CYBER SECURITY- EDUCATION AND AWARENESS

Size: px
Start display at page:

Download "CYBER SECURITY- EDUCATION AND AWARENESS"

Transcription

1 CYBER SECURITY- EDUCATION AND AWARENESS Background Paper on Cyber Security - Education and Awareness Department of Information Technology (India) A. Background Paper Cyber Security, which is also referred to as information security, is the protection of information against unauthorized disclosure, transfer, modifications, or disclosure, whether accidental or intentional. In today s scenario computer networking is the key to flow of information. It is, therefore, important to provide cyber security i.e. protecting the Computer Systems and Networks, from hacking, information stealing and corruption etc. Worldwide IT industry both hardware and software, is working on cyber security aspects to mitigate the potential danger that has assumed significance after 11th September Information security is the key issue in today s Information Technology world. Information security is required at all levels personal level, corporate level, state and country level. There is a steady rise in the occurrence of cyber attacks (28 % rise in the first six months of 2002). As per a survey in 2001, cyber attacks cost business roughly $ 13.2 billion in damage and clean up cost while the cost in 2000 was $ 17.1 billion. Some of the institutes were even forced to shut down whole networks to fix the problem. International Data Corporation (IDC) predicted that the worldwide information security market would increase from roughly $6.7 billion in 2000 to $21 billion by In the financial services industry alone, the spending on security related products and services is expected to rise from $848 million in 2000 to $2.2 billion by Thus, there is a sizable requirement of cyber security products and services. India being a super power in software industry could contribute substantially to this. This necessitates development of specialized manpower, both at high end and low end, in the country. The manpower requirement will not only cater to world market but will also cater to country s requirement. In addition to developing specialized manpower and managers in the cyber security area, there will be a requirement of dissemination of information security related information & issues and educating/ training computer network users by and large. These training could be at various levels including introductory training, technical training in different security disciplines, master training and continued education. The whole idea being that the users contribute to the Information Security initiatives of the Government level. Realising the imperative for developing this area in the country, especially from the point of view of Education and Awareness, a Working Group on Cyber Security Education and Awareness, has been formed by Department of Information Technology. This Working Group will recommend the measures to be taken in the country to ensure development of Education in the country in the area of cyber security to induct IT related courses in the formal & non-formal education system, training both short term and long term, leading to development of indigenous hardware and software capabilities in the core area of Information Security.

2 The following could be the draft road map / approach for the Working Group: i. Identification of the thrust areas / industry requirements both hardware & software: These could include areas like Intrusion detection systems, Public Key Infrastructure, Firewalls, security assessments, cyber forensics, virtual private networks, wireless security, anti viruses, managed Security Monitoring, crypto analysis etc. Research / Technology Development programmes could be initiated in the thrust areas so identified by the Working Group at the leading institutes / research organisations in the country including setting up of a Cyber Security Institute, if required. ii. Estimate Manpower requirement, both high end and low end, to cater to the national requirements and international market. iii. Launch Nation wide information security campaign: Information on cyber security related aspects is the concern of all the computer network / Internet users. Thus, the Government should take appropriate steps to inform the public about cyber security in a well-organised manner. This could be done by organising workshops / trainings, regular discussions / talks on TV during prime time, publishing articles etc. in the leading newspapers on cyber security and counter security aspects. iv. Develop cyber security related curriculum for IT course: This will include identification of the cyber security courses which could be offered as part of IT education both in the formal and non-formal education sector. To identify the cyber security related course areas such as:- Fundamentals of Cyber Security; Cyber Security Techniques and Mechanisms; Cyber Security Protocols, Threats and Defenses; E-business Security and Information Assurance etc., a subgroup could be formed. The subgroup could include members from Academic Institutes - IITs, IISc etc.; Research institutes / labs - DRDO, ISRO, BARC, TIFR etc; Industry - WIPRO, INFOSYS, SCL etc.; certification agencies like STQC; and other leading computer organisations like CDAC etc. While developing the overall curriculum, Sub-group will take into consideration the HR requirements as projected by the Working Group. The following could be the draft road map / approach for the Working Group: i. Identification of the thrust areas / industry requirements both hardware & software: These could include areas like Intrusion detection systems, Public Key Infrastructure, Firewalls, security assessments, cyber forensics, virtual private networks, wireless security, anti viruses, managed Security Monitoring, crypto analysis etc. Research / Technology Development programmes could be initiated in the thrust areas so identified by the Working Group at the leading institutes / research organisations in the country including setting up of a Cyber Security Institute, if required. ii. Estimate Manpower requirement, both high end and low end, to cater to the national requirements and international market.

