Modules 1 and 2
Ashgabat, 15-16 June 2020.
The first and second training sessions on Cyber4security for the IT personnel working in the Turkmen civil service was conducted in the conference hall of the Academy of Civil Service under the President of Turkmenistan (AoCS). The training was organized by the European Union-funded project “Support for Public Administration Capacity Building in Turkmenistan” upon the request of the Ministry of Education of Turkmenistan to share best International Practices in cybersecurity.
Representatives of the Academy of Sciences of Turkmenistan, Ministry of Education of Turkmenistan, Oguz Han Engineering and Technology University of Turkmenistan, Ministry of Labour and Social Protection of the Population of Turkmenistan, Central Bank of Turkmenistan, Ministry of Finance and Economy of Turkmenistan, Ministry of Industry and Communication of Turkmenistan, State Committee on Statistics of Turkmenistan and the Institute of Telecommunications and Informatics of Turkmenistan participated in the event.
With results of the questionnaires filled by the trainees during the introductory training session on cybersecurity held on 28 of May, the project experts developed the most suitable target group-oriented training program. The training program consists of 4 sessions. The first and second sessions were presented by the project international expert Dr. Nils Gentschen Felde – PhD in Computer Science and currently teaching at the University in Munich about IT- and Information Security, Networked systems, etc.
In the first session of the training, the expert introduced the Directive on security of network and information systems (NIS Directive). He explained about its structure and definition of Computer security incident response teams (CSIRTs). Dr. Felde also presented the topics on Information Security, Cryptography, Advanced Encryption Standards, Cryptographic checksums, LM Hashes, Electronic signatures.
During the second session Dr. Nils Gentschen Felde spoke about the ISO/IEC 27000 series– motivation, ISO/IEC 27000 certification scheme and the ISO/IEC 27000 series – overview. The expert outlined a definition of the Information Security Management System (ISMS) and its requirements, basic principles, ISO/IEC 27001 – structure, Risk Management, Information security policies, Human resource security, Access control, Cryptographic controls, Physical and environmental security, Operations security, Communications security, System acquisition, development and maintenance, Supplier relationships, Information security incident management, Compliance with legal and contractual requirements.
The first practical part of the training will finish by an exam, which is planned to be organized on the 19th of June 2020.
The next two more practical modules will be delivered on 22nd and 23rd of June 2020.
For more information, please contact: Saida Rovshenova – Communication and Visibility expert, e-mail: firstname.lastname@example.org.