A. Centrality to institutional mission statement and planning priorities:

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "A. Centrality to institutional mission statement and planning priorities:"

Transcription

1

2 SANS Technology Institute Program Proposal for a Substantial Modification Master of Science in Information Security Management May, 2014 A. Centrality to institutional mission statement and planning priorities: 1. Provide a description of the program, including each area of concentration (if applicable), and how it relates to the institution s approved mission. The program leading to a Master of Science in Information Security Management (MSISM) is a 36 credit hour, graduate level program comprised of an integrated mix of technical and management courses, research, projects, assessments, and simulations that progressively develop the capabilities required lead and manage information security teams. It was initially established and approved by the Maryland Higher Education Commission in The program is designed to be completed in three years by full-time, working professionals who have at least a year or more of experience in information technology, information security, or audit. It is not meant as an introduction to the information security field, but as a program that will advance the capabilities and careers of individuals who are employed already in the field. Students are often supported in the program by their employer and most expect to stay employed by their current employer after graduation. While the program cannot be completed entirely at-a-distance, most of the courses are offered in multiple formats, allowing an individual student the option to take more than 50% of the program at-a-distance using one or more of our online modalities, or, conversely, to take 50% or more of the program via instruction provided at our in-person residential institute events. The formal Mission of the SANS Technology Institute is: The SANS Technology Institute develops leaders to strengthen enterprise and global information security. The SANS Technology Institute educates managers and engineers in information security practices and techniques, attracts top scholar-practitioners as faculty, and engages both students and faculty in real-world applied research. The formal Vision of the SANS Technology Institute is: The SANS Technology Institute aspires to be the preeminent graduate institution translating contemporary information security practice and scholarship into effective educational experiences. Our graduates will be highly valued because they design stateof-the-art, enterprise-level cyber defenses, champion the adoption of those defenses, and manage their implementation and ongoing operation. In so doing, STI will:

3 1. Enable private and public sector enterprises of the United States and its allies to preserve social order and protect their economic rights and military capabilities in the face of cyber attacks; 2. Provide the national defense establishment, critical industries, businesses and government agencies with information security engineers and managers who have the most current and critical knowledge and skills needed to respond effectively to the evolving cyber attack landscape; and, 3. Perform leading-edge research that continually identifies current best practice and enhances the state of the art in the practice of information security. The MSISM program therefore fits directly within the focused mission of the SANS Technology Institute in developing managers of information security groups and technically knowledgeable professionals who can effectively lead information security technology programs. The Master of Science in Information Security Management (MSISM) Program is designed to accelerate the development of information security managers by providing practical experience that can be applied immediately on the job. Students learn from the industry experts how to see the world from an attacker s view, audit information systems, assess legal implications of an incident, and develop risk-based secure enterprise-level solutions that enable an organization s business processes to function in spite of the increasing threat presence. In addition to developing hands-on technical skills, the program emphasizes the development of communication and leadership skills that will improve the student s ability to implement information security solutions within their organization. This proposal is the result of modifications we seek to make to the existing MSISM program that will enable us to manage students and the curriculum more effectively. We make these modifications to the program as a direct result of the outcomes of our accreditation self-study, part of which identified the issues we were having managing students given the fragmented nature of their program requirements. As a simple example, our prior curricula had awarded credits when a graduate student completed three separate course requirements, but each of these elements was paid for individually and not required to be completed in a set timeframe. Oftentimes, students would complete certain requirements swiftly while other requirements were left unaddressed for long periods of time. In order to address such fragmentation, we decided to reformulate how we present and manage our master s programs, the most significant artifact of which is an entirely new course numbering system that often just places these separate elements under a single course name, syllabus, and time requirement. If evaluated from the perspective of work done by the students, these modifications do not appear to exceed 33% of the program. However, because we have reanalyzed our intended program and course learning outcomes and adjusted all course names to accommodate a tight integration of related work into named and aggregated courses, the impact on our ability to manage student progress has been profound. The work itself has not changed by much, but how we now manage student progress has changed substantially. The modifications made to the MSISM program have not changed the program intent, or the relationship with institutional mission. Rather, revisions made to the MSISM program have strengthened the program and further enabled STI to continue to meet our mission.

4 To contextualize the nature of the curriculum changes we have included four examples below, with commentary. Curriculum v2.0 July, 2010 Curriculum v3.0 April, 2014 Name: MGT 512: SANS Security Name: ISM 5100: Enterprise Leadership Essentials For Managers with Information Security Knowledge Compression, GIAC GSLC Gold Course elements: - MGT 512 class instruction, - GSLC exam - GSLC Gold Paper Course elements: - MGT 512 class instruction, - GSLC exam - GSLC Gold Paper 4 credit hours 4 credit hours Summary of changes: This is the most typical of the changes made to the course names under the newest curriculum, relative to the student work required in the curriculum from As shown, none of the work requirements for this group of activities changed. In the past, each course element could be engaged individually with no temporal relationship required between them. In the new curriculum, these activities are formally related under a course number and name, and must be completed within a fixed period of time (4 months). Of the 32 credit hours of work associated with curriculum v2.0, the majority are associated with only changes associated with naming or re- grouping. Curriculum v2.0 July, 2010 Curriculum v3.0 April, 2014 Name: SEC 504: Hacker Techniques, Name: ISM 5200: Hacking Techniques & Exploits, and Incident Handling, GIAC Incident Response GCIH Gold Course elements: Course elements: - SEC 504 class instruction - SEC 504 class instruction - GCI exam - GCI exam - GCI Gold Paper - NetWars simulation experience 4 credit hours 4 credit hours Summary of changes: In this example, the faculty changed one of the elements required to earn 4 credit hours for the SEC 504 instructional component, from writing a page peer- reviewed research paper relative to the topic of the course and exam, to passing a hands- on simulation- based test experience. In this case, 2 credits were simply renamed and re- grouped, while 2 credits would be considered a change in work requirements.

5 Curriculum v2.0 July, 2010 Curriculum v3.0 April, 2014 Community Project Requirements: New course numbers and names: Required elements: - ISM 5700: Situational Response - Group discussion & written project, Practicum 1 credit hour; - 2 oral presentations - ISM 5500: Research Presentation Joint written project, credit hour; - Security awareness talk, - ISM 5900: Research Presentation 2-1 credit hour; 3 credit hours total - ISM 6100: Security Project Practicum 1 credit hour; - ISM 6900: Information Security Fieldwork-.5 credit hour Summary of changes: Summary of changes: In the case of what the v1.8 curriculum referred to as a group of Community Project Requirements done in total for 3 credits, during our self- study these course activities were formalized into individual courses and evaluated for their work requirements and faculty interactions. Student course work remained the same however each requirement was given a new course code, name and an associated credit value. For example, the instruction and work leading to the oral presentations given on one s research paper at a public event to a knowledgeable audience did not change but was renamed ISM 5500: Research Presentation 1, and evaluated on its individual work activity. The result of this analysis was to increase the total credit hours assigned to the program due to this coursework, from 3 to 5.5 credit hours. Curriculum v2.0 July, 2010 Curriculum v3.0 April, 2014 Name: MGT 438: How to establish a Name: ISM 5300: Building Security Security Awareness Program, Awareness Exam/Substitute, Written Assignment Course elements: - MGT 438 Class Instruction - Exam/substitute - Written Assignment Course elements: - MGT 433: Securing the Human: Building and Deploying an Effective Security Awareness Program - Writing Exercise 1 credit hour 1 credit hour Summary of changes: The technical instruction component has been updated by enough that the class had been renamed (in the fast- changing world of information technology, substantial updates to the content of instruction is frequent) over this time period, but still focuses on the same topics. The former Exam/substitute and Written Assignment had typically been implemented as requiring the development of a written Security awareness plan, so ISM 5300 now has a single assessment requirement to write a Security Awareness Plan. Assigned credit hours

6 for this work remained unchanged. 2. Explain how the proposed program supports the institution s strategic goals and provide evidence that affirms it is an institutional priority. The SANS Technology Institute is tightly focused on developing information security leaders who have a combination of deep technical skills, knowledge of effective practice and leadership competencies that will allow them to design, deploy, and manage effective enterprise information security environments. Every major element of the college from admissions to courses, student advising, research, and public service is closely aligned with that mission. Given the small number of programs offered at STI, the success of the MSISM program remains a key strategic goal for STI and is further outlined in our strategic plan. STI updated the institutional strategic plan in focusing on the next 4 years, which we believe are critical for the success of the institution. As a result the following strategic goals were established 1) Enhance Academic Quality; 2) Increase Student Enrollment; 3) Enhance Quality and Quantity of Research; 4) Achieve and Maintain Accreditation. Sub-goals for enhancing academic quality include making quality improvements to the MSISM program that were addressed in the cover letter of this proposal and subsequently, seeking endorsement for the changes. Changes in how the MSISM program is managed have increased transparency in presenting program and course requirements and have provided faculty the freedom to use different pedagogical techniques to ensure students meet established learning outcomes. B. Adequacy of curriculum design and delivery to related learning outcomes consistent with Regulation.10 of this chapter: 1. Provide a list of courses with title, semester credit hours and course descriptions, along with a description of program requirements. Required Courses in the MSISM Program: ISM 5000 Research & Communications Methods SANS class: MGT 305 Research & Communications Methods 0.5 Credit Hours; Course length: 45 days ISM 5000 covers strategies for conducting research and the oral and written communication that follows. The class allows the student to refine their ability to research and write professional quality reports, and to create and deliver oral presentations. Topics such as developing a convincing argument, synthesizing research and writing technical reports for non-technical audiences, and managing the communication environment are covered. Students participate in an editing exercise as well as a hands-on report writing and presentation development workshop, with a required oral presentation assessment. ISM 5100 Enterprise Information Security SANS class: MGT 512 Security Leadership Essentials

