IIBA - CCA Certificate in Cybersecurity Analysis Training

Overview

This intensive experiential training program delivered by one of the co-authors of the CCA certification, prepares participants for the IIBA Cybersecurity Analysis (CCA) certification. Designed specifically for professionals looking to bridge the gap between business analysis and cybersecurity, the course provides comprehensive insights into cybersecurity concepts, practices, and the role of a Business Analyst in supporting a robust security posture.

Why is this different to other training providers?

Our program goes beyond typical certification preparation. We focus on real-world application and exam success. Here’s what sets us apart:

  • Comprehensive Certification Readiness: Gain all the knowledge required to confidently pass the IIBA® CCA exam.

  • Live, Interactive Sessions: This is not a recorded video course. Engage directly with expert instructor, ask questions in real time, and discuss concepts.

  • Guaranteed Exam Success with 3+ Practice Questions: Reinforce your learning with a robust question bank designed to help you achieve guaranteed pass results.

  • Business Analysis & Cybersecurity Framework Overview: Get an overview of the framework designed for cybersecurity-focused business analysis.

  • Holistic Cybersecurity Integration: Get an overview on how to seamlessly embed cybersecurity principles within your day-to-day business analysis practices.

  • Ready-to-Use Templates: Access practical templates you can immediately apply in your BA work, extended to include cybersecurity considerations.

  • Exclusive Author Insights: Benefit from unique perspectives and insider guidance to strengthen your practical integration skills.

  • Real-World Case Studies: Explore case studies based on authentic cybersecurity and business analysis scenarios.

  • Proven Tips & Techniques: Learn field-tested methods and best practices from experienced industry experts.

Who Should Attend?

·        Business Analysts or those who are using BA skills seeking to educate in cybersecurity.

·        Professionals preparing for the IIBA CCA certification.

·        Project Managers, Product Owners, or Stakeholders involved in cybersecurity-related projects.

·        IT professionals transitioning to roles involving cybersecurity.

Course Objectives

By the end of this course, participants will be able to:

·        Understand key cybersecurity concepts and terminologies.

·        Align business analysis practices with cybersecurity requirements.

·        Analyse and address cybersecurity risks using BA techniques.

·        Collaborate with cybersecurity teams to implement effective controls.

·        Prepare confidently for the IIBA CCA certification exam.

Contents

  • 1.1 IIBA and IEEE Perspective: Overview of Concepts and Approach to Improving Cybersecurity 1

    1.2 Importance of Security 5

    1.3 IT Functions & Roles 9

    1.4 IT 101 - 1: The Pieces 14

    1.5 IT 101 - 2: Using & Managing the Pieces 18

    1.6 IT 101 - 3: Advancement 24

    1.7 The Role of Business Analysis in Cybersecurity 28

    1.8 Governance Perspectives of Cybersecurity 32

  • 2.1 Security Accountability 39

    2.2 Cost of Securing an Organization 42

    2.3 Outsourcing for Cybersecurity Expertise and Services 45

    2.4 Risk Tolerance 48

    2.5 Compliance 50

    2.6 Best Practices and Benchmarking 54

    2.7 Data Privacy 56

    2.8 Data Privacy Nuances 59

    2.9 Digital Rights Management (DRM) 62

    2.10 Audit – Internal and External 65

  • 3.1 Risk Management & Control Assurance Framework 71

    3.2 Organizational Risk Assessment 74

    3.3 Risk Analysis: Threat Risk Assessments 77

    3.4 Risk Analysis: Vulnerability Assessments 80

    3.5 Business Case Development 83

    3.6 Disaster Recovery and Business Continuity 86

  • 4.1 Understanding Security Controls and IT Risk: Part 1 91

    4.2 Understanding Security Controls and IT Risks: Part 2 94

    4.3 CIA Triad 98

    4.4 Applying Controls 102

    4.5 Cybersecurity Threats: Part 1 106

    4.6 Cybersecurity Threats: Part 2 112

    4.7 Cybersecurity Vulnerabilities: Part1 115

    4.8 Cybersecurity Vulnerabilities: Part 2 118

    4.9 Adverse Impacts 123

    4.10 Risks and Controls – Putting It All Together 127

  • 5.1 Physical Security 137

    5.2 Endpoint Security 140

    5.3 Network Security: Security Architecture 142

    5.4 Network Security: Firewalls 145

    5.5 Network Security: Anti-Virus/Anti-Malware 148

    5.6 Network Security: Segregation 150

    5.7 System Security: Servers 152

    5.8 Platform Security 155

    5.9 Product Security: Threat Models 158

    5.10 Product Security: Embedded Systems 161

    5.11 Product Security: Internet of Things 163

  • 6.1 Data Security At Rest: Information Classification & Categorization 167

    6.2 Data Security In Transit: Encryption and Keys 170

    6.3 Data Security In Transit: SSL/TLS 173

    6.4 Data Security In Transit: Digital Signature and Identification 175

  • 7.1 Directory Management 181

    7.2 Authorization 185

    7.3 Authentication and Access Control 188

    7.4 Privileged Account Management 192

    7.5 Users and Security Awareness 195

  • 8.1 SDLC and Solution Security Planning 199

    8.2 Requirements and Security Engineering 202

    8.3 Requirements and Solution Development 205

    8.4 Solution Security: Applications 208

    8.5 Solution Security: Databases 211

    8.6 Solution Security: Web 214

    8.7 Change Impact Analysis 217

  • 9.1 Incident Response, Recovery, and Remediation 223

    9.2 Metrics and Reporting 228

    9.3 Risk Logging and Mitigation Tracking 231

    9.4 Operational Risk Ownership 234

    9.5 Computer Forensics: SOC, SIEM 236

    9.6 Future Proofing your Security Posture 239

Exam Preparation:

  • Mock test, review of key concepts, tips, and strategies for the IIBA CCA exam.

Course Format

  • Interactive lectures and experiential learning.

  • Hands-on activities and group exercises.

  • Real-world case studies and scenarios.

  • Mock tests and guided exam preparation sessions.

Prerequisites

  • Basic understanding of business analysis concepts.

  • Familiarity with cybersecurity fundamentals is helpful but not mandatory.

  • Computer with camera, mic, speaker and high speed internet connectivity that supports seamless audio and video capabilities.

  • Mandatory pre-reading material will be sent to prepare you for the training.

Duration:

  • 2 Days (8 hours/day)

  • 4 Half Days (4 hours/day)

Delivery:

  • Virtual live sessions

Instructor Profile

  • The course is led by one of the co-authors of the IIBA CCA  Certification, author of the book “Cybersecurity and Business Analysis” published by BCS The Chartered Institute for IT.

Available Dates

4 Half Days:

  • Jan 19th from 2 – 6 pm UK time

  • Jan 20th from 2 – 6 pm UK time

  • Jan 21st from 2 – 6 pm UK time

  • Jan 22nd from 2 – 6 pm UK time

2 Full Days:

  • Jan 29th & 30th 9 - 6 pm UK time

Purchase here
Next

Cybersecurity Foundation Workshop for Business Analysts