Corporate protection against internal threats to information security

The competence "Corporate Protection against internal threats to information Security" is aimed at creating a professional growth environment in which participants demonstrate and improve their skills in designing and implementing a comprehensive system of protection against internal threats in order to minimize information security risks and achieve the necessary level of information security in accordance with regulatory requirements and business needs.

Content of the competence

Team work

Competence Team

Work on the competence "Corporate protection against internal threats to information security" is a team activity.
The contest task is performed by the team and the score is given to the team.

Team composition

2 participants + 1 expert

Expert team
  1. Expert mentor
List of participants
  1. Participant 1. Information Security specialist.
  2. Participant 2. Information Security Specialist

Completing and evaluating a task

Team members complete a technical task:

24 hours
=
  • 3 days of 8 hours.

The results are evaluated by experts on day 4.
Experts are trained in verification methods and tools.

Competitive task

Composition of the competition task

  • Task Description
  • Diagram of interaction of information objects of the organization
  • A set of questionnaires to fill out during the implementation of a competitive task

What is included in the task description

Description of the organization's organizational and information structure, business processes, and a set of current organizational and administrative documentation.
A competitive task may not contain all the necessary information to complete the task, and some data may be contradictory. To clarify the necessary information, participants are given the opportunity to interview a "business representative" - an expert on the competition task.

Материалы для скачивания

Technical documentation
Competitive task for 2024

Competition Task Blocks

Layer 1
Layer 1
Layer 1
Layer 1
Layer 1
Layer 1
100% Layer 1
  • 15 Organization and presentation of the work
  • 25 Pre-project survey of the system
  • 40 Implementation of technical measures to protect information
  • 20 Implementation of organizational measures to protect information

Evaluation

Checking the level

Each specialist is tested for the level of proficiency in two groups of knowledge and skills

Knowledge and skill groups

Professional skills

  • Principles and practices of productive teamwork
  • Organization of the information security management process in an organization
  • Methods and technologies for studying the object of informatization
  • Designing an integrated information security system for an informatization facility
  • Installing and configuring information security tools
  • Presentation of the result of their professional activity, including for non-specialists in the field of information security

Evaluating skills

Skills are evaluated through the quality and effectiveness of work actions.

Labor action groups
  • Criterion A
    Organization of work and management
  • Criterion B
    Development and implementation of technical protection measures
  • Criterion C
    Development and implementation of organizational protection measures
  • Criterion D
    Pre-project survey of an informatization object
  • Criterion E
    Communication and personal skills

Ad platform rules

  1. Mandatory registration on the site
  2. Work on the site strictly according to the plan of work on the site
  3. There should be no foreign objects on the participant's desk: headphones, smart watches, cases, bags, etc.
  4. The following items are allowed on the participant's desk: a fountain pen, notepad, pencil, paper, and flash media issued by the organizers.

Rules of communication on the site

  1. Telegram is the main communication channel outside the site.
    Interaction is conducted in the general chat of the competence, based on the results of registration on the site, Participants, Expert mentors, and managing experts are added to the general chat.
  2. On the site, the main means of communication is verbal communication, using the audio equipment presented on the site.

Site operation plan

  • The site's work plan is published, indicating the time and location
  • The plan contains all the important information for Experts and Participants
  • We start and finish on time, "Seven don't wait for one" is our principle

Participant's workplace

  • The participant's workplace is equipped in accordance with the infrastructure sheet.
  • A description of the workplace structure, the toolbox, and its contents is described in the volume.

ALLOWED BY THE RULES

  1. Experts can use their personal computers, tablets, mobile phones, or smart watches while in the expert room or briefing area
  2. Experts should take photos of their participants during the championship
  3. Participants can use their personal devices to take photos and videos on the work site after the contest is over

STRICTLY PROHIBITED BY THE RULES

  1. During the competition days from C1 to C3, bring to the workplace and/or remove from the workplace any information in electronic, printed or handwritten form
  2. Use communication tools on the site: smartphones, tablets, etc.
  3. Perform attempts and / or data transfers from on-site and off-site workstations by any means other than those permitted by the Contest Task
  4. During the contest task, communicate with anyone without the permission of the Chief Expert, except for the members of your team

Ваш эксперт

Ivan Samoilov
Chief Expert

8 904 810 71 06
@NoviceTrg