7 4 Credit Hours; Course length: 120 days ISM 5100 is the introductory, survey course in the information security management master s program. It establishes the foundations for developing, assessing and managing security functions at the end-user, network and enterprise levels of an organization. The faculty instruction, readings, exam, and required student paper are coordinated to introduce and develop the core technical, management, and enterprise-level capabilities that will be developed throughout the master s program. ISM 5200 Hacking Techniques & Incident Response SANS class: SEC504 Hacker Techniques, Exploits & Incident Handling 4 Credit Hours; Course length: 120 days By adopting the viewpoint of a hacker, ISM 5200 provides an in-depth focus into the critical activity of incident handling. Students are taught how to manage intrusions by first looking at the techniques used by attackers to exploit a system. Students learn responses to those techniques, which can be adopted within the framework of the incident handling process to handle attacks in an organized way. The faculty instruction, lab exercises, exam, and NetWars simulation are coordinated to develop and test a student s ability to utilize the core capabilities required for incident handling. ISM 5300 Building Security Awareness SANS class: MGT 433 Securing the Human: Building and Deploying an Effective Security Awareness Program 1 Credit Hour; Course length: 45 days One of the most effective ways to secure the human factor in an enterprise is an active awareness and education program that goes beyond compliance and leads to actual changes in behaviors. In ISM 5300, students learn the key concepts and skills to plan, implement, and maintain an effective security awareness programs that make organizations both more secure and compliant. In addition, metrics are introduced to measure the impact of the program and demonstrate value. Finally, through a series of labs and exercises, students develop their own project and execution plan, so they can immediately implement a customized awareness program for their organization. ISM 5400 IT Security Planning, Policy & Leadership SANS class: MGT 514 IT Security Strategic Planning, Policy, and Leadership 4 Credit Hours; Course length: 120 days ISM 5400 covers the entire strategic planning process: how to plan the plan, horizon analysis, visioning, environmental scans (SWOT, PEST, Porter's etc.), historical analysis, mission, vision, and value statements. The course also reviews the planning process core, candidate initiatives, the prioritization process, resource and IT change management in planning, how to build a roadmap, setting up assessments, and revising the plan. ISM 5500 Research Presentation 1 1 Credit Hour; Course length: 45 days

8 ISM 5500 gives students the ability to convert written material to a persuasive oral presentation such as might be appropriate in an enterprise environment. Students use research material written in a previous course in the curriculum to build and deliver a 30-minute presentation, typically given at a SANS training conference. ISM 5600 Legal Issues in Data Security and Investigations SANS class: LEG 523 Legal Issues in Information Technology and Security 4 Credit Hours; Course length: 120 days ISM 5600 introduces students to the new laws on privacy, e-discovery, and data security so students can bridge the gap between the legal department and the IT department. It also provides students with skills in the analysis and use of contracts, policies, and records management procedures. ISM 5700 Situational Response Practicum 1 Credit Hour; Course length: 45 days In ISM 5700, a small group of students is given an information security scenario that is partly based on current events, and requires a broad knowledge of information security concepts. Their task is to evaluate the scenario and to recommend a course of action. This experience is a timed 24-hour event and culminates in a group written report and presentation at the end of the 24-hour preparation time. ISM 5800 IT Security Project Management SANS class: MGT 525 IT Project Management, Effective Communication, and PMP Exam Prep 3 Credit Hours; Course length: 120 days In ISM 5800 you will learn how to improve your project planning methodology and project task scheduling to get the most out of your critical IT resources. The course utilizes project case studies that highlight information technology services as deliverables. ISM 5800 follows the basic project management structure from the PMBOK Guide 5th edition and also provides specific techniques for success with information assurance initiatives. All aspects of IT project management are covered - from initiating and planning projects through managing cost, time, and quality while your project is active, to completing, closing, and documenting as your project finishes. ISM 5900 Research Presentation 2 1 Credit Hour; Course length: 45 days ISE 5900 gives a chance to further develop their skills at converting written material into a persuasive oral presentation such as might be appropriate in an enterprise environment. Students use research material written from previous courses in the curriculum to build and deliver a 30- minute presentation, either at a SANS training conference, or in an online environment. ISM 6000 Standards Based Implementation of Security SANS class: SEC 566 Implementing and Auditing the Twenty Critical Security Controls 4 Credit Hours; Course length: 120 days

9 Cybersecurity attacks are increasing and evolving so rapidly that is more difficult than ever to prevent and defend against them. ISM 6000 will help you to ensure that your organization has an effective method in place to detect, thwart, and monitor external and internal threats to prevent security breaches. As threats evolve, an organization s security should too. Standards based implementation takes a prioritized, risk-based approach to security and shows you how standardized controls are the best way to block known attacks and mitigate damage from successful attacks. ISM 6100 Security Project Practicum 2 Credit Hours; Course length: 45 days In ISM 6100, a small group of students is given an information security project that requires a broad knowledge of information security concepts. Their task is to evaluate the project assignment and to recommend a course of action. This experience is a timed 30-day event. Students receive the project assignment from faculty, and must respond with a project plan to address the assignment within 5 days. The group then uses their plan to address the assignment, and deliver a written report at the end of the 30-day period. ISM 6200 Auditing Networks, Perimeters and Systems SANS class: AUD 507 Auditing Networks, Perimeters, and Systems 4 Credit Hours; Course length: 120 days ISM 6200 is organized specifically to provide a risk driven method for tackling the enormous task of designing an enterprise security validation program. After covering a variety of high level audit issues and general audit best practice, students have the opportunity to dive deep into the technical how to for determining the key controls that can be used to provide a level of assurance to an organization. Tips on how to repeatedly verify these controls and techniques for continuous monitoring and automatic compliance validation are given from real world examples. ISM 6900 Information Security Fieldwork 0.5 Credit Hours; Course length: 45 days In ISM 6900, students move into the field to prepare and present on a project that will help increase computer security awareness. Students devise their own project content, based upon a defined need. Students are also responsible for inviting an audience to review the results of their project work. It is expected that at least one representative from the student's own organization (place of employment) will be present to provide evidence of the presentation MSISM Capstone Assessment: GSM 0 Credit Hours The GSM exam Capstone experience is a two day hands-on lab exercise where students demonstrate their ability to formulate and implement policies and solutions that demonstrate a thorough understanding of security foundations and practical applications of information technology. Students work through scenarios which require them to: construct information

10 security approaches that balance organizational needs, apply standards-based approaches to information security risk management, and devise incident response strategies. Technical Elective Courses (MSISM Students Choose One): ISE 6215 Advanced Security Essentials SANS class: SEC 501 Advanced Security Essentials - Enterprise Defender 3 Credit Hours; Course length: 120 days. ISE 6215 reinforces the theme that prevention is ideal, but detection is a must. Students will learn how to ensure that their organizations constantly improve their security posture to prevent as many attacks as possible. A key focus is on data protection, securing critical information no matter whether it resides on a server, in robust network architectures, or on a portable device. Despite an organization's best effort at preventing attacks and protecting its critical data, some attacks will still be successful. Therefore students will also learn how to detect attacks in a timely fashion through an in-depth understanding the traffic that flows on networks, scanning for indications of an attack. The course also includes instruction on performing penetration testing, vulnerability analysis, and forensics. ISE 6220 Network Perimeter Protection SANS class: SEC 502 Perimeter Protection In-Depth 3 Credit Hours; Course length: 120 days. ISE 6220 provides a comprehensive analysis of a wide breadth of technologies. In fact, this is probably the most diverse course in the STI catalog, as mastery of multiple security techniques is required to defend networks from remote attacks. The course moves beyond a focus on single operating systems or security appliances. The course teaches that a strong security posture must be comprised of multiple layers. The course was developed to give students the knowledge and tools necessary at every layer to ensure their network is secure. ISE 6230: Securing Windows and Resisting Malware SANS class: SEC 505 Securing Windows and Resisting Malware 3 Credit Hours; Course length: 120 days. ISE 6230 shows students how to secure Windows and how to minimize the impact of these changes on users of these changes. Through live demonstrations of the important steps, students follow along on their laptops. Where other courses focus on detection or remediation after the fact, the goal of this course is to prevent the infection in the first place. Students learn to write PowerShell scripts, but don't need any prior scripting experience. ISE 6235: Securing Linux/Unix SANS class: SEC 506 Securing Linux/Unix 3 Credit Hours; Course length: 120 days.