3 iii. Launch Nation wide information security campaign: Information on cyber security related aspects is the concern of all the computer network / Internet users. Thus, the Government should take appropriate steps to inform the public about cyber security in a well-organised manner. This could be done by organising workshops / trainings, regular discussions / talks on TV during prime time, publishing articles etc. in the leading newspapers on cyber security and counter security aspects. iv. Develop cyber security related curriculum for IT course: This will include identification of the cyber security courses which could be offered as part of IT education both in the formal and non-formal education sector. To identify the cyber security related course areas such as:- Fundamentals of Cyber Security; Cyber Security Techniques and Mechanisms; Cyber Security Protocols, Threats and Defenses; E-business Security and Information Assurance etc., a subgroup could be formed. The subgroup could include members from Academic Institutes - IITs, IISc etc.; Research institutes / labs - DRDO, ISRO, BARC, TIFR etc; Industry - WIPRO, INFOSYS, SCL etc.; certification agencies like STQC; and other leading computer organisations like CDAC etc. While developing the overall curriculum, Sub-group will take into consideration the HR requirements as projected by the Working Group. The following could the draft Terms of Reference of the Subgroup: a. To prepare a list of courses and curriculum in cyber security which could be offered at - Certificate level (3, 6, 12 months) - Diploma level - Undergraduate level- B.Tech, MCA, B.Sc., M.Sc. etc. - Graduate level b. To prepare a list and develop courses in Information Technology Security Certification and Auditing for Information Security System Managers / administrators c. To prepare a list of courses and courseware for computer network users in general. d. To prepare a list of institutions & experts which could act as the Resource Centers for training the teachers in the area of cyber security e. To identify the institutes / centers who could offer the Information Technology Security Certification & Auditing courses to the Information Security system administrators and managers. The term of subgroup could be for a period of 4-6 months at the end of which it will submit the report to Working Group.

4 v. E-learning initiatives: The courses developed at the graduate and undergraduate level and other related information on cyber security could be put on the DIT web site for ready reference of the computer network users. While developing the courseware, special attention needs to be given to the courseware development for educating computer network users. vi. Setting up of an Information Security Technology Development Council (ISTDC): The main objective of ISTDC will be development of indigenous hardware and software capabilities in the core areas of Information security identified by the Working Group. While developing the indigenous capabilities, ISTDC should also ensure that enough opportunities are available to the specialized manpower available in the country. For development a pro-active approach will be followed under which the leading development agencies institutions will be approached with broad specifications of the project rather than organisations approaching DIT. The specifications of the project will be arrived at by the ISTDC in consultations with the industry / users etc Terms of Reference of ISTDC: i. To evaluate cyber security project proposals received and to give recommendations for further processing by DIT ii. To review the on-going projects through monitoring committees and recommended any modification in scope, funding, duration, additional inputs, termination, transfer of technology etc. iii. To recommend follow-up action on completed projects transfer of technology, initiation of next phase etc. iv. To form Project Review and Steering Groups of the Projects approved and funded by DIT Duration :- The Working Group formed will be for a period of 3 years. Budget Requirements: 1. Development of Indigenous hardware and Software capabilities Rs. 30 Crores 2. Teacher training / course development / lab setup Rs. 6 Crore 3. E-Learning Initiatives Rs. 3 Crore 4. Information Dissemination Rs. 3 Crore B. Composition of the Inter Ministerial Working Group on Cyber Security Education and Awareness 1. Shri Rajeeva Ratna Shah, Secretary, DIT - Chairman 2. Shri S Laxminarayanan, Additional Secretary, DIT - Member 3. Shri V S Pandey, Joint Secretary (Technical Education), MHRD - Member 4. Dr. R Natarajan, Chairman, AICTE - Member 5. Dr. (Mrs.) Pankaj Mittal, Joint Secretary, UGC, - Member Delhi

