Success in the cybersecurity field requires not only technical knowledge, but also an understanding of the relevant human, organizational, and legal issues. This course will develop the knowledge and skills necessary to design a cybersecurity strategy, including people, process, and technology, in a complex organization. While the course will address global issues, particular emphasis will be placed on legal and regulatory frameworks affecting local organizations, such as FISMA and HIPAA. Topics will include the components of an information security program; information security metrics and demonstrating return on investment; information security policy, risk-based cybersecurity business decision making; legal and regulatory frameworks (PCI, HIPAA, SOX, GLBA, FISMA, EU Data Privacy, etc); information security standards (NIST 800-53, ISO 27001); incident response, crisis management, & business continuity; the impact of organizational culture on cybersecurity; communications; privacy; and ethics.
Upon completion of this course, students will be able to:
- Design, communicate, and execute a cybersecurity strategy
- Manage public relations for a successful cybersecurity strategy
- Identify the legal and regulatory requirements relevant to an organization
- Prepare response plans for a variety of foreseeable incidents
- Understand the common obstacles in a complex organization to effective execution of a cyber security strategy.
- Discuss important ethical and stakeholder issues in cybersecurity
NotesThis course is an open enrollment course. No application is required and registration is available by clicking "Add to Cart." Current students must register with their Georgetown NetID and password. New students will be prompted to create an account prior to registration.
Applies Towards the Following Certificates
- Certificate in Cybersecurity Strategy : Required