Cybersecurity Management

Access control design and implementation (identification, authentication, authorization, auditing, MFA, permissions management)

Encryption (symmetric, asymmetric, hashing, key management, industry standards)

Physical security (facility security, media control, tamper-proofing, media tracking/remote destruction)

Data loss prevention, phishing protection, email protection, mobile device management, human error management

Students will understand and apply the fundamentals of security management and leadership:

Security program design and implementation (requirements gathering, program development/management, policy development)

Security risk management (analysis, remediation plans, alignment with other business goals)

Security culture creation and leadership (cost-benefit analysis, communicating with executives and the board, training and awareness, championing security within the company, ethics, gaining trust, working with legal)

Compliance with regulations (standards, audit, remediation, documentation)

Data breach management (investigation, eDiscovery, forensics, reporting, legal aspects)

Students will understand the proper management of vulnerabilities:

Secure software development (OWASP, DevSecOps, coding standards, static/dynamic testing tools)

Vulnerability scanning, penetration testing and patching

Reducing human and process vulnerabilities (social engineering, data exfiltration, errors/accidents, data flow analysis)

Students will understand the proper protection of information systems from network-based threats:

Network security (firewalls, IDS/IPS, threat hunting, NAT, VPNs, TLS/SSL, AI applied to traffic analysis)

Network-based threats and prevention (remote exploits, malware, phishing, etc.)

Security operations center design and implementation (SIEM, anomaly detection, alerting, incident response