
Why is Security Training Necessary?
With IoT security, knowledge is power. In fact, in our PSA Certified 2021 Security Report we found that 84% welcomed industry guidance on security best practice, and that only 77% were happy with the security expertise in their company, which sadly drops to 41% in small companies. With all that in mind, we think it’s more important than ever to provide up-to-date training on IoT security and PSA Certified, providing a frictionless path to secure products.
View the report-
77%
Only three quarters are satisfied with the level of security expertise within their company
-
47%
Under half of technology decision makers carry out a threat analysis in the design of every new product
-
41%
are satisfied with the level of security expertise within their company sized between 1 and 49 employees
Enter the PSA Certified Foundational Training Course which has been developed by the world-class training team at Arm, one of the PSA Certified co-founders. This training course has been designed for decision makers and architects to learn more about the PSA Certified scheme, why it’s important and how it can be used.
The PSA Certified Foundational Training Course is split into two chapters, which you can access below completely free of charge. You can also access this course (and many others) if you subscribe to Arm On-demand Total Access Training.
Chapter 1.1
Why PSA Certified
Chapter 1.1 has six short videos covering why PSA Certified is important. It also covers some of the key elements of the scheme including the three levels of PSA Certified and an introduction to the PSA Certified 10 Security Goals.
- Module 1.1.1 – The Internet of Things
- Module 1.1.2 – Security
- Module 1.1.3 – Trust
- Module 1.1.4 – The PSA Certified four stages
- Module 1.1.5 – PSA Certified 10 Security Goals
- Module 1.1.6 – PSA Certified certification levels
Chapter 1.2
PSA Certified 10 Security Goals
Chapter 1.2 covers a more in depth look at the PSA Certified 10 Security Goals. The PSA Certified 10 Security Goals is a foundational baseline for all connected devices to meet and provides a key component of PSA Certified Level 1 security certification.
- Module 1.2.1 – The PSA Certified 10 Security Goals
Chapter 2.1
Threat Modeling Overview
Chapter 2 introduces one of the most important aspects of security implementation: Threat Modeling. When we surveyed IoT decision makers we were shocked to hear that only 47% carry out a threat model for every new product. This is alarming as threat models are a key best practice resource to ensuring that security is implemented correctly.
This is precisely why we have covered threat modeling in our training course. There are many ways to do carry out Threat Modeling and in this module, we cover some of the key methodologies. There are four videos in this chapter.
- Module 2.1.1 – Threat modeling terminology
- Module 2.1.2 – Security model
- Module 2.1.3 – Threat modeling definition
- Module 2.1.4 – Threat modeling benefits
Chapter 2.2: Threat Modeling Methodologies
In chapter 2.2 we continue the threat modeling content, but this time exploring four key methodologies: NIST Cybersecurity Framework, STRIDE, DREAD and ENISA.
- Module 2.2.1 – Categories of threat modeling methodologies
- Module 2.2.2 – The NIST Cybersecurity Framework
- Module 2.2.3 – The STRIDE model
- Module 2.2.4 – The DREAD model
- Module 2.2.5 – Threats Classification (ENISA model)
Coming Soon: Additional Modules
Our training program is always expanding, and we’ll be adding some additional modules in Q2 2021 including:
- Chapter 1.3: Supporting standards and certification – an overview of how PSA Certified enables and relates to other security standards.
- Chapter 1.4: Applications and solutions – how PSA Certified can be applied to different industries.
Register to Access More Training Materials
Have you completed the PSA Certified foundational training course? Access more training on the Arm Training Platform.
If you have any comments or questions on the PSA Certified foundational training course, please contact online-training@arm.com.