Becoming a Cybersecurity Consultant
The COURSE and the CERTIFICATE
A Cybersecurity Consultant should perform a varied number of tasks within an organization, no matter the industry they are performing in. Within CONCORDIA, based on a desk research followed by a market validation, we have identified a set of Knowledge and Skills a Cybersecurity Consultant should have [link]. The most important ones are depicted below.
To support people in preparing for a career as Cybersecurity Consultant we have developed a COURSE and a CERTIFICATION scheme.
The COURSE aims to help individuals acquire the knowledge and skills illustrated below. The Course is suitable also for individuals planning to follow a career in cybersecurity, including middle managers and executives.
After successfully passing the exam (consisting of two parts), the Certificate would stand as a proof an individual acquired a specific set of knowledge and developed specific skills.
The course is a joint effort of the following CONCORDIA partners:
The Course “Becoming a Cybersecurity Consultant” is structured in two parts (online and face-to-face) and is organized around 3 main learning objectives:
- Threats – Get updated on the existing and emerging cybersecurity threats, the assets possible to be impacted, and the latest models of attacks.
- Technology – Become knowledgeable about specific technological threats, learn how to anticipate and prevent them, while developing proactive management skills.
- Economics – Get an understanding of the economics behind cybersecurity activities within your organization. Learn about risk management and information security to protect the corporate reputation and preserve customer loyalty.
The online part of the course is designed to cover theoretical concepts a Cybersecurity Consultant (low-to-medium level) should know. It is structured in 4 modules (Cybersecurity Principles; Offensive Methods, Defensive Methods; Risk Management) and is proposed to be completed in about 3-4 weeks-time while allocating about 2-3 hours a week.
|Module||Lesson Code||Lesson title||Lecturer(s) affiliation||Learning Objective|
|Intro||A0||The Cybersecurity Consultant role profile||TUVA (AT)||–|
|A-CYBERSECURITY PRINCIPLES||A1||CIA Triad and Security Principles||University of Insubria (IT),|
Industrial Systems Institute (GR)
|A2||Software Vulnerabilities: CVE, CVSS, and beyond||University of Milan (IT)||LO1|
|A3||Privacy Principles to Manage Risks Related to Data||University of Insubria (IT)||LO1|
|A4||Accountability as success factor in this Digital Age||Arthur’s Legal (NL)||LO1, LO2, LO3|
|A5||Principles of Risk Management||TUVA (AT)||LO3|
|B-OFFENSIVE METHODS||B1||Attacks Capabilities and Attacks Stages||Industrial Systems Institute (GR)||LO1|
|B2||Emerging Security Issuees and Evolving Attacks||University of Milan (IT)||LO1|
|B3||Networks Attacks||University of Lorraine (FR)||LO2|
|B4||Internet Technologies: Definition, Principles and Top Threats||University of Lorraine (FR)||LO2, LO3|
|C-DEFENSIVE METHODS||C1||The Security by design Principle Approaches and Paradigms||Industrial Systems Institute (GR)||LO1|
|C2||Vulnerability Managemenet Methods||University of Lorraine (FR)||LO2, LO3|
|C3||Network Protections Methods||University of Lorraine (FR)||LO2, LO3|
|C4||OS/Application Protections Methods||BITDEFENDER (RO)||LO2, LO3|
|C5||Data Protection and Security||University of Zurich (CH)||LO3|
|C6||The SIM Approach||Arthur’s Legal (NL)||LO2, LO3|
|D-RISK MANAGEMENT||D1||Overview on Risk Assessment Framework||University of Zurich (CH)||LO1, LO3|
|D2||Risk Management with an Economic Bias||University of Zurich (CH)||LO3|
|D3||Non-conformity/non compliance perspectives||Arthur’s Legal (NL)||LO3|
|D4||Digital Sovereignity||Arthur’s Legal (NL)||LO1, LO2, LO3|
⇒ Access to the Course – online part on Coursera platform [link] – May 2021 session closed; October 2021 session closed – will be re-open in May 2022
⇒ Access to the presentations used in the online part [link] – restricted to the learners who followed the course and to those registered to the C3 by CONCORDIA Certification exam
The Face-to-Face/webinar part of the course is designed to build on the theoretical concepts covered in the online part by bringing into the discussion of the group different case studies while also involving the participants in hands-on exercises. The agenda of the 3 days module is structured as follows:
⇒ Access to the presentations of the Face-to-Face/webinar part [link] – restricted to the learners who followed the course and to those registered to the C3 by CONCORDIA Certification exam
The report on the pilot course could be consulted via [link]
The next Course will start in April 2022. The registration process is open and will be closed on April 15th. Link to the Registration form.