11 ISE 6235 provides students with experience in in-depth coverage of Linux and Unix security issues, examining how to mitigate or eliminate general problems that apply to all Unix-like operating systems, including vulnerabilities in the password authentication system, file system, virtual memory system, and applications that commonly run on Linux and Unix. This course provides specific configuration guidance and practical, real-world examples, tips, and tricks. ISE 6315: Web App Penetration Testing and Ethical Hacking SANS class: SEC 542 Web App Penetration Testing and Ethical Hacking 3 Credit Hours; Course length: 120 days. ISE 6315 is a highly technical information security course in offensive strategies where students learn the art of exploiting Web applications so they can find flaws in enterprise Web apps before they are otherwise discovered and exploited. Through detailed, hands-on exercises students learn the four-step process for Web application penetration testing. Students will inject SQL into back-end databases, learning how attackers exfiltrate sensitive data. They then utilize cross-site scripting attacks to dominate a target infrastructure in a unique hands-on laboratory environment. Finally students explore various other Web app vulnerabilities in-depth with tried-and-true techniques for finding them using a structured testing regimen. ISE 6320: Network Penetration Testing and Ethical Hacking SANS class: SEC 560 Network Penetration Testing and Ethical Hacking 3 Credit Hours; Course length: 120 days. ISE 6320 prepares students to conduct successful penetration testing and ethical hacking projects. The course starts with proper planning, scoping and recon, and then dives deep into scanning, target exploitation, password attacks, and wireless and web apps with detailed handson exercises and practical tips for doing the job safely and effectively. Students will participate in an intensive, hands-on Capture the Flag exercise, conducting a penetration test against a sample target organization. ISE 6325: Mobile Device Security SANS class: SEC 575 Mobile Device Security and Ethical Hacking 3 Credit Hours; Course length: 120 days. ISE 6325 helps students resolve their organization s struggles with mobile device security by equipping then with the skills needed to design, deploy, operate, and assess a well-managed secure mobile environment. From practical policy development to network architecture design and deployment, and mobile code analysis to penetration testing and ethical hacking, this course teaches students to build the critical skills necessary to support the secure deployment and use of mobile phones and tablets in their organization. ISE 6330: Wireless Penetration Testing SANS class: SEC 617 Wireless Ethical Hacking, Penetration Testing, and Defenses 3 Credit Hours; Course length: 120 days.

12 ISE 6330 takes an in-depth look at the security challenges of many different wireless technologies, exposing students to wireless security threats through the eyes of an attacker. Using readily available and custom-developed tools, students will navigate through the techniques attackers use to exploit WiFi networks, Bluetooth devices, and a variety of other wireless technologies. Using assessment and analysis techniques, this course will show students how to identify the threats that expose wireless technology and build on this knowledge to implement defensive techniques that can be used to protect wireless systems. ISE 6360: Advanced Network Penetration Testing SANS class: SEC 660 Advanced Penetration Testing, Exploits, and Ethical Hacking 3 Credit Hours; Course length: 120 days. ISE 6360 builds upon ISE 6320 Network Penetration Testing and Ethical Hacking. This advanced course introduces students to the most prominent and powerful attack vectors, allowing students to perform these attacks in a variety of hands-on scenarios. This course is an elective course in the Penetration Testing & Ethical Hacking certificate program, and an elective choice for the master s program in Information Security Engineering. ISE 6420: Computer Forensic Investigations - Windows SANS class: FOR 408 Computer Forensic Investigations - Windows In-Depth 3 Credit Hours; Course length: 120 days. ISE 6105 Computer Forensic Investigations Windows focuses on the critical knowledge of the Windows Operating System that every digital forensic analyst needs to investigate computer incidents successfully. Students learn how computer forensic analysts focus on collecting and analyzing data from computer systems to track user-based activity that can be used in internal investigations or civil/criminal litigation. The course covers the methodology of in-depth computer forensic examinations, digital investigative analysis, and media exploitation so each student will have complete qualifications to work as a computer forensic investigator helping to solve and fight crime. ISE 6425: Advanced Computer Forensic Analysis and Incident Response SANS class: FOR 508 Advanced Computer Forensic Analysis and Incident Response 3 Credit Hours; Course length: 120 days. ISE 6420 teaches the necessary capabilities for forensic analysts and incident responders to identify and counter a wide range of threats within enterprise networks, including economic espionage, hacktivism, and financial crime syndicates. The course shows students how to work as digital forensic analysts and incident response team members to identify, contain, and remediate sophisticated threats-including nation-state sponsored Advanced Persistent Threats and financial crime syndicates. Students work in a hands-on lab developed from a real-world targeted attack on an enterprise network in order to learn how to identify what data might be stolen and by whom, how to contain a threat, and how to manage and counter an attack. ISE 6440: Advanced Network Forensic Analysis SANS class: FOR 572 Advanced Network Forensics and Analysis

13 3 Credit Hours; Course length: 120 days. ISE 6440 focuses on the most critical skills needed to mount efficient and effective post-incident response investigations. Moving beyond the host-focused experiences in ISE 6420 and ISE 6425, ISE 6440 covers the tools, technology, and processes required to integrate network evidence sources into investigations, covering high-level NetFlow analysis, low-level pcap exploration, and ancillary network log examination. Students will employ a wide range of open source and commercial tools, exploring real-world scenarios to help the student learn the underlying techniques and practices to best evaluate the most common types of network-based attacks. ISE 6460: Malware Analysis and Reverse Engineering SANS class: FOR 610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques 3 Credit Hours; Course length: 120 days. ISE 6425 teaches students how to examine and reverse engineer malicious programs spyware, bots, Trojans, etc. that target or run on Microsoft Windows, within browser environments such as JavaScript or Flash files, or within malicious document files (including Word and PDF). The course builds a strong foundation for reverse-engineering malicious software using a variety of system and network monitoring utilities, a disassembler, a debugger and other tools. The malware analysis process taught in this class helps students understand how incident responders assess the severity and repercussions of a situation that involves malicious software and plan recovery steps. Students also experience how forensics investigators learn to understand key characteristics of malware discovered during the examination, including how to establish indicators of compromise (IOCs) for scoping and containing the incident. ISE 6615: Defending Web Applications Security Essentials SANS class: DEV 522 Defending Web Applications Security Essentials 3 Credit Hours; Course length: 120 days. ISE 6615 covers the OWASP Top 10 and provides students with a better understanding of web application vulnerabilities, enabling them to properly defend organizational web assets. Mitigation strategies from an infrastructure, architecture, and coding perspective are discussed alongside real-world implementations that really work. The testing aspect of vulnerabilities is also covered so students can ensure their application is tested for the vulnerabilities discussed in class. MSISM Graduation Requirements The MSISM program requires completion of 36 credit hours with a 3.0 G.P.A, within 5 years. Students must complete the following requirements: Required Course Credits ISM 5000 Research & Communications Methods 0.5 ISM 5100 Enterprise Information Security 4 ISM 5200 Hacking Techniques & Incident Response 4 ISM 5300 Building Security Awareness 1

14 ISM 5400 IT Security Planning, Policy and Leadership 3 ISM 5500 Research Presentation 1 1 ISM 5600 Legal Issues in Data Security and Investigations 4 ISM 5700 Incident Response Practicum 1 ISM 5800 IT Security Project Management 3 ISM 5900 Research Presentation 2 1 ISM 6000 Standards Based Implementation of Security 4 ISM 6100 Security Project Practicum 2 ISM 6200 Auditing Networks, Perimeters and Systems 4 ISM 6900 Information Security Fieldwork 0.5 Technical Elective (1 course)* 3 Required Program Capstone 0 Total Describe the educational objectives and intended student learning outcomes. The Master of Science in Information Security Management (MSISM) degree program is designed to help a candidate prepare for responsibilities at the highest-ranking management level with IT security responsibilities in an organization. In the government, this is often called the Designated Approving Authority, Information Assurance Manager, or Chief Information Security Officer. In the private sector, titles such as Chief Security Officer or Chief Information Security Officer are often used. Graduates of this program will be able to assess the effectiveness of information security programs, see their strengths and weaknesses, and analyze the design of specific security enhancements. They will also have strong oral presentation and writing skills, knowledge of legal issues in security, and project management skills. Graduates will be able to develop and manage an enterprise-level information security program, including the ability to sponsor adaptive security paradigms that foster rapid detection and mitigation of new and existing attacks, and to measure response strategies to threats as they emerge. The MSISM program approaches the development of information security leaders from a different vector than its sister MSISE program, focusing more on communications, policy, and standards-based management and less on bolstering hands-on skills and capabilities, while still ensuring a facility with the latter. The introductory survey course has no technical labs and materially increased (relative) management and policy content. The MSISM program has two three additional required four credit courses with papers, focused on the leadership, legal and auditing aspects of information security management, while it offers only one choice of a technical elective course. The MSISM capstone practical exam is entirely different and specific to the program than the GIAC Security Expert exam requirement. The MSISM program shares the following General Learning Outcomes with the MSISE program: Formulate and implement policies and solutions that demonstrate a thorough understanding of security foundations and practical applications of information technology.

