To be successful, cybersecurity practitioners require an understanding of many technology disciplines. The first part of the course will cover vulnerabilities and weaknesses of software and hardware environments that must be secured. The second part of the course will focus on the frequently overlooked and often weakest element of securing data and systems: the human element. A vast majority of successful hackers use social engineering rather than technical attacks. Common social engineering tactics, including pretexting, phishing, baiting, hackers, rogue employees, industrial and spies will be discussed. The course will also include a variety of case studies of successful social engineering.
Note: This class will follow the pattern of SCAN/FOCUS/ACT. That is, we will start by scanning a particular topic (e.g., cyber risk) at a high level and then focus on specific aspects of risk to study in more detail. After gaining a comprehensive understanding of the risk, we will develop an action plan that combines both risks and vulnerabilities components. The Group activities defined below apply to the entire class as a single group. Some activities will be performed by Teams, which will be subsets of the Group. Attendees will participate in several different Teams throughout the course. Teams are not static.
Upon completion of this course, students will be able to:
- Understand the major types of threats and vulnerabilities in current systems (Scan)
- Explain the methods of risk assessment (Scan)
- Describe the major threat actors (e.g., hacktivists, nation-states, insiders) and their motivations to attack (Focus)
- Define the major vulnerabilities exploited by the threat actors (Scan)
- Develop a high level plan to train users to minimize a specific risk or vulnerability (Act)
NotesThis course is an open enrollment course. No application is required and registration is available by clicking "Add to Cart." Current students must register with their Georgetown NetID and password. New students will be prompted to create an account prior to registration.
Applies Towards the Following Certificates
- Certificate in Cybersecurity Strategy : Required