microsoft that covers Azure fundamentals here:

https://docs.microsoft.com/en-us/learn/paths/azure-fundamentals/

Or, if you’re looking for more a hands-on 1 Day Azure Technical Quickstart to understand how to provision resources, you can check out our 1 Day course here:

https://alctraining.com.au/course/microsoft-azure-technical-quickstart/

You can also reach out to us, for customised Azure and Office 365 courses.

Azure is classed as an Infrastructure-As-A-Service (Iaas) and Platform-As-A-Service (PaaS) in the cloud computing world.  IaaS services are designed for system engineers, where you can set up and build servers, networks, and storage, and then install your apps on top.  If you’re in the software development business, then the PaaS services are designed for writing, testing and managing code, and target developers.  

Some important PaaS services that developers will need include:

• Source Code Repositories – Such as GitHub or Azure Repos – these allow you to store and version control your source code.
• Serverless – Azure Functions – automatically builds and manages the compute, storage and networking components, so a developer can focus on writing code.
• Containerisation – Azure Kubernetes Services – allows developers to build, manage and monitor containers, which are used to store separate app stacks, relating to separate apps.
• Datastores – Azure SQL or Azure Cosmos DB – allows developers to store and read structured (SQL) and unstructured data.

Below is a brief snapshot of just the Compute services:

By combining together these services, you can create a rich tapestry of solutions.  It’s very similar to the age of analog electronics, where you could select oscillators, diodes and specific electronics components, to create solutions like creating a home radio.  

In Azure you can create very complex business solutions.  Below is an example of how you might integrate a complex corporate environment with Azure services, in a model known as hybrid cloud:

There are some very important services that are available in Azure, that align nicely to medium to large clients that have to comply with complex regulation.  Clients involving in banking, government, healthcare, and defence, need to maintain a level of corporate and regulatory governance, as well as a high level of cyber security protection in their cloud services.  Tools such as:

• Azure Security Centre – understand, see and manage your security across all your Azure resources.  Very useful when dealing with a critical security incident in your organisation.
• Azure Advanced Threat Protection – Protect your assets from all kinds of threats, both inside and outside your organisation, using AI and smart analytics.
• Azure Policy – Enforce rules across how and where your Azure resources are deployed.  Need to only deploy in Australia, no problem, set up a policy that only allows services to be run from Australia.
• Azure Blueprints – Setup standard collections of resources, pre-approved by your security and governance functions that allow fast deployment of business solutions.
• Azure Monitor – Monitor the health of all the resources you have created and have control over.
• Azure Service Health – Monitor the health of all the resources that Microsoft controls.
• Azure Advisor – Makes intelligent recommendations covering Availability, Security, Performance, and Cost.

The diagram below shows an example of the types of recommendations that the Azure Advisor can provide:

Feel free to reach out anytime with your Azure of Office 365 questions or queries?

Digital transformation is the process of cultural,  technological and thought leadership innovation, that is required to ensure businesses remain competitive, relevant and able to survive.  Let’s break that down and explain what I mean.

Click on the image below to see ALC’s range of courses that can help with your digital transformation journey:

Cultural Innovation

This means allowing people within a business to develop and grow, by learning in a safe environment.  We often call this Failing Fast.  This helps to foster a culture within an organisation, that moves away from:

• Blame
• Mistrust
• Finger-pointing

And move towards:

• High-Trust
• Collaborative
• Engaged

You can only innovate when you allow people to take risks.  But in concert, you need to provide tools and an environment for continual fast feedback.  This includes:

• Allowing people to select the tools they want, in order to automate or streamline a job.  This requires management buy-in and funding.
• Realising, that the customer is the person that consumes your work.
• Fostering a culture of open feedback, without retribution, with customers.  How am I doing?  What could I do better?  What keeps you awake at night?

All these concepts and learnings appear again and again in many of the cultural change courses I run:

• DevOps Foundation 
• Leading SAFe 

Click on the picture below to watch an awesome video from our DevOps Foundation course, covering Spotify Engineering Culture:

Technological Innovation

This means adopting the latest technological innovations, to help business leaders learn and act quickly.  There are many examples:

• Using “Big Data” to provide new insights and gain a competitive advantage.
• Using “Cloud Computing” to provide a business model that is more agile, whilst removing the reliance on investing $1000’s in IT infrastructure, licencing and bespoke software development.
• Using “Artificial Intelligence” to detect and protect the business from hacking, data loss and service loss.