15 Demonstrate a solid foundation in information security strategies and apply their knowledge by assessing an information security situation and prescribing an appropriate security approach. Construct an information security approach that balances organizational needs with those of confidentiality, integrity and availability. Solutions require a comprehensive approach that aligns with policy, technology, and organizational education, training and awareness programs. Effectively communicate information security assessments, plans and actions for technical and nontechnical audiences/stakeholders. Identify emerging information security issues, utilize knowledge of information security theory to investigate causes and solutions, and delineate strategies guided by evolving information security research and theory. The following Learning Outcomes are specific to the MSISM program: Assess and balance the relationship and inter-responsibilities between all three communities of interest in Information Security: General Business, Information Technology, and Information Security. Apply a standards based approach to implement the principles and applications of risk management, including business impact analyses, cost-benefit analyses, and implementation methods that map to business needs/requirements. Integrate the elements of information security management - Policy, Strategic and Continuity Planning, Programs and Personnel - into a coordinated operation. Articulate positive and socially responsible positions on ethical and legal issues associated with the protection of information and privacy. Devise incident response strategies, including business continuity planning/disaster recovery planning (BCP/DRP) initiatives, while focusing on cost effectiveness from both a proactive and reactive perspective. 3. Discuss how general education requirements will be met, if applicable. General education requirements are not applicable to SANS Technology Institute or the MSISM program, because both are entirely focused on post-baccalaureate studies. Students are required to have completed a bachelor s degree before admittance. 4. Identify any specialized accreditation or graduate certification requirements for this program and its students. Currently no specialized accreditations are required for the MSISM program and its students. 5. If contracting with another institution or non-collegiate organization, provide a copy of the written contract. The modifications made to the MSISM program precipitating this Program Proposal neither include nor impact any changes to any relationship the SANS Technology Institute has with another institution or non-collegiate organization. All courses are authored and taught by

16 members of the faculty of the SANS Technology Institute. Commensurate with the approval of the SANS Technology Institute as a degree-granting institution in the State of Maryland in 2005, and as reviewed and accredited by the Middle States Commission on Higher Education, the SANS Technology Institute will continue to engage the support services of its parent, the Escal Institute for Advanced Technologies (d/b/a/ SANS Institute) and its sister subsidiary, GIAC. The agreements are not designed specifically for the MSISM program, but as supporting structures for STI, support the delivery and management of this program. The two Memorandum of Understandings between the SANS Technology Institute and the SANS Institute and GIAC are included as Attachments B-2 and B-3. C. Critical and compelling regional or Statewide need as identified in the State Plan: 1. Demonstrate demand and need for the program in terms of meeting present and future needs of the region and the State in general based on one or more of the following: o The need for the advancement and evolution of knowledge; o Societal needs, including expanding educational opportunities and choices for minority and educationally disadvantaged students at institutions of higher education; o The need to strengthen and expand the capacity of historically black institutions to provide high quality and unique educational programs. 2. Provide evidence that the perceived need is consistent with the Maryland State Plan for Postsecondary Education (pdf). Technological progress is related to, and the direct result of, the advancement and evolution of knowledge. Together with the increased prevalence in the use and applicability of information technology, and the benefits of substantial increases in productivity and efficiency, comes the need to protect information-based assets from new adversaries, criminals, foreign nation-states, and vectors of attack. The MSISM program is directly supportive of the development of professionals with the skills and capabilities to manage the protection of information assets that are central to the advancement and evolution of knowledge in the information age. Despite the fact that the MSISM program is, by definition, focused exclusively on postbaccalaureate students and not all post-secondary students, it makes substantial contributions to Maryland s goals by seeking to increase the number and quality of Science, Technology, Engineering, and Mathematics (STEM) degrees in the State. From the 2013 Maryland State Plan for Postsecondary Education: Increasing the number of STEM degrees awarded to students is another key goal for Maryland postsecondary education. STEM-related occupations are critical because they are closely tied to technological innovation, economic growth, and increased productivity. Currently, workers with STEM competencies and degrees are in high demand. Data from the Georgetown University 10 Center for Education and the Workforce (2011) rank STEM jobs as the second fastest-growing occupational category in the nation, behind health care. The MSISM program focuses on producing additional highly impactful Information Security leaders with proficiency in STEM-related areas of practice.

17 D. Quantifiable & reliable evidence and documentation of market supply & demand in the region and State: 1. Present data and analysis projecting market demand and the availability of openings in a job market to be served by the new program. 2. Discuss and provide evidence of market surveys that clearly provide quantifiable and reliable data on the educational and training needs and the anticipated number of vacancies expected over the next 5 years. 3. Data showing the current and projected supply of prospective graduates. The need for technically educated information security professionals has been steadily increasing. In July 2010 the CSIS (Center for Strategic and International Studies) Commission on Cybersecurity for the 44 th President 1 released a white paper titled A Human Capital Crisis in Cybersecurity. The white paper presents compelling evidence of a shortage of highly technical information security professionals who can both design secure networks and systems and create the tools needed to detect, mitigate, and recover from compromises. The report cited the number of such professionals currently employed in government is estimated to be around 1,000 with a need for up to 30, In 2013 the US Defense Department released plans to increase the number of information security professionals employed from 900 to 4,900, with an anticipated workforce of 6,000 cyber professionals. 3 The new positions will have 3 distinct focuses: a defensive national mission force to protect systems that support electrical grids, power plants and other critical infrastructure; a combat mission force to help overseas military commanders plan and execute offensive operations; and cyber protection force to bolster Defense Department networks. 4 In 2012 the U.S. Department of Homeland Security Task Force on Cyber Skills called for DHS to hire 600 world-class cyber technologists. 5 The Job Outlook, for Information Security Analysts, Web Developers, and Computer Network Architects published in the Bureau of Labor Statistics Occupational Outlook Handbook anticipates that employment for that category will grow 22% from 2010 to 2020, faster than average for all occupations, with favorable job prospects for all three occupations. 6 This category is projected to grow by 24% in Maryland over a similar time period Eric Cole, DPS, the Director of our Master of Science in Information Security Engineering program, was a member of this commission. 2 White paper can be found at Homeland Security Advisory Council s Cyberskills Task Force Report, Fall, 2012 (Page 4, Objective 4) 6 Bureau of Labor Statistics, U.S. Department of Labor, Occupational Outlook Handbook, Edition, Information Security Analysts, Web Developers, and Computer Network Architects, on the Internet at (visited September 24, 2013). 7 d=2&soccode=151122&stfips=24&x=61&y=9

18 Even if those organizations, and hundreds of others that are seeking talent, can find the tens of thousands of technical cybersecurity experts they jointly seek, they will still need people of sufficient expertise who can organize, manage, and lead the work of these experts. Teams of security professionals are most productive when led by people with substantial technical expertise and experience, just as successful air attack groups are led by active but senior pilots, or surgical departments are led by practicing but senior surgeons. Under pressure, as information security people often find themselves, having a manager or team leader who is not qualified or lacks experience often leads to critical mistakes in a line of work that can ill afford them. In other words, if society hopes to protect itself against the increasing wave of attacks, a program needs to be created to develop technical information security leaders. STI was created to help government and industry develop that missing layer of technical cybersecurity managers. That goal is embodied in STI s mission. STI used data available through IPEDS to obtain a general estimate of the number of graduates from Computer and Information Systems Security programs (specifically CIP Code ). In degrees were awarded, among 36 programs. To date STI has awarded 2 Master of Science in Information Security Management degrees. The need for qualified information security professionals is outpacing the number of professionals with the appropriate credentials and experience. The MSISM program will continue to play an integral part in decreasing the gap. E. Reasonableness of program duplication: 1. Identify similar programs in the State and/or same geographical area. Discuss similarities and differences between the proposed program and others in the same degree to be awarded. This proposal for a Substantial Modification to the SANS Technology Institute s MSISM program does not alter the number or nature of programs related to Information Security in Maryland, nor how our program relates to those programs. The learning outcomes sought have been reformulated but remain substantially the same. Using the MHEC program inventory database we identified the following institutions who offer master s programs with the same CIP code Computer and Information Systems Security: John s Hopkins University Master s Degrees in Cybersecurity and Security Informatics University of Maryland University College Master s degrees in Cybersecurity and Cybersecurity Policy The following Maryland institutions are advertising similar master s programs, however are not listed in the MHEC program inventory database: Capitol College Information Assurance Master s Degree University of Maryland Baltimore College Master s In Professional Studies: Cybersecurity

