Brief Intro to Singapore CCOP Master Class

Coming Soon.

placeholder text
SG CII Sectors under CCOP Standards

Who's this Course for?

For any executives, security and technology professionals that are part of the 11 sectors classified as Critical Information Infrastructure (CII), based in Singapore (SG), or serve clients (SIs, vendors or service providers) classified as CIIOs (Critical Information Infrastructure Owners), should be aware of Singapore Cyber-security Act 2018 and CCOP v2 revision 1 standards. Example roles include (but not limited to):

  • CISOs / Security Heads / Directors
  • Security Managers / Team Leads
  • CIOs / CTOs / Head of Technology
  • Infrastructure / Network Security
  • Systems / Database Administrators
  • IT Security Analyst / Engineers
  • OT Security Analyst / Engineers
  • Auditors / Compliance Professionals
  • Cybersecurity Consultants / Advisors
  • Cybersecurity Business Development,
  • Cybersecurity Presales/Sales Professionals.

What You'll Learn?

CCOP v2 Rev. # 1 coverage


This course gives you an overall overview of the background for act and the requirements that needs to be implemented within CIIO environment. Also highlights & covers all the recurring requirements for review and actions to be performed by CIIO.


This course covers the following areas:

  • Introduction & Background
  • Singapore CSA's Cybersecurity Act 2018
  • CSA's CII sectors and designation process matrix
  • CCOP v1 to v2 changes
  • Recurring Requirements for Review & Actions
  • Standards Requirements Explained (both IT & OT) with guidance on rationale, risks they address and example implementations:
  • Audit Requirements
  • Governance Requirements
  • Identification Requirements
  • Protection Requirements
  • Detection Requirements
  • Response Requirements
  • Recovery Requirements
  • Cyber Resilience Requirements
  • Training & Awareness Requirements
  • OT Security Requirements
  • Domain Specific Requirements.
  • Additional guidance and Artefacts available for CCOP.
  • Relevant additional professional trainings.
  • Reference materials and more.

For details checkout Securing Things Newsletter title SG CII CCOP v2 Overview.

SG CSA Act 2018 (CCOP v2 Revision #1)


Course covers background, goals of CSA's Cybersecurity Act, raise awareness and provide brief overview and guidance on the CCOP v2 requirements for CIIO and the major changes that have been introduced and its impact to stakeholders (IT & OT professionals & executives).

SG CII Designation & Sectors


Covers high-level view of the key entities / stakeholders involvement, their relationships, CII sectors, the designation process and their role & responsibilities for identifying, designating, operating/complying and supporting certain required activities related to CCOP.

CCOP Standard Requirements


Course covers all types of requirements covering domains and topics both from IT and OT cybersecurity controls from Audit, Governance, Identification, Protection, Detection, Response, Recovery, Cyber resilience, Training & Awareness, OT Security & Domain specific requirements.

Audit Requirements

This section includes:

  • Understand the rationale.
  • A walk-through of all Audit requirements within CCOP standards.
  • Recurring Requirements / Actions (if any).
  • Methodology / Approach.
  • Industry best practices.
Audit Requirements

Governance Requirements

This section includes:

  • Understand the rationale.
  • A walk-through of all Governance requirements within CCOP standards.
  • Recurring Requirements / Actions (if any).
  • Methodology / Approach.
  • Industry best practices.

Identification Requirements

This section includes:

  • Understand the rationale.
  • A walk-through of all identification requirements within CCOP standards.
  • Recurring Requirements / Actions (if any).
  • Asset Management Lifecycle.
  • Methodology / Approach.
  • Industry best practices.
Protection Requirements

Protection Requirements

This section includes:

  • Understand the rationale.
  • A walk-through of all Protection requirements within CCOP standards.
  • Recurring Requirements / Actions (if any).
  • Security of Users / access controls, Apps, databases, Network, & Endpoints, Active Directory, encryption etc.
  • Vulnerability Assessments.
  • Penetration / Simulation Testing.
  • Methodology / Approach.
  • Industry best practices.

Detection Requirements

This section includes:

  • Understand the rationale.
  • A walk-through of all Detection all requirements within CCOP standards.
  • Recurring Requirements / Actions (if any).
  • IT & OT/ICS Security Monitoring.
  • Methodology / Approach.
  • Industry best practices.
Detection Requirements
Response Requirements

Response Requirements

This section includes:

  • Understand the rationale.
  • A walk-through of all Response requirements within CCOP standards.
  • Recurring Requirements / Actions (if any).
  • Incident Response Plans, Procedures & Table Tops.
  • Methodology / Approach.
  • Industry best practices.

Recovery Requirements

This section includes:

  • Understand the rationale.
  • A walk-through of all all Recovery requirements within CCOP standards.
  • Recurring Requirements / Actions (if any).
  • Backup / Restores.
  • Disaster Recovery / Drills.
  • Methodology / Approach.
  • Industry best practices.
Recovery Requirements
Cyber Resilience Requirements

Cyber Resilience Requirements

This section includes:

  • Understand the rationale.
  • A walk-through of all cyber resilience requirements within CCOP standards.
  • Recurring Requirements / Actions (if any).
  • Methodology / Approach.
  • CISO, CIO, CTO's guidance on building a Cybersecurity Resilience Transformation Program.
  • Industry best practices.