It’s no surprise that at ALC, we’re focusing on these key technological innovations:

• Certified Cloud Security Professional 
• Cloud Computing Foundation 
• Enterprise Big Data Professional 
• Office 365 Security & Compliance 
• Azure Technical Quckstart 

Click on the diagram, below to see an awesome video from the Enterprise Big Data Professional course on why we use Hadoop over SQL when dealing with Big Data:

Thought Leadership

This is the most critical.  Leaders are the people in a company that pave the way for new things.  Just like in music, they are the avant-garde, breaking new ground, failing fast and leading by example.  They are skillful coaches that bring all their people with them on the journey.  They lead through:

• Trust
• Respect
• Rewarding everyone.
• Being fair, honest and open.

You’ll find these leadership traits are exemplified in the following courses for leaders:

• Leading SAFe for Executives, Managers, and Leaders 
• Cloud Computing Overview 

The diagram below shows you the Scaled Agile Framework, of SAFe for short.  Click on it and you’ll be taken to the FREE clickable version on their website:

Government

If you have ever worked in a government department or a local council, there are very few examples of these digital successes.  Why?  I believe many leaders of governments, whether they be the lord mayor of a council or the elected minister, fundamentally do not understand digital disruption.  They believe it is a phenomenon that only affects commercial entities and is not relevant to them. And the ones that do try and embrace digital disruption, don’t focus on cultural change, with leaders not leading by example.

Unfortunately, it is extremely relevant.  I believe governments will be disrupted, just like every organisation in the world will be disrupted.  Charities, councils, regulatory bodies, none of them are immune.  In fact, they are the entities that are most at risk of being irrelevant.  Why?

Because for every government service, there is are much better ways of delivering, by adopting the key tenants above and embracing digital transformation.  This means, if enough people do not see the value in government services, they will protest, they will resist taxes and want to live in a place where the services are incredible. 

We’ve seen trailers of this movie before:

• Tiamen Square Uprising in China.
• The Election of Donald Trump.
• Brexit – Where the UK government is effectively the customer and the EU is the supplier.

Click on the diagram to show you how you digitally transform your government organisation using SAFe:

Check out my latest conversation on “Navingating Digital Disruption” on the New York hit show, #AskTheCEO with Avrohom Gottheil:

We live and breathe in a world that is a bizarre dichotomy.

On one hand, we want anonymity and privacy, on the other, many people pump full details of their private lives into social media and online services, happily enrolling personal questions such as mother’s maiden name, favourite colour, first pet, streets names, and so on; site after site after site. These are mostly in the hands of private enterprise, and we happily and blindly use these online services, placing trust in the hands of a third-party to get it right.

And so it is, that there is an apparent distrust when we come to think of electronic voting, because these are in the hands of the government. Claims abound of errors, outcomes being rigged or platforms being hacked. These are all valid concerns, and let’s face it, can happen.

On the path of being honest, in the physical world, I can be also coerced into voting through bribes or incentives; papers can go missing; votes can be added up incorrectly because the process is manual, I can be threatened in some parts of the world just because of who I am, who I want to vote for or perhaps because of my gender. Some of this happened in our most recent elections here in Australia; not too sure about the bribes though – my bank account remains incredibly thin.

I have had the benefit of working on one of the world’s largest electronic voting systems, consulting to the Electoral Commission of NSW in Sydney, Australia. At the time, late 2013, we were asking, why would anyone be interested in swaying the outcome of an election using electronic or any other means? Fast forward to 2016, and we had our answer – Donald vs Hillary. The Medicare scare by the Australian Labor Party (ALP) on the morning of the federal election in 2016. They term is being labelled cyber tampering.

However, it wasn’t any electronic voting platform to blame. In the first instance, it was social media (Facebook) being used to leverage data mined from potential voters (Cambridge Analytica) who would ultimately show up in their masses to vote for the Don. In the second instance, it had enough of a disruptive impact to sway voters in Australia to move their vote away from the Liberal National Party (LNP). Sure, the ALP was fined, but did the level of the fine send the right message? Did anyone go to gaol?

Voters complain in Australia how long it takes to produce an outcome for the federal election, or even state elections. How can we solve the problem? We are smart people, aren’t we? Secure software development. Dedicated voting systems. Apps for mobile devices. Good Governance. The ability to tabulate results in the blink of an eye.

Can a vote in the electronic world be discounted just like a vote in the physical world? Yes it can, and the electoral commission knows this. Ever put “Jon Snow – King of the North” on your ballot paper in the House of Representatives? If so, your vote is not legal. Ever written a kebab menu on your Senate ballot paper? If yes, then provided you filled out the rest of the form correctly, your vote still counted. Ever done a donkey vote? 1234567 or 7654321? Your vote still counts, but it is an “I don’t care” vote.

In many ways, good governance and a well-developed secure software development lifecycle with well-tested, reusable code would steer voters into not spoiling ballot papers.