19 It is our strong belief, after a review of the courses and course descriptions offered by these programs and courses, combined with our own understanding of the content of our courses, that the MSISM program continues to be distinguished in focus by those offered by these other institutions. Our technical courses are well known by governments and corporations to impart hands-on skills that enable our graduates to design, implement, and manage information security defenses. Our programs are designed specifically because of the problems driven by having managers of information security systems who might have apparently relevant credentials but who don t have an adequate understanding of the underlying technologies and hence how to design relevant defenses in the event of a breach. Our management, policy, audit, and legal courses central to the MSISM program have been authored and are taught by practitioners in the field, and seek to establish clear connections between the more commonly taught high-level policy and audit standards with specific case studies of implementation mechanisms. It is this persistent connection of higher-level architecture and policy review and detailed implementation requirements in the real world that sets our program apart from existing, alternative offerings from other institutions in the State. For example, the MSISM program requires a course entitled ISM 6200: Auditing Networks, Perimeters, and Systems. ISM 6200 is organized specifically to provide a risk driven method for tackling the enormous task of designing an enterprise security validation program. After covering a variety of high level audit issues and general audit best practice, students have the opportunity to dive deep into the technical how to for determining the key controls that can be used to provide a level of assurance to an organization. Tips on how to repeatedly verify these controls and techniques for continuous monitoring and automatic compliance validation are given from real world examples. ISM 5600: Law of Data Security and Investigations, similarly connects higher level legal issues with specific skills in the analysis and use of contracts and records management procedures. From a broad foundation, the course delves into specifics of (for example) preparing credible, defensible reports, whether for cyber, forensics incident response, human resources, or other investigations. The MSISM degree ensures that our graduates understand, at the basic technical level, how operating systems and networks operate, how they can be broken, and therefore what one can do to protect them. On this grounding and with this level of understanding effective information security professionals can develop and implement effective defenses. Lastly, the MSISM program provides for multiple courses that integrate a student s understanding of the technical and management aspects information security and develop their capabilities through real-world simulations. Two one-credit courses (ISM 5500 and ISM 5900) assist the student in the development of presentations of their research that they then need to present faculty at a residential institute in the presence of of their information security peers and professionals, many of whom are well versed in the topic(s) being presented and come prepared with challenging questions. Like their real-world responsibilities, graduate students must develop and prove the proficiency at distilling complex topics into an understandable oral presentation, MSISM students also fulfill the requirements of ISM 5700: Incident Response Practicum, in which a small group of students is given an information security incident scenario

20 based partly on real-world events, and they must recommend a course of action to a CIO board within a fixed 24-hour preparation timeframe, preparing an official written report thereafter. Through ISM 6100: Security Project Practicum, students must work in virtual groups over a 30- day period to evaluate an custom-tailored information security implementation project and also integrate their work into a unified, written project presentation. Practically-driven, integrative coursework like these, combined with formal instruction courses, exams, and research that span high-level information security management concepts with real-world, practical implementation topics are the hallmark of the MSISM program experience and a key differentiator from other programs in the State. 2. Provide justification for the proposed program. Since MHEC authorized STI to award master s programs, the MSISM program remains critical and importantly distinct from other programs in Maryland (and the nation): 1. The SANS Technology Institute builds on the technical training of the SANS Institute, which has trained more than 120,000 information security professionals and teachers since The SANS Institute is the largest cybersecurity training organization, serving the National Security Agency, the FBI, and the US military, as well as their counterparts in many U.S. allied nations. Intelligence, military, and law enforcement organizations account for approximately 20% of SANS students. Others come from more than 5,000 enterprises of all types, ranging from hospitals to banks, utilities, state governments, and churches. Well over 1,500 faculty members and cybersecurity staff from U.S. and international colleges and universities have attended SANS courses. 2. The SANS Technology Institute takes the deep technical instruction of the SANS Institute to an entirely new level. The MSISM program focuses on building a foundation of technical knowledge that students can utilize in managing enterprise level security strategy. The enterprise level view is reinforced through the Critical Controls framework pioneered by STI and SANS and now adopted by the U.S. Department of Homeland Security and the British government s Centre for the Protection of Critical Infrastructure. 3. Further, STI focuses on developing technical communications skills as well as project management skills essential for gaining support for technical cybersecurity programs and succeeding as a leader. Because time away from work is very limited and individuals tend to focus their training on technical skills, it is uncommon for security practitioners to enroll in professional development courses. But these courses are essential for leadership positions, as one of STI s students wrote in 2013: I have to admit that I would not have chosen the project management course if it were not in the STI curriculum, but I am quick to admit that it has helped me greatly at work. I apply a lot of the content at work each day, leading a multi-year, multi-million dollar program. I believe the stakeholder management and guarding against (future) stakeholder scope creep are my biggest takeaways from your course. You did a great job delivering the content and keeping the class engaged.

Course Descriptions November 2014

Course Descriptions November 2014 Master of Science In Information Security Management Course Descriptions November 2014 Master of Science in Information Security Management The Master of Science in Information Security Management (MSISM)

More information

Information Security Engineering

Information Security Engineering Master of Science In Information Security Engineering Course Descriptions November 2014 Master of Science in Information Security Engineering The program of study for the Master of Science in Information

More information

A. Centrality to institutional mission statement and planning priorities:

A. Centrality to institutional mission statement and planning priorities: SANS Technology Institute Program Proposal for a Substantial Modification Master of Science in Information Security Engineering May, 2014 A. Centrality to institutional mission statement and planning priorities:

More information

OVERVIEW DEGREES & CERTIFICATES

OVERVIEW DEGREES & CERTIFICATES OVERVIEW DEGREES & CERTIFICATES 015 The best. Made better. SANS graduate programs are the ultimate expression of our 25 years dedicated to the education and development of information security professionals.

More information

MASTER S DEGREES & GRADUATE CERTIFICATES REGIONAL ACCREDITATION FUNDING OPTIONS

MASTER S DEGREES & GRADUATE CERTIFICATES REGIONAL ACCREDITATION FUNDING OPTIONS OVERVIEW MASTER S DEGREES & GRADUATE CERTIFICATES REGIONAL ACCREDITATION FUNDING OPTIONS 2016 Coursework to Meet Real World Demands The best. Made better. SANS graduate programs are the ultimate expression

More information

Cyber Defense Operations Graduate Certificate

Cyber Defense Operations Graduate Certificate The SANS Technology Institute makes shorter groups of courses available to students who are unable to commit to a full master s degree program. These certificate programs will augment your skills, provide

More information

Frequently Asked Questions

Frequently Asked Questions Frequently Asked Questions General Questions What is the SANS Technology Institute? What degrees are offered by the SANS Technology Institute? What is the SANS Institute? Is the SANS Technology Institute

More information

CYBER SECURITY TRAINING SAFE AND SECURE

CYBER SECURITY TRAINING SAFE AND SECURE CYBER SECURITY TRAINING KEEPING YOU SAFE AND SECURE Experts in Cyber Security training. Hardly a day goes by without a cyber attack being reported. With this ever-increasing threat there is a growing need

More information

A Guide to Preparing for the GSM Capstone Exam

A Guide to Preparing for the GSM Capstone Exam A Guide to Preparing for the GSM Capstone Exam by: Courtney Imbert, courtneyimbert@gmail.com Last update: November 11, 2015 An Overview of the GSM Capstone Exam The GSM (GIAC Security Manager) is the capstone

More information

Middle Class Economics: Cybersecurity Updated August 7, 2015

Middle Class Economics: Cybersecurity Updated August 7, 2015 Middle Class Economics: Cybersecurity Updated August 7, 2015 The President's 2016 Budget is designed to bring middle class economics into the 21st Century. This Budget shows what we can do if we invest

More information

Cisco Security Optimization Service

Cisco Security Optimization Service Cisco Security Optimization Service Proactively strengthen your network to better respond to evolving security threats and planned and unplanned events. Service Overview Optimize Your Network for Borderless

More information

Enterprise Security Tactical Plan

Enterprise Security Tactical Plan Enterprise Security Tactical Plan Fiscal Years 2011 2012 (July 1, 2010 to June 30, 2012) Prepared By: State Chief Information Security Officer The Information Security Council State of Minnesota Enterprise

More information

Information Systems Security Certificate Program

Information Systems Security Certificate Program Information Technologies Programs Information Systems Security Certificate Program Accelerate Your Career extension.uci.edu/infosec University of California, Irvine Extension s professional certificate

More information

Cyber threats are growing.

Cyber threats are growing. Cyber threats are growing. So are your career opportunities. Put the future of your cybersecurity career in the hands of a respected online education leader. Everything you need to succeed. Excelsior College

More information

Someone s sitting in the shade today because someone planted a tree a long time ago. Warren Buffett. Ed Skoudis Mike Qaissaunee.

