Information Security and Compliance
This course covers key topics in Information Security, Privacy and Compliance. In an era of cheap computing in the cloud, unprecedented attacks from professional hackers and nation-state actors and stricter regulatory enforcement, balancing the needs of the enterprise while keeping its digital assets safe has become more challenging than ever.
The course will cover the basic topics of information security from both Policy and Technical perspectives and will also address the soft skills needed to become an information security executive and build a security mindset. Course concepts will include cost vs. risk balancing and risk-based decision making, administrative and technical methods for security, privacy and compliance, Privacy regulations and IT compliance.
Upon completion of the course, students will be able to:
1. Understand the primary drivers for Information Security, Privacy and Compliance and evaluate the enterprise's posture on these three criteria.
2. Develop a risk-based approach to information security, privacy strategies and a compliance regime
3. Describe threats to information security and privacy, and identify methods, tools and techniques for remedying those threats
4. Understand Availability and Incident response processes
5. Describe the essential parts of policy development and gain the ability to write effective policies
6. Gain an understanding of current privacy and compliance regulations and future directions
7. Identify the key elements of building an effective security, privacy and compliance practice that will address personnel and budgetary issues.