Now I hear you cry, but it is my democratic right to show up and vote for Jon Snow or order a kebab. I hear you. And we need to include an option for “I showed up because we have mandatory voting but I am selecting the DO NOT CARE” option. Or just use 1234567.

We have to get over our phobias in order to transcend and embrace the inevitable of electronic voting. It is not a matter of if, but when it will happen. I am a big proponent of it happening here in Australia, and just like we showed the world when it came to WiFi, the Lawnmower and bionic hearing, I am sure we here in Australia can be world thought leaders to make a secure, online voting system.

The Internet used to be a friendlier place. In the late 1990’s, it was Microsoft versus the rest of the world. We had Gopher and WAIS as early pre-cursors to Internet search engines, then along came AltaVista, Yahoo and Google. I was never keen on Yahoo, AltaVista was kind of interesting, but Google was it for me; as a geek with a UNIX and security background, it was the search engine I constantly used, until recently. I used to say to people, “Have you tried using Uncle Google to find what you are looking for?”

Over the years, it has become apparent that many online services are not only annoying, but downright invasive. I read a book called Future Crimes by Marc Goodman which outlined succinctly how companies such as Google, Facebook and many others mine your data and target you with advertisements, or sell your mined data to others so they can bombard you with services. Even the browsers we use, by default, usually connect into Google somewhere, so I am constantly being mined. There is no such thing as a free Internet service.

Isn’t this a perverse situation? For those of us who read George Orwell’s 1984 about a future world where there is no privacy, aimed at the former Soviet Union, it is perverse that we are in exactly the same position in the so-called free world; perhaps my improved ration of cabbages will appear after all.

According to recent surveys, most of the world (approximately 80%) uses Android by Google, especially in developing countries. Countries such as Australia, Canada, New Zealand, the United States, United Kingdom and much of the EU use the Apple ecosystem. Switching to Apple doesn’t safeguard you either, you still need to go to your settings and select a different search engine. If you are a diehard Android fan, consider CopperheadOS, a stripped-down version of Android that works on a modded version of the Nexus or Pixel range. Blackberry, Windows Mobile or SymbianOS anyone?

So, I have switched my search engine to DuckDuckGo. Why? Because it is what Google used to be. Light. Simple. Non-invasive. Anonymous. Private. And most importantly, I am not being tracked. Am I missing out on any search results? Yes, I am – I am not getting paid-for Ad services appearing at the top of my search results – what a relief! In reality, you get less search results, but is that such a bad thing? When was the last time you went beyond the fifth page of search results? With DuckDuckGo, you receive higher quality results without the data mining and cross-milling of junk you don’t need.

I value my anonymity and privacy, and specifically try to keep a light footprint wherever I go. DuckDuckGo is the new default search engine for me. #ComeToTheDuckSide

When deciding on a security framework, it’s important that you choose the most applicable and appropriate set of foundation technology and software that suits your business and company needs.

Below, we’ll look at our SABSA® offerings, and how our courses are structured to provide you with the most effective and relevant IT security training possible.

Discovering SABSA framework

SABSA (Sherwood Applied Business Security Architecture) is a foundation framework and methodology that is applicable for service management and enterprise security architecture.

It can be considered the world’s leading open security framework and allows trained individuals to conceptualise, design and manage security in a business.

In fact, we at ALC believe the term “business-driven” is key to SABSA’s power, as the framework allows a company to conduct business on their own terms, while having constant assurance of the security level in the network.

The SABSA roadmap

So you’re considering SABSA training for yourself or the IT team in your business – what’s next? 
Our training program is split in three distinct areas, providing a clear pathway for any individuals wanting to undertake SABSA training while remaining flexible about their career options:

• Foundation Training
• Advanced Modules –  Risk & Assurance – Architecture & Design –  Incident Monitoring & Investigations 
• Topical Master Classes

In contrast to other training courses, the SABSA roadmap provides a non-specific, mix-and-match process, opening up any of the main career areas upon completion; risk, assurance and governance, architectural design, crisis management and more.

Click to open a larger view

What to expect from your first training course

When you set out to begin your training, it’s unlikely that you’ll know exactly where you want to go. With the flexibility offered in the training courses, you can ensure that no matter the direction your training takes you, we’re here to help guide you on the best career path.

Within the SABSA foundation course, we cover security strategy and planning, as well as service management and design, with the five-day course leading to SABSA Foundation certification and further IT governance training.

Expert support with ALC Training

We at ALC can provide an extensive range of training courses that cover a wide range of topics and specialisations. Above, you can see how following the SABSA pathway can lead to many different career paths, but this is only one of the courses offered by ALC Training.

To discover more about our range of courses and programs that includes ITIL, ISO 27001 and COBIT 5 training, get in touch with our specialist team of trainers today.