Training & Awareness Requirements

This section includes:

  • Understand the rationale.
  • A walk-through of all Training & Awareness requirements within CCOP standards.
  • Recurring Requirements / Actions (if any).
  • IT Security Awareness.
  • OT Security Awareness.
  • Role based Awareness.
  • Security Awareness & Training Program elements.
  • Industry best practices.
OT Security Requirements

OT Security Requirements

This section includes:

  • Understand the rationale.
  • A walk-through of all OT Security requirements within CCOP standards.
  • Recurring Requirements / Actions (if any).
  • OT Security challenges, incidents, & attacks.
  • Secure OT network Architecture, coding, field controllers.
  • Methodology / Approach.
  • Industry best practices.

Domain Specific Requirements


This section includes:

  • Understand the rationale.
  • A walk-through of all Domain Specific requirements within CCOP standards.
  • Recurring Requirements / Actions (if any).
  • DNS Security (DNSSec) etc.
  • Methodology / Approach.
  • Industry best practices.

Annex A – Guidance For Strengthening Organisational Cybersecurity Posture


This section includes a walk-through of guidance on:

  • Secure By Design.
  • Cybersecurity Design Principles.
  • Threat Hunting.
  • DNS.
  • Industry best practices.


What You'll Get?

By attending & completing this course you'll get:

  • >8 hours of video training.
  • Dozens of reference material (both from CSA & other supported guidance).
  • Many other curated references.
  • Certificate of Completion.
  • Other special offer for related products.

Certificate Of Completion


Once you meet all the requirements and successfully completes an exam at the end of the course, you'll be receiving a certificate of completion.

The certificate will be valid until next major release of the SG CCOP standards or 3 years, which ever comes first.

Author/Instructor: M. Yousuf Faisal

(EMBA, B.E Electrical, ISA/IEC 62443 cybersecurity certified, CNSSP, ISO 27001 Lead Auditor, CISSP, CISM, CISA)


Bringing more than two decades of professional industry experience in technology & Cybersecurity, while working both at an end user environment and as a cybersecurity advisor / consultant (serving clients globally). Have experience building and growing GRC, PCI & OT / Emerging Tech consulting practices across APAC.

Am on a mission on helping individuals and organizations to secure their career & digital transformation journey and the future of smart things. Hope to see you within the Securing Things learners community. It's a great day to start Securing Things for a Smart & Safer Society.


LinkedIn https://www.linkedin.com/in/yousufzubairi

X - https://X.com/@SecuringThings

Course Curriculum


(Subject to Change)

The curriculum block is dynamic. As you add curriculum to your course, you'll see it automatically populate here.

EXAMPLE
Section Title

This course is closed for enrollment.

Securing Things Newsletter


Don't just stop here.


Subscribe to Securing Things Newsletter for continuing your IT, OT/ICS, IIOT, IOT and AI Cybersecurity learning journey further, all year long.

Related Products


In addition to the SG CCOP standard overview course, following list of courses, provides additional cybersecurity trainings to IT/OT Practitioners.


Below courses also address compliance requirements related to role based IT and OT Cybersecurity trainings.

IT & OT/ICS CySEAT Professional

IT and OT/ICS CySEAT (Cyber Security Education and Awareness Training) for practitioners responsible for building, running, and managing an IT and OT/ICS Cybersecurity Program for industrial environments (e.g. manufacturing / critical infrastructure etc.).

M. Yousuf Faisal

M. Yousuf Faisal

PLEASE READ CAREFULLY


Due to the digital nature of our products and services, we do not offer any refunds or returns for any reason.

By enrolling in any of our products (courses, digital download, services etc.), you agree to accept following terms in addition to Terms of Use.

NO WARRANTIES, REPRESENTATIONS, GUARANTEES

The company (STA or School or Author) gives no warranties with respect to any aspect of the program or any materials related thereto or offered in connection with the program and, to the fullest extent possible under the laws governing these terms of service, disclaims all implied warranties, including but not limited to warranties of fitness for a particular purpose, accuracy, timeliness, and merchantability.

By purchasing the program, you accept, agree, and understand that you are fully responsible for your progress and results from your participation and that we offer no representations, warranties, or guarantees verbally or in writing regarding your future earnings, security of your business or its profit, marketing performance, audience growth, or results of any kind.

The company does not guarantee that you will get any results using any of our ideas, tools, strategies, or recommendations, and nothing in our program is a promise or guarantee to you of such results. Information provided about or in the program is subject to change.

Company makes no representation or warranty that the information provided, regardless of its source, is accurate, complete, reliable, current, or error-free. company disclaims all liability for any inaccuracy, error, or incompleteness in the program.


LIMITATION OF LIABILITY

You agree that under no circumstances will the company be liable for any indirect, special, consequential, or punitive damages (including lost profits) arising out of or relating to these terms of service or the transactions it contemplates (whether for breach of contract, tort, negligence, or other form of action) and irrespective of whether the company has been advised of the possibility of any such damage. In no event will the company’s liability exceed the price you actually paid to the company for the program.