This course introduces common technological and organizational measures for cybersecurity, with a focus on protection concepts. Students assess the organizational impacts of security measures, and explore how best practices, standards, and organizational policy can help manage such measures. Topics include identity management, authentication, access control, data and system security and availability, encryption, integrity mechanisms, system maintenance, and continuity of operations. Note that we do not focus on how to technically implement these security systems.
With successful completion of this course, students are able to: 1. Identify common technological and organizational measures for cybersecurity (focus: protection & preparedness concepts). 2. Explain and give examples of the roles of best practices and standards in the design and implementation of such security measures. 3. Explain the functional and organizational advantages and disadvantages of these measures, including impacts from their interaction. 4. Assess the limitations of these security measures in the contexts of organizational change and dynamic threats, flawed technology, and flawed organizational policies and practices.