Cyber Security Training for Management
Introduction
Define information security, threats, vulnerabilities, exploits, and other relevant terminology.
Developing a Security Policy
Define steps to create information security high-level policy document that overview security for the entire organization. Also overview the plans and procedures documents that would be a supporting part of the policy.
Risk Management: Identifying, Assessing, and Controlling Risk
Define risk and its associated terminologies. Overview the steps of a risk assessments and its associated business functions such as a business impact analysis and cost-benefit analysis. Outline how to create and read reports associated to risk management. Provide the framework for understanding the different types of risk controls and their functions.
Business Continuity Planning and Disaster Recovery Planning
Define the BCP and DRP processes. Provide basis to understand importance of availability of services provided by the organization. Outline the processes to keep a business functional during normal business operations and disaster events.
Laws and Ethics
Overview of important laws and regulations relating to information security (HIPPA, FERPA, ISO, etc). Outline of important terms such as patents, trademarks, trade secrets, and copyrights. Provide ethical suggestions for information security best practices.
Protection Mechanisms and Mitigation Techniques
A capstone to apply the learning in the lecture to real life situations. Discussion of mechanism such as physical controls, technical controls, and administrative controls that provide mitigation of security risks. Provide understanding of realtime threats such as phishing, social engineering, and malware.
Justin Hensley is the Network Director for the Department of Information Technology and Professor for the School of Computer and Information Sciences in the Division of Information Services at University of the Cumberlands. A 10 year veteran of the information technology and security field, Justin is responsible for all network services and datacenters at both university campuses. He also teaches a number of undergraduate and graduate courses including Network Security, Risk Management, Operations Security, and Hardware and Architecture. Justin has a BS in Computer Information Systems and Business Administration, a MBA, and a MS in Information Systems Security. He is currently working on a PhD in Leadership with an emphasis in cybersecurity and holds several certificates, including the Certified Information Systems Security Professional (CISSP). Justin resides in Williamsburg, Kentucky, with his wife and three boys.