Someone s sitting in the shade today because someone planted a tree a long time ago. Warren Buffett. Ed Skoudis Mike Qaissaunee. New Jersey Cyber Aces Academy at Brookdale: A Collaborative Public/Private Model to Secure the Nation A project funded through NSF SFS Grant DUE#1331170 Ed Skoudis Mike Qaissaunee April 30, 2014 Someone

More information

PENETRATION TESTING GUIDE. www.tbgsecurity.com 1

PENETRATION TESTING GUIDE. www.tbgsecurity.com 1 PENETRATION TESTING GUIDE www.tbgsecurity.com 1 Table of Contents What is a... 3 What is the difference between Ethical Hacking and other types of hackers and testing I ve heard about?... 3 How does a

More information

An Accelerated Pathway to Careers in Cybersecurity for Transitioning Veterans. NICE Annual Conference November 2015

An Accelerated Pathway to Careers in Cybersecurity for Transitioning Veterans. NICE Annual Conference November 2015 An Accelerated Pathway to Careers in Cybersecurity for Transitioning Veterans NICE Annual Conference November 2015 Panelists David Brown, Director of CyberTalent at the SANS Institute, a new business unit

More information

Wyoming Community College Commission Request for New, Pilot or Revised Degree or Certificate Program

Wyoming Community College Commission Request for New, Pilot or Revised Degree or Certificate Program Community Commission Request for New, Pilot or Revised Degree or Certificate Program A. : Laramie County Community B. Date submitted to WCCC: C. Program 1. Request for: X New Program Pilot Program Revised

More information

Manage the unexpected

Manage the unexpected Manage the unexpected Navigate risks and thrive Today s business world is threatened by a multitude of online security risks. But many organizations simply do not have the resources or expertise to combat

More information

SECURITY. Risk & Compliance Services

SECURITY. Risk & Compliance Services SECURITY Risk & Compliance s V1 8/2010 Risk & Compliances s Risk & compliance services Summary Summary Trace3 offers a full and complete line of security assessment services designed to help you minimize

More information

MEETING THE NATION S INFORMATION SECURITY CHALLENGES

MEETING THE NATION S INFORMATION SECURITY CHALLENGES MEETING THE NATION S INFORMATION SECURITY CHALLENGES TO ADDRESS SKILLS AND WORKFORCE SHORTAGES IN THE INFORMATION SECURITY INDUSTRY, THE NATIONAL SECURITY AGENCY AND THE DEPARTMENT OF HOMELAND SECURITY

More information

ETHICAL HACKING 010101010101APPLICATIO 00100101010WIRELESS110 00NETWORK1100011000 101001010101011APPLICATION0 1100011010MOBILE0001010 10101MOBILE0001

ETHICAL HACKING 010101010101APPLICATIO 00100101010WIRELESS110 00NETWORK1100011000 101001010101011APPLICATION0 1100011010MOBILE0001010 10101MOBILE0001 001011 1100010110 0010110001 010110001 0110001011000 011000101100 010101010101APPLICATIO 0 010WIRELESS110001 10100MOBILE00010100111010 0010NETW110001100001 10101APPLICATION00010 00100101010WIRELESS110

More information

Information Security Services

Information Security Services Information Security Services Information Security In 2013, Symantec reported a 62% increase in data breaches over 2012. These data breaches had tremendous impacts on many companies, resulting in intellectual

More information

Wyoming Community College Commission Request for New, Pilot or Revised Degree or Certificate Program

Wyoming Community College Commission Request for New, Pilot or Revised Degree or Certificate Program Wyoming Community College Commission Request for New, Pilot or Revised Degree or Certificate Program A. College: Laramie County Community College B. Date submitted to WCCC: C. Program 1. Request for: X

More information

The fast track to top skills and top jobs in cyber. Guaranteed.

The fast track to top skills and top jobs in cyber. Guaranteed. The fast track to top skills and top jobs in cyber. Guaranteed. FREE TO TRANSITIONING VETERANS FAST TRACK Four steps to a cybersecurity career QUALIFY Earn Acceptance TRAIN Build Elite Skills CERTIFY Earn

More information

Symantec Cyber Threat Analysis Program Program Overview. Symantec Cyber Threat Analysis Program Team

Symantec Cyber Threat Analysis Program Program Overview. Symantec Cyber Threat Analysis Program Team Symantec Cyber Threat Analysis Program Symantec Cyber Threat Analysis Program Team White Paper: Symantec Security Intelligence Services Symantec Cyber Threat Analysis Program Contents Overview...............................................................................................

More information

State of Minnesota. Enterprise Security Strategic Plan. Fiscal Years 2009 2013

State of Minnesota. Enterprise Security Strategic Plan. Fiscal Years 2009 2013 State of Minnesota Enterprise Security Strategic Plan Fiscal Years 2009 2013 Jointly Prepared By: Office of Enterprise Technology - Enterprise Security Office Members of the Information Security Council

More information

Cyber Learning Solutions

Cyber Learning Solutions Cyber Learning Solutions 2014 Extended Course Catalog Raytheon Cyber Solutions Inc. (RCSI) cyber-training@list.app.ray.com www.raytheon.com 1 Raytheon Cyber Learning Solutions 2014 Catalog CONTENTS The

More information

Technical Testing. Application, Network and Red Team Testing DATA SHEET. Test your security defenses. Expert Testing, Analysis and Assessments

Technical Testing. Application, Network and Red Team Testing DATA SHEET. Test your security defenses. Expert Testing, Analysis and Assessments DATA SHEET Technical Testing Application, Network and Red Team Testing The Dell SecureWorks Technical Testing services deliver the independent expertise, experience and perspective you need to enhance

More information

Cybersecurity and internal audit. August 15, 2014

Cybersecurity and internal audit. August 15, 2014 Cybersecurity and internal audit August 15, 2014 arket insights: what we are seeing so far? 60% of organizations see increased risk from using social networking, cloud computing and personal mobile devices

More information

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES www.kaspersky.com EXPERT SERVICES Expert Services from Kaspersky Lab are exactly that the services of our in-house experts, many of them global

More information

Advanced Threat Protection with Dell SecureWorks Security Services

Advanced Threat Protection with Dell SecureWorks Security Services Advanced Threat Protection with Dell SecureWorks Security Services Table of Contents Summary... 2 What are Advanced Threats?... 3 How do advanced threat actors operate?... 3 Addressing the Threat... 5

More information

The fast track to top skills and top jobs in cyber. Guaranteed.

The fast track to top skills and top jobs in cyber. Guaranteed. The fast track to top skills and top jobs in cyber. Guaranteed. FREE TO QUALIFYING PARTICIPANTS WELCOME The SANS Institute is presenting the SANS CyberTalent Immersion Academy for Women to encourage women

More information

SELECTION // ASSESSMENT // TRAINING EXAMINATION //GRADUATION

SELECTION // ASSESSMENT // TRAINING EXAMINATION //GRADUATION SELECTION // ASSESSMENT // TRAINING EXAMINATION //GRADUATION 1 Why SANS Cyber Academy? We know that the lack of cyber security skills is hardly going to be news to you. The fact that there is a solution

More information

Enterprise Cybersecurity: Building an Effective Defense

Enterprise Cybersecurity: Building an Effective Defense : Building an Effective Defense Chris Williams Scott Donaldson Abdul Aslam 1 About the Presenters Co Authors of Enterprise Cybersecurity: How to Implement a Successful Cyberdefense Program Against Advanced

More information

The Future Is SECURITY THAT MAKES A DIFFERENCE. Overview of the 20 Critical Controls. Dr. Eric Cole

The Future Is SECURITY THAT MAKES A DIFFERENCE. Overview of the 20 Critical Controls. Dr. Eric Cole The Future Is SECURITY THAT MAKES A DIFFERENCE Overview of the 20 Critical Controls Dr. Eric Cole Introduction Security is an evolution! Understanding the benefit and know how to implement the 20 critical

More information

USING INFORMATION ASSURANCE CURRICULUM STANDARDS AS A BASIS FOR A GRADUATE DEGREE

USING INFORMATION ASSURANCE CURRICULUM STANDARDS AS A BASIS FOR A GRADUATE DEGREE USING INFORMATION ASSURANCE CURRICULUM STANDARDS AS A BASIS FOR A GRADUATE DEGREE N. Paul Schembari, Mike Jochen East Stroudsburg University of Pennsylvania {nschembari, mjochen}@esu.edu ABSTRACT We describe

More information

Experience the commitment WHITE PAPER. Information Security Continuous Monitoring. Charting the Right Course. cgi.com 2014 CGI GROUP INC.

