Cyber Security & Risk Management (Foundational)
Course Overview
This course is industry-focused and career-oriented. It is intended to prepare the students for a cyber security and risk management profession and career. Cyber security and risk management professionals are much sought after since the skills required are interdisciplinary combining business, technology, and risk management skills.
The course will be delivered in two levels- Foundation Level & Advanced.
- Foundation course (28 hours) covers the broad spectrum of cyber security. It introduces the student to cyber security and risk management concepts and professional practice.
- Advanced Level course (32 hours) will provide hands-on practice, with lab exercises, assignments, and project work. Students will have access to MIIM’s cyber security lab hosted in the AWS cloud. The Labs will supplement the lectures to provide a unique learning experience.
These courses will lay the foundation for the students to earn professional certification CISSP later as the professional certification requires five years of professional practice and experience. The course will also help the students to jump-start their career in cyber security.
Foundation Course
The following topics will be covered in the lectures and will include case studies:
Course Overview – Cyber Security Overview -Cyber security and risk management concepts – (1 hour)
RISK and RISK MANAGEMENT
Technology and business risks (2 hours)
Threats and Threat Modeling including Cloud and Mobile Computing and Threats to critical infrastructures (1 hour)
Risk management and risk assessments – qualitative and quantitative assessments – the FAIR model & Risk Lens (4 hours)
CONTROLS – PREVENTIVE, DETECTIVE
Information security standards ISO 2700x (1 hour)
control frameworks NIST SP 800-53A, NIST CSF (2 hours)
Communication and network security (2 hours)
Operating systems system security (2 hours)
database security including Cloud security (2 hours)
Web application vulnerabilities & OWASP (2 hours)
INCIDENT RESPONSE AND MANAGEMENT
Cyber security incident management (2 hours)
Business continuity and disaster recovery (2 hours)
REGULATORY COMPLIANCE
Infosec regulations and compliance: GDPR, SOX, HIPAA, GLBA, IT Act 2000, (India), Privacy Regulations (2 hours)
INFOSEC CAREER AND REQUIRED SKILLS
Information Security & Information Systems professional certifications CISSP, CISA, CISM, CRISC, CSX and cyber security /risk management career (1 hour)
Required Skills and Competencies: Technical, Business, and Soft skills (Written and Verbal Communication and Behavioral Skills, Analytical Skills and Critical Thinking, Learning on the fly. (2 hours)
Advanced Level:
Lab exercises
Ethical Hacking, Firewalls, IDS/IPS, Operating System scans, Network penetration testing, application vulnerability scans, secure coding Lab Exercises
Assignments and project work (illustrative, not exhaustive)
1. Analysis of a cyber security incident
2. Underground hacker economy
3. Online financial frauds
4. Social media traps
5. End-User Security
6. Risk and Threat Analysis for an application or device
Intended students/participants
Students of MBA (Systems), MCA, B.Tech, M.Tech
Course Features
- Lectures 20
- Quizzes 0
- Duration 50 hours
- Skill level Foundational
- Language English
- Students 1
- Certificate No
- Assessments Yes
-
Course Overview
-
RISK and RISK MANAGEMENT
- Technology and business risks (2 hours)
- Threats and Threat Modeling including Cloud and Mobile Computing and Threats to critical infrastructures (1 hour)
- Risk management and risk assessments – qualitative and quantitative assessments – the FAIR model & Risk Lens (4 hours)
- Information Security Standards ISO 2700x
- NIST Cyber Security Framework (CSF), NIST control framework SP 800-53A
-
CONTROLS - PREVENTIVE, DETECTIVE
-
INCIDENT RESPONSE AND MANAGEMENT
-
REGULATORY COMPLIANCE
-
INFOSEC CAREER AND REQUIRED SKILLS
