I completed my SABSA Foundation training, passed the exam and earned the.SABSA Chartered Security Architect credential.
SABSA is a proven methodology for developing business-driven, risk and opportunity focused Security Architectures at both enterprise and solutions level that traceably support business objectives. It is also widely used for Information Assurance Architectures, Risk Management Frameworks, and to align and seamlessly integrate security and risk management into IT Architecture methods and frameworks.
SABSA is comprised of a series of integrated frameworks, models, methods and processes, used independently or as an holistic integrated enterprise solution, including:
- Business Requirements Engineering Framework (known as Attributes Profiling)
- Risk and Opportunity Management Framework
- Policy Architecture Framework
- Security Services-Oriented Architecture Framework
- Governance Framework
- Security Domain Framework
- Through-life Security Service Management & Performance Management Framework
In the face of cyber attacks managing to breach industries as diverse as multimedia giants, global retailers and online social networks, the importance of securing our personal information has never been more in the spotlight. The growing demand to address these risks has been recognized across the information security field, and I was recently given the opportunity to participate in the launch of my firm’s own global privacy service line.
During this launch, I was lucky enough to meet many experienced privacy practitioners from all over the world, including New Zealand, South Africa, Japan and the USA. These security professionals generously shared their insights with me, based on their diverse experiences and individual challenges. Interestingly, I discovered that although privacy legislation varies country-by-country, the basic principles remain the same.
I was able to attend multiple interactive workshops, in which I learned how to perform privacy impact and maturity assessments. The week concluded with the IAPP Foundation and other certifications.
The experience I gained with data protection laws and the knowledge I obtained during these training sessions helped me to successfully obtain the Certified Information Privacy Manager and Certified Information Privacy Technologist credentials. These certifications will allow me to demonstrate my knowledge and skills and bring value to this truly exciting security arena.
In my previous post I discussed free online courses in information security. Here I would like to share a few more resources.