Experience the commitment WHITE PAPER. Information Security Continuous Monitoring. Charting the Right Course. cgi.com 2014 CGI GROUP INC. Experience the commitment WHITE PAPER Information Security Continuous Monitoring Charting the Right Course May 2014 cgi.com 2014 CGI GROUP INC. During the last few months of 2013, six federal agencies

More information

Cybersecurity The role of Internal Audit

Cybersecurity The role of Internal Audit Cybersecurity The role of Internal Audit Cyber risk High on the agenda Audit committees and board members are seeing cybersecurity as a top risk, underscored by recent headlines and increased government

More information

SANS Top 20 Critical Controls for Effective Cyber Defense

SANS Top 20 Critical Controls for Effective Cyber Defense WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a

More information

ITU-IMPACT Training and Skills Development Course Catalogue

ITU-IMPACT Training and Skills Development Course Catalogue ITU-IMPACT Training and Skills Development Course Catalogue Management Track Technical Track Course Area Management Incident Response Digital Forensics Network Application Law Enforcement Foundation Management

More information

e-discovery Forensics Incident Response

e-discovery Forensics Incident Response e-discovery Forensics Incident Response NetSecurity Corporation 21351 Gentry Drive Suite 230 Dulles, VA 20166 VA DCJS # 11-5605 Phone: 703.444.9009 Toll Free: 1.866.664.6986 Web: www.netsecurity.com Email:

More information

Apply today: strayer.edu/apply SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY MASTER OF SCIENCE IN INFORMATION SYSTEMS RECOGNIZED MARKETABLE FLEXIBLE

Apply today: strayer.edu/apply SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY MASTER OF SCIENCE IN INFORMATION SYSTEMS RECOGNIZED MARKETABLE FLEXIBLE RECOGNIZED PROVEN RESPECTED MARKETABLE FLEXIBLE Fernanda Tapia Student SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY MASTER OF SCIENCE IN INFORMATION SYSTEMS Apply today: strayer.edu/apply FLEXIBLE / AFFORDABLE

More information

Cybersecurity Enhancement Account. FY 2017 President s Budget

Cybersecurity Enhancement Account. FY 2017 President s Budget Cybersecurity Enhancement Account FY 2017 President s Budget February 9, 2016 Table of Contents Section 1 Purpose... 3 1A Mission Statement... 3 1.1 Appropriations Detail Table... 3 1B Vision, Priorities

More information

Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015

Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015 Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence AIBA Quarterly Meeting September 10, 2015 The Answer 2 Everyone The relationship between the board, C-suite, IT, and compliance leaders

More information

High Level Cyber Security Assessment 2/1/2012. Assessor: J. Doe

High Level Cyber Security Assessment 2/1/2012. Assessor: J. Doe 2/1/2012 Assessor: J. Doe Disclaimer This report is provided as is for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information

More information

TURNING THE RISING TIDE OF CYBERSECURITY THREATS

TURNING THE RISING TIDE OF CYBERSECURITY THREATS TURNING THE RISING TIDE OF CYBERSECURITY THREATS With cyber attacks on the rise, there s a growing need for digital forensic professionals with the knowledge and skills to investigate technology crimes

More information

Defending Against Data Beaches: Internal Controls for Cybersecurity

Defending Against Data Beaches: Internal Controls for Cybersecurity Defending Against Data Beaches: Internal Controls for Cybersecurity Presented by: Michael Walter, Managing Director and Chris Manning, Associate Director Protiviti Atlanta Office Agenda Defining Cybersecurity

More information

SECURE POWER SYSTEMS PROFESSIONALS (SPSP) PROJECT PHASE 3, FINAL REPORT: RECRUITING, SELECTING, AND DEVELOPING SECURE POWER SYSTEMS PROFESSIONALS

SECURE POWER SYSTEMS PROFESSIONALS (SPSP) PROJECT PHASE 3, FINAL REPORT: RECRUITING, SELECTING, AND DEVELOPING SECURE POWER SYSTEMS PROFESSIONALS 1 SECURE POWER SYSTEMS PROFESSIONALS (SPSP) PROJECT PHASE 3, FINAL REPORT: RECRUITING, SELECTING, AND DEVELOPING SECURE POWER SYSTEMS PROFESSIONALS Synopsis SPSP Project Overview Phase I Summary Phase

More information

Technical Testing. Network Testing DATA SHEET

Technical Testing. Network Testing DATA SHEET DATA SHEET Technical Testing Network Testing The Dell SecureWorks Technical Testing services deliver the independent expertise, experience and perspective you need to enhance your security posture, reduce

More information

Protecting against cyber threats and security breaches

Protecting against cyber threats and security breaches Protecting against cyber threats and security breaches IBM APT Survival Kit Alberto Benavente Martínez abenaventem@es.ibm.com IBM Security Services Jun 11, 2015 (Madrid, Spain) 12015 IBM Corporation So

More information

Hackers are here. Where are you?

Hackers are here. Where are you? 1 2 What is EC-Council Certified Security Analyst Licensed Penetration Tester Program You are an ethical hacker. Your last name is Pwned. You dream about enumeration and you can scan networks in your sleep.

More information

MSc Cyber Security. identity. hacker. virus. network. information

MSc Cyber Security. identity. hacker. virus. network. information identity MSc Cyber Security hacker virus QA is the foremost provider of education in the UK. We work with individuals at all stages of their careers, from our award-winning apprenticeship programmes, through

More information

The Business Case for Security Information Management

The Business Case for Security Information Management The Essentials Series: Security Information Management The Business Case for Security Information Management sponsored by by Dan Sullivan Th e Business Case for Security Information Management... 1 Un

More information

Microsoft Services Premier Support. Security Services Catalogue

Microsoft Services Premier Support. Security Services Catalogue Microsoft Services Premier Support Security Services Catalogue 2014 Microsoft Services Microsoft Services helps you get the most out of your Microsoft Information Technology (IT) investment with integrated

More information

Microsoft s cybersecurity commitment

Microsoft s cybersecurity commitment Microsoft s cybersecurity commitment Published January 2015 At Microsoft, we take the security and privacy of our customers data seriously. This focus has been core to our culture for more than a decade

More information

Information Security and Risk Management

Information Security and Risk Management Information Security and Risk Management COSO and COBIT Standards and Requirements Page 1 Topics Information Security Industry Standards and COBIT Framework Relation to COSO Internal Control Risk Management

More information

Cisco Security Services

Cisco Security Services Cisco Security Services Cisco Security Services help you defend your business from evolving security threats, enhance the efficiency of your internal staff and processes, and increase the return on your

More information

[STAFF WORKING DRAFT]

[STAFF WORKING DRAFT] S:\LEGCNSL\LEXA\DOR\OI\PARTIAL\CyberWD..xml [STAFF WORKING DRAFT] JULY, 0 SECTION. TABLE OF CONTENTS. The table of contents of this Act is as follows: Sec.. Table of contents. Sec.. Definitions. TITLE

More information

Vulnerability Management

Vulnerability Management Vulnerability Management Buyer s Guide Buyer s Guide 01 Introduction 02 Key Components 03 Other Considerations About Rapid7 01 INTRODUCTION Exploiting weaknesses in browsers, operating systems and other

More information

Bachelor of Science Degree Cyber Security Advancing the nation s workforce one graduate at a time

Bachelor of Science Degree Cyber Security Advancing the nation s workforce one graduate at a time Flexible Online Bachelor s Degree Completion Programs Bachelor of Science Degree Cyber Security Advancing the nation s workforce one graduate at a time Cyber Security Major The Program You ve heard about

More information

Master of Science in Information Systems & Security Management. Courses Descriptions

Master of Science in Information Systems & Security Management. Courses Descriptions Master of Science in Information Systems & Security Management Security Related Courses Courses Descriptions ISSM 530. Information Security. 1 st Semester. Lect. 3, 3 credits. This is an introductory course

More information

Cyber Security Management

Cyber Security Management Cyber Security Management Focusing on managing your IT Security effectively. By Anthony Goodeill With the news cycles regularly announcing a recurrently theme of targets of hacker attacks and companies

More information

Put into test the security of an environment and qualify its resistance to a certain level of attack.

Put into test the security of an environment and qualify its resistance to a certain level of attack. Penetration Testing: Comprehensively Assessing Risk What is a penetration test? Penetration testing is a time-constrained and authorized attempt to breach the architecture of a system using attacker techniques.

More information

The Protection Mission a constant endeavor

The Protection Mission a constant endeavor a constant endeavor The IT Protection Mission a constant endeavor As businesses become more and more dependent on IT, IT must face a higher bar for preparedness Cyber preparedness is the process of ensuring

More information

Rising to the Challenge

Rising to the Challenge CYBERSECURITY: Rising to the Challenge Dialogues with Subject Matter Experts Advanced persistent threats. Zero-day attacks. Insider threats. Cybersecurity experts say that if IT leaders are not concerned

More information

Information Security Specialist Training on the Basis of ISO/IEC 27002

Information Security Specialist Training on the Basis of ISO/IEC 27002 Information Security Specialist Training on the Basis of ISO/IEC 27002 Natalia Miloslavskaya, Alexander Tolstoy Moscow Engineering Physics Institute (State University), Russia, {milmur, ait}@mephi.edu

More information

NASA OFFICE OF INSPECTOR GENERAL

NASA OFFICE OF INSPECTOR GENERAL NASA OFFICE OF INSPECTOR GENERAL OFFICE OF AUDITS SUITE 8U71, 300 E ST SW WASHINGTON, D.C. 20546-0001 April 14, 2016 TO: SUBJECT: Renee P. Wynn Chief Information Officer Final Memorandum, Review of NASA

More information

The Path Ahead for Security Leaders

The Path Ahead for Security Leaders The Path Ahead for Security Leaders Executive Summary What You Will Learn If you asked security leaders five years ago what their primary focus was, you would likely get a resounding: securing our operations.

More information

2012 Application Security Gap Study: A Survey of IT Security & Developers

2012 Application Security Gap Study: A Survey of IT Security & Developers 2012 Application Gap Study: A Survey of IT & s Research sponsored by Innovation Independently Conducted by Ponemon Institute LLC March 2012 1 2012 Application Gap Study: A Survey of IT & s March 2012 Part

More information

Keynote: FBI Wednesday, February 4 noon 1:10 p.m.

