Compare courses
Register
School of Continuing Studies

XBUS-602 Leadership and Strategy in Cybersecurity

Add course to comparison
This course has no confirmed dates in the future. Check out relevant courses from other schools.

Relevant courses

Course format
Max price
Starting after
Ending before

Description

Course Details

Success in the cybersecurity field requires not only technical knowledge, but also an understanding of the relevant human, organizational, and legal issues. This course will develop the knowledge and skills necessary to design a cybersecurity strategy, including people, process, and technology, in a complex organization. While the course will address global issues, particular emphasis will be placed on legal and regulatory frameworks affecting local organizations, such as FISMA and HIPAA. Topics will include the components of an information security program; information security metrics and demonstrating return on investment; information security policy, risk-based cybersecurity business decision making; legal and regulatory frameworks (PCI, HIPAA, SOX, GLBA, FISMA, EU Data Privacy, etc); information security standards (NIST 800-53, ISO 27001); incident response, crisis management, & business continuity; the impact of organizational culture on cybersecurity; communications; privacy; and ethics.

Course Objectives

Upon completion of this course, students will be able to:

  • Design, communicate, and execute a cybersecurity strategy
  • Manage public relations for a successful cybersecurity strategy
  • Identify the legal and regulatory requirements relevant to an organization
  • Prepare response plans for a variety of foreseeable incidents
  • Understand the common obstacles in a complex organization to effective execution of a cyber security strategy.
  • Discuss important ethical and stakeholder issues in cybersecurity
Show more
MIT Professional Education

Applied Cybersecurity

Add course to comparison

Next dates

Jun 17—21
5 days
Cambridge, Massachusetts, USA
USD 6000
USD 1200 per day

Unsure if this course is right for you? Connect with our experts to get unbiased course recommendations.

Schedule a call

Description

n today’s world, organizations must be prepared to defend against threats in cyberspace. Decision makers must be familiar with the basic principles and best practices of cybersecurity to best protect their enterprises. In this course, experts from academia, the military, and industry share their knowledge to give participants the principles, the state of the practice, and strategies for the future.

Sessions will address information security, ethical and legal practices, and mitigating cyber vulnerabilities. Participants will also learn about the process of incident response and analysis. The content is targeted at ensuring the privacy, reliability, and integrity of information systems.

The majority of the course (about 75%) is geared toward participants at the decision-making level who need a broad overview, rather than those who are already deeply immersed in the technical aspects of cybersecurity (software development, digital forensics, etc.), although both groups will find the course valuable.

Cybersecurity is a very large subject, and therefore this course is only intended to cover the basics of the current leading and pressing cybersecurity topics. The result is that we can cover many different approaches. We cover the introduction of a topic and after the fundamentals, you can explore further on your own. The goal is for participants to understand the utility of each topic, not to become specialists in any one subject.

PARTICIPANT TAKEAWAYS

The participants of this course will be able to:

  • Secure both clean and corrupted systems, protecting personal data, securing simple computer networks, and safe Internet usage
  • Understand key terms and concepts in cyber law, intellectual property and cyber crimes, trademarks and domain theft
  • Determine computer technologies, digital evidence collection, and evidentiary reporting in forensic acquisition
  • Incorporate approaches to secure networks, firewalls, intrusion detection systems, and intrusion prevention systems
  • Examine secure software construction practices
  • Understand principles of web security
  • Incorporate approaches for incident analysis and response
  • Incorporate approaches for risk management and best practices

PROGRAM OUTLINE

Please note that the exact nature and order of the topics is subject to change.

Introduction to Information Security Fundamentals and Best Practices

  • Protecting Your Computer and its Contents
  • Securing Computer Networks--Basics of Networking
  • Compromised Computers
  • Secure Communications and Information Security Best Practices
  • Privacy Guidelines
  • Safe Internet Usage

Ethics in Cybersecurity & Cyber Law

  • Privacy
  • Intellectual Property
  • Professional Ethics
  • Freedom of Speech
  • Fair User and Ethical Hacking
  • Trademarks
  • Internet Fraud
  • Electronic Evidence
  • Cybercrimes

Forensics

  • Forensic Technologies
  • Digital Evidence Collection
  • Evidentiary Reporting

Network Assurance

  • Layered Defense
  • Surveillance and Reconnaissance
  • Outsider Thread Protection

Secure Software & Browser Security

  • Software Construction
  • Software Design and Architecture
  • Software Testing
  • Methodologies
  • The New Universal Client
  • The Web Model
  • Cookies and Browser Storage
  • HTML5 Security

Business Information Continuity

  • Managing a Business Information Continuity Plan
  • Vulnerabilities and Controls
  • The Law and Business Information Continuity Plan
  • Information Risk Management
  • Asset Evaluation and Business Impact Analysis
  • Risk Identification
  • Risk Quantification
  • Risk Response Development and Control
  • Security Policy, Compliance, and Business Continuity

Cyber Incident Analysis and Response

  • Incident Preparation
  • Incident Detection and Analysis
  • Containment, Eradication, and Recovery
  • Proactive and Post-Incident Cyber Services

Who should attend

Seventy-five percent of the course is geared toward providing a basic framework for professionals making cybersecurity decisions in industry and government and individuals seeking to immerse themselves in the pressing issues of cybersecurity, giving them the information they need to make the best decisions for the defense of their organizations. About a quarter of the course covers more technical areas of interest to people with more engineering-focused backgrounds, such as software developers or those working in digital forensics. Although those with a computing background would be better prepared for the more technical topics, an engineering or computing background is not required to benefit from any of the sessions.

Show more