This 16-hour Information Security training class is targeted for newly appointed or dual-roled (your primary job + security) security professionals within a Small or Medium Business (SMB) or similar sized organization.
SMBs and organizations face unique challenges in Information Security yet are often presented with solutions that may be out of reach due to cost, time, and staffing. We believe Information Security should be accessible and achievable by any organization, regardless of their size.
Instructor: Rich Fifarek and Bob Hewitt
Course Length: 16 Hours
Tuition: 1-Year Access $225 USD
Lifetime Access $575 USD
This page is for the On-Demand version of this course. Please check our Live Events Calendar for any live presentations of this class currently scheduled.
This course will walk the student through real-world examples, demonstrating how to prevent and defend against these threats, utilizing widely adopted frameworks, while focusing on simpler and more affordable solutions.
The course includes a virtual machine image for hands-on exercises that will contain tools that participants may utilize in their environments after the class.
- Attack trends and challenges related to SMBs
- Navigating security culture
- Internal assessments
- Compliance and privacy obligations
- User, E-mail, and Technical Controls
- Hands-on exercises
Who Should Take This Course
Those beginning their Information Security journey within an SMB or similar sized organization.
Audience Skill Level
People new to information security.
- Stable Internet access
- x86 architecture CPU clocked at 2 GHz or higher that is capable of nested virtualization
(Apple Silicon is currently not supported)
- A computer with at least 8 GB of RAM. 16 GB is recommended
- VMWare Workstation or VMWare Fusion
(VirtualBox and other VM software is not supported)
- Windows 10/11, MacOSX+, or a currently supported Linux Distribution
- Full Administrator/root access to your computer or laptop
What Each Student Should Bring
The above computer and a smile!
What Students Will Be Provided With
- Slide deck and links to all the material and tools needed with instructions
- VMs with all labs
- Access to two Discord channels for the course
About Our On-Demand Courses…
Learn at your own pace with access to course content, lectures, and demos in the Antisyphon On-demand learning platform. Many courses are offered with lifetime access to the course and content updates. On-demand courses include content update alerts, access to dedicated support channels in the Antisyphon Discord server, a certificate of completion, and complimentary access to the Antisyphon Cyber Range*.
* Cyber Range access and other course features may vary from course to course. See the specific details for each course on its registration page.
Trainer & Author
Bob Hewitt has been active in information security since 1994. He began his career as a Network Engineer in the United States Air Force and was first introduced into information security when he discovered malicious activities against the infrastructure he was managing. He continued on in various technical roles and eventually became a Lead Information Technology Instructor. For the past 16 years, he has been the CISO for a Software as a Service provider that provides services to charitable foundations and financial institutions and oversees program management, compliance, SOC operations, penetration testing, and privacy. He has also advised numerous organizations on beginning and managing their information security programs and is a frequent presenter on varying topics at information security and financial industry conferences.
He is an advocate that defenders must be capable of blue team functions as well as red team to be successful and maintains the GSEC, GCIH, GPEN, GWAPT, CISSP, and other security and privacy certifications. After 25 years in Information Security, Bob is a firm believer that to be successful we must evolve with the threat landscape by continuing to learn.
Richard Fifarek’s passion for computers started in middle school, furthering his education and leading him to his career in technology. He started with tech support in college, instilling in him a customer-focused approach to technology. From there, he progressed to systems and network administration, and eventually information security in a variety of tech start-ups, academia and large federal organizations. For Richard, security is just a natural extension to creating reliable systems and networks that organizations rely upon.
Growing up in a family of educators, Richard believes in life-long learning. He has a BS in Computer Science, has taken many SANS courses over the years, and continues to seek out new data, methods, and research on information security risk management. Richard is previously a SANS instructor who has led classes in SEC401, SEC504, SEC506, FOR508, and SEC560, as well as previously the CISO at SANS. Richard is currently the Director of IT Security at a fin-tech firm.