Keynote: FBI Wednesday, February 4 noon 1:10 p.m. Keynote: FBI Wednesday, February 4 noon 1:10 p.m. Speaker: Leo Taddeo Special Agent in Change, Cyber/Special Operations Division Federal Bureau of Investigation Biography: Leo Taddeo Leo Taddeo is the

More information

Managing IT Security with Penetration Testing

Managing IT Security with Penetration Testing Managing IT Security with Penetration Testing Introduction Adequately protecting an organization s information assets is a business imperative one that requires a comprehensive, structured approach to

More information

FedVTE Training Catalog SUMMER 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

FedVTE Training Catalog SUMMER 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov FedVTE Training Catalog SUMMER 2015 advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov Access FedVTE online at: fedvte.usalearning.gov If you need any assistance please

More information

TUSKEGEE CYBER SECURITY PATH FORWARD

TUSKEGEE CYBER SECURITY PATH FORWARD TUSKEGEE CYBER SECURITY PATH FORWARD Preface Tuskegee University is very aware of the ever-escalating cybersecurity threat, which consumes continually more of our societies resources to counter these threats,

More information

MASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY

MASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY MASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY HTTP://SCIENCE.HAMPTONU.EDU/COMPSCI/ The Master of Science in Information Assurance focuses on providing

More information

SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Job Profiles

SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Job Profiles PNNL-24138 SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Job Profiles March 2015 LR O Neil TJ Conway DH Tobey FL Greitzer AC Dalton PK Pusey Prepared for the

More information

Access FedVTE online at: fedvte.usalearning.gov

Access FedVTE online at: fedvte.usalearning.gov FALL 2015 Access FedVTE online at: fedvte.usalearning.gov If you need any assistance please contact the FedVTE Help Desk her e or email the Help Desk at support@usalearning.net. To speak with a Help Desk

More information

CONSULTING IMAGE PLACEHOLDER

CONSULTING IMAGE PLACEHOLDER CONSULTING IMAGE PLACEHOLDER KUDELSKI SECURITY CONSULTING SERVICES CYBERCRIME MACHINE LEARNING ECOSYSTEM & INTRUSION DETECTION: CYBERCRIME OR REALITY? ECOSYSTEM COSTS BENEFITS BIG BOSS Criminal Organization

More information

UF IT Risk Assessment Standard

UF IT Risk Assessment Standard UF IT Risk Assessment Standard Authority This standard was enacted by the UF Senior Vice President for Administration and the UF Interim Chief Information Officer on July 10, 2008 [7]. It was approved

More information

IT Security Testing Services

IT Security Testing Services Context Information Security T +44 (0)207 537 7515 W www.contextis.com E gcloud@contextis.co.uk IT Security Testing Services Context Information Security Contents 1 Introduction to Context Information

More information

Attachment A. Identification of Risks/Cybersecurity Governance

Attachment A. Identification of Risks/Cybersecurity Governance Attachment A Identification of Risks/Cybersecurity Governance 1. For each of the following practices employed by the Firm for management of information security assets, please provide the month and year

More information

How Your Current IT Security System Might Be Leaving You Exposed TAKEAWAYS CHALLENGES WHITE PAPER

How Your Current IT Security System Might Be Leaving You Exposed TAKEAWAYS CHALLENGES WHITE PAPER WHITE PAPER CHALLENGES Protecting company systems and data from costly hacker intrusions Finding tools and training to affordably and effectively enhance IT security Building More Secure Companies (and

More information

Internal audit of cybersecurity. Presentation to the Atlanta IIA Chapter January 2015

Internal audit of cybersecurity. Presentation to the Atlanta IIA Chapter January 2015 Internal audit of cybersecurity Presentation to the Atlanta IIA Chapter January 2015 Agenda Executive summary Why is this topic important? Cyber attacks: increasing complexity arket insights: What are

More information

OCIE CYBERSECURITY INITIATIVE

OCIE CYBERSECURITY INITIATIVE Topic: Cybersecurity Examinations Key Takeaways: OCIE will be conducting examinations of more than 50 registered brokerdealers and registered investment advisers, focusing on areas related to cybersecurity.

More information

CyberSecurity Solutions. Delivering

CyberSecurity Solutions. Delivering CyberSecurity Solutions Delivering Confidence Staying One Step Ahead Cyber attacks pose a real and growing threat to nations, corporations and individuals globally. As a trusted leader in cyber solutions

More information

CyberNEXS Global Services

CyberNEXS Global Services CyberNEXS Global Services CYBERSECURITY A cyber training, exercising, competition and certification product for maximizing the cyber skills of your workforce The Cyber Network EXercise System CyberNEXS

More information

By John Pirc. THREAT DETECTION HAS moved beyond signature-based firewalls EDITOR S DESK SECURITY 7 AWARD WINNERS ENHANCED THREAT DETECTION

By John Pirc. THREAT DETECTION HAS moved beyond signature-based firewalls EDITOR S DESK SECURITY 7 AWARD WINNERS ENHANCED THREAT DETECTION THE NEXT (FRONT) TIER IN SECURITY When conventional security falls short, breach detection systems and other tier 2 technologies can bolster your network s defenses. By John Pirc THREAT HAS moved beyond

More information

A Case for Managed Security

A Case for Managed Security A Case for Managed Security By Christopher Harper Managing Director, Security Superior Managed IT & Security Services 1. INTRODUCTION Most firms believe security breaches happen because of one key malfunction

More information

I D C A N A L Y S T C O N N E C T I O N

I D C A N A L Y S T C O N N E C T I O N I D C A N A L Y S T C O N N E C T I O N Robert Westervelt Research Manager, Security Products T h e R o l e a nd Value of Continuous Security M o nitoring August 2015 Continuous security monitoring (CSM)

More information

CYBER SECURITY INFORMATION SHARING & COLLABORATION

CYBER SECURITY INFORMATION SHARING & COLLABORATION Corporate Information Security CYBER SECURITY INFORMATION SHARING & COLLABORATION David N. Saul Senior Vice President & Chief Scientist 28 June 2013 Discussion Flow The Evolving Threat Environment Drivers

More information

Threat Intelligence Pty Ltd info@threatintelligence.com 1300 809 437. Specialist Security Training Catalogue

Threat Intelligence Pty Ltd info@threatintelligence.com 1300 809 437. Specialist Security Training Catalogue Threat Intelligence Pty Ltd info@threatintelligence.com 1300 809 437 Specialist Security Training Catalogue Did you know that the faster you detect a security breach, the lesser the impact to the organisation?

More information

DoD Directive (DoDD) 8570 & GIAC Certification

DoD Directive (DoDD) 8570 & GIAC Certification DoD Directive (DoDD) 8570 & GIAC Certification Date Updated: January 2014 National Account Manager 678-714-5712 Director 703-968-0103 What is DoDD 8570? Department of Defense Directive 8570 provides guidance

More information

Bellevue University Cybersecurity Programs & Courses

Bellevue University Cybersecurity Programs & Courses Undergraduate Course List Core Courses: CYBR 250 Introduction to Cyber Threats, Technologies and Security CIS 311 Network Security CIS 312 Securing Access Control CIS 411 Assessments and Audits CYBR 320

More information

Corporate Incident Response. Why You Can t Afford to Ignore It

Corporate Incident Response. Why You Can t Afford to Ignore It Corporate Incident Response Why You Can t Afford to Ignore It Whether your company needs to comply with new legislation, defend against financial loss, protect its corporate reputation or a combination

More information

FedVTE Training Catalog SPRING 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

FedVTE Training Catalog SPRING 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov FedVTE Training Catalog SPRING 2015 advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov If you need any assistance please contact the FedVTE Help Desk here or email the

More information

GEARS Cyber-Security Services

GEARS Cyber-Security Services Florida Department of Management Services Division of State Purchasing Table of Contents Introduction... 1 About GEARS... 2 1. Pre-Incident Services... 3 1.1 Incident Response Agreements... 3 1.2 Assessments

More information

FERPA: Data & Transport Security Best Practices

FERPA: Data & Transport Security Best Practices FERPA: Data & Transport Security Best Practices April 2013 Mike Tassey Privacy Technical Assistance Center FERPA and Data Security Unlike HIPAA and other similar federal regulations, FERPA does not require

More information

Principles of Information Security, Fourth Edition. Chapter 12 Information Security Maintenance

Principles of Information Security, Fourth Edition. Chapter 12 Information Security Maintenance Principles of Information Security, Fourth Edition Chapter 12 Information Security Maintenance Learning Objectives Upon completion of this material, you should be able to: Discuss the need for ongoing

More information

JOB ANNOUNCEMENT. Chief Security Officer, Cheniere Energy, Inc.

JOB ANNOUNCEMENT. Chief Security Officer, Cheniere Energy, Inc. JOB ANNOUNCEMENT Chief Security Officer, Cheniere Energy, Inc. Position Overview The Vice President and Chief Security Risk Officer (CSRO) reports to the Chairman, Chief Executive Officer and President

More information