5 6. Prof. Anshul Kumar, IIT Delhi - Member 7. Prof D N Buragohain, Director, IIT- Guwahati - Member 8. Prof N Balakrishnan, Indian Institute of Science, Bangalore - Member 9. Dr P N Gupta, ED, DOEACC Society, Delhi - Member 10. Shri V K Dharmadhikari, DG, CEDTI, Delhi - Member 11. Shri Gulshan Rai, ED, ERNET India, Delhi - Member 12. Mr. Kiran Karnik, President, NASSCOM, Delhi - Member 13. Prof R.K. Shyamasundar, TIFR, Mumbai - Member 14. Prof A S Kolaskar, Vice Chancellor, Univarsity of Pune, Pune - Member 15. Shri A B Saha, ED, ER&DCI, Kolkata - Member - Member 16. Shri R K Arora, Director, NCST, Mumbai - Member 17. Maj. Gen. A.S. Bhagat, SM,Additional DG SI, Sena Bhavan, New Delhi 18. Brig. G.K. Nischal, DDG (Telecommunication), Army Hqrs. New Delhi - Member - Member - Member 19. Shri Pankaj Agrawala, Joint Secretary, DIT Member Secretary 21. Dr. S L Sarnot, Director General, STQC, DIT 22. Dr. A K Chakravarty, Adviser, DIT Shri B.K. Gairola, DDG, NIC, New Delhi Member Secretary, IM-WG on Cyber Security Assurance. Member Secretary, IM-WG on Encryption Policy and IM-WG on Cyber Law and Cyber Forensics -Member Secretary, IM-WG on Critical Infrastructure Protection C. Minutes of the First Meeting of the IM WG on Cyber Security Education and Awareness held on 12th December 2002 at DIT New Delhi. 1. First Meeting of the Inter-Ministerial Working Group on Cyber Security Education and Awareness was held on 12th December 2002 at 1130 Hrs. in the E Governance Conference Hall, DIT under the Chairmanship of Shri Rajeeva Ratna Shah, Secretary DIT. 2. Secretary in his opening remarks welcomed the Members of the Working Group and emphasized that information security is a key issue in networked systems and hence there is a need to develop specialized manpower in this area along with launching awareness campaign for the network users in general. Secretary clarified that the mandate for this working group is

6 Cyber Security Education and Awareness. Research component will be looked after by Information Security Technology Development Council (ISTDC) which will be steered by Dr. AK Chakravarti, Adviser, DIT. Chairman also emphasized that like Y2K, the growing needs of Governments, Corporates & MNCs world over for Information Security offer us an opportunity of ingress into their systems by becoming a global ISMS manpower resource provider. 3. Shri Pankaj Agarawala, JS, DIT & Member Secretary of the Working Group, made a presentation on the draft Road Map on Cyber Security Education and Awareness, prepared by DIT for the discussions of the Working Group. Member Secretary made the presentation highlighting the issues like identification of the thrust areas, estimation of manpower requirement, awareness campaign, development of cyber security related curriculum for IT courses etc. Shri Agarawala emphasized that on the one hand there is a regulation driven security system and on the other the users are concerned about the vulnerability to cyber attacks and their survival. Thus, there is a need for a legal regulatory framework to remove perverse incentives and adopt appropriate policies to ensure e-security. He also emphasized that the present day market has the technologies but the ability to effectively put to use this technology is the main concern. Badly designed software is also a threat necessitating the need for re-training the existing software manpower towards information security. Thereafter the subject matter was thrown open for discussions. 4. While emphasizing the need for such a pro-active approach by DIT in this area, Prof. Balakrishnan, IISc, opined that about 10% of the companies expenses are on the information security related issues and 60% of this amount is spent on the manpower requirements, thereby underlying the importance of information security services. He further informed that instead of just system administrators / managers there is now a growing requirement of Chief Information Officer (CIO) with knowledge / experience in information security. He informed that new security concept is evolving world-over called Security Maturity Model wherein security depth upto which one can go depends on the system s complexity. He further stated that hacking in the present scenario has become simple but the attack is complicated due the complexities of the systems. Thus we need to evolve new specific packages to tackle the security hazards at the infrastructure i.e. optical fiber level, as the one size fits all solution is no more applicable now. He also stated that the global market is much larger than domestic market. Therefore, he opined that there is a requirement of manpower development in this area to cater to security requirements at all levels including industry. Therefore, an exhaustive courseware needs to be developed. 5. Supporting the views of Prof. Balakrishnan, Prof. Shyamasundar, TIFR informed that importance of training system administrators on information security is being felt by various organizations and gave the example of training BARC system administrators on information security at CAT, Indore. He further informed that this training programme is also being organized at other BARC centers. He also emphasized the need of trained manpower at different levels in an organisation.