The C3 by CONCORDIA certification is addressed mainly to European cybersecurity professionals, cybersecurity middle managers and freelancers looking into having specific knowledge and skills validated via a certificate. For an overview of the knowledge and skills we consider a Cybersecurity Consultant should have, we invite you to check the specific page [link].
The Certification exam consists of two parts: a theoretical exam hosted on the ISOGRAD platform (proctored) for testing the top knowledge identified for the profile, and a practical exam hosted on the KYPO platform for testing some of the skills needed for the profile.
⇒ Access to the theoretical exam [link] – restricted to the learners registered to the C3 by CONCORDIA Certification exam
⇒ The Certification Proctor Manual for the theoretical exam [link]
⇒ Access to the practical exam [link] – restricted to the learners registered to the C3 by CONCORDIA Certification exam
The applicants to the C3 by CONCORDIA Certificate are strongly encouraged to adhere to the following Declaration of Honor [link].
The candidates to enter the C3 by CONCORDIA Certification are strongly encouraged to follow first the dedicated course “Becoming a Cybersecurity Consultant”. An overview of the Course and Certificate including the specific steps, prerequisites and timeline for the session scheduled in the first half of 2022 could be consulted at https://www.concordia-h2020.eu/blog-post/would-you-like-to-be-certified-as-a-cybersecurity-consultant/
A limited number of seats will be made available to cybersecurity professionals applying directly to the Certification exam without following the course. Those interested in sitting the C3 by CONCORDIA Certification exam should register no later than April 24th, 2022 via the form: https://ec.europa.eu/eusurvey/runner/C3byCONCORDIAcertification
The C3 by CONCORDIA Certificate and the relevant assessment processes are implemented based on the C3 by CONCORDIA Certification Scheme (link).
“Becoming a Cybersecurity Consultant” – registration for the session May 2022
By filling-in this form you express your interest in attending the course “Becoming a Cybersecurity Consultant” organized by CONCORDIA project.
The Course aims at helping individuals acquire a set of knowledge and skills related to the Cybersecurity Consultant role profile, medium level. It is suitable for individuals planning to develop a career in cybersecurity, including middle managers and executives, and it is addressing the European market. To take full advantage of the content covered and be able to solve the short quizzes included in the course, the participants should have basic knowledge of data structures and algorithmic principles, regular expressions, database principles, shell scripting, networking principles, tools and architectures, operating systems basics, security controls, mechanisms and practice and risk management theories and methods.
The course “Becoming a cybersecurity consultant” is organized on two modules (online self-peace and live webinar) and it is offered as a support in preparing for taking the C3 by CONCORDIA Certification exam.
For information about the general structure of the course, it’s learning objectives, and the main knowledge and skills covered by the different modules, we invite you to check the page https://www.concordia-h2020.eu/becoming-a-cybersecurity-consultant/
An overview of the 2022 offer on Certification and preparatory course, including the prerequisites linked to each of the phases of these activities could be consulted at https://www.concordia-h2020.eu/blog-post/would-you-like-to-be-certified-as-a-cybersecurity-consultant/
The next session of the course is scheduled for April-May 2022 and it is offered free of charge. We will come back to you for the formal confirmation of your enrolment to the course by 15 April, at the latest. Before submitting your registration form, please check and acknowledge the timeline for the specific dates linked to the two modules of the course.
REGISTRATION IS CLOSED