7 He was also of the view that a workshop on cyber security- gap analysis for the system administrators and managers needs to be convened. He opined that while developing courseware emphasis needs to be given on updating mathematics courses, number theory / cryptography, security modeling and concept analysis. 6. Dr. A.K. Chakravarti, Adviser, DIT, was of the opinion that in the pre-market scenario, IEEE had developed courseware for computer professionals which become de-facto standards. Therefore, there is a need to identify courseware that can become standard courses in the area of information security for the next 5 years since we are still in the pre-market stage. Government will have to play a lead role. 7. Shri Kiran Karnik, President NASSCOM, also supported the importance of cyber security. In particular, he was of the view that India, being a super power in IT, should take quick measures to embed security curriculum in all the courses. Trained manpower in cyber security will get better pay. Government must play a leading role in this endeavor because pre-market conditions are prevailing at the moment. This will also improve the employment opportunities, as information security for networked systems is becoming an absolute necessity both at the domestic and global level. He further informed that while developing the courses, emphasis should also be laid on development of short-term courses for judiciary, police etc for clearing their perception about IT in general and in particular about IT security. He also emphasized the need for secured code development for IT security. 8. Certification and Auditing for information security systems is also a key area. There is a requirement of training systems administrators / managers in information security. Tailor made short-term courses could be offered to these professionals. STQC can identify and develop courseware for these short-term courses. 9. It was also brought out during the discussions that an awareness campaign on information security needs to be launched in the country. This could be done by organising workshops / training, regular discussions / talks on TV & radio during prime time, publishing articles in the leading newspapers / magazines. The IT security related information should be put on the DIT and other prominent web sites. In these campaigns information on what to do on security hazard should also be provided. 10. Summing up, Chairman said that information security is a high priority area, and hence action needs to be taken up to develop manpower, high and low end both, to cater to domestic as well as global requirements. In particular he was of the view that the following areas need to be strengthened in the country: i. Intrusion detection & prevention system ii. Perimeter Defense / Firewalls iii. Vulnerability Assessment iv. Penetration Testing v. Incident Handling

8 vi. Virus / worms notification and correction measures vii. Computer forensics viii. Disaster recovery ix. Infrastructure security x. Wireless security xi. Cryptography and Crypto-analysis xii. Survival of Network 11. Decisions taken: a. NASSCOM to i. Carryout a study on the actual manpower requirement in the area of information security at national & international level to cater the following categories of users - Govt. - Business - Academia - Small industries / small offices/ small home offices ii. Identify the broad skill sets required iii. Conduct a survey on manpower requirement on auditing and certification in the area of information security The expenditure for the survey will be met by NASSCOM. NASSCOM to submit the report within one month. b. STQC will work out a plan of action for spreading Information Security & hold a series of 5 day seminars for initiating CIOs awareness of the need for small business / offices/ home offices into carrying out gap analysis, identifying vulnerabilities & threats in their environment & carrying out rectification. c. The following Information security programs / courses should be initiated formally :- i. 6 weeks preliminary information security education programme (aiming at converting public information into knowledge). The courseware for this programme has already been developed by IISC, Bangalore under a DIT scheme. ii. Certificate course in Information Security 6 months i.e. one semester courses iii. Diploma course in information security one-year i.e. two semesters course. iv. M.Tech programme in Cyber Security. This programme will cover the areas mentioned in para 10 above.

9 d. In addition to above, the existing B.Tech & M.Tech courses in computer science & engineering need to be retrofitted with information security related subjects. Extensive hands-on-training should be an in-built component in all these courses. e. For curriculum planning & preparation of courseware for all courses in 11 (c) & (d), the following sub-group was constituted :- i. Prof. N. Balakrishanan, IISc, Bangalore - Convenor ii. Prof. R.K. Shyamasunder, TIFR, Mumbai - Member iii. Prof. Anshul Kumar, IIT Delhi - Member iv. Dr. C.E. Veni Madhvan, DRDO, Delhi - Member It was also decided that the committee could co-opt other members. The committee will submit the report by 15th January f. Formalize short-term courseware for information security auditing and certification in consultation with STQC. 12. The next meeting of the committee will be held in the 4th week of January 2003 after receiving of the NASSCOM report on manpower and sub-group report on courses & curriculum. C. Minutes of the Second Meeting of the Inter-Ministerial Working Group on Cyber Security Education and Awareness held on 12th March 2003 at DIT New Delhi. 1. Second Meeting of the Inter-Ministerial Working Group on Cyber Security Education and Awareness was held on 12th March 2003 at 1530 Hrs. in DIT under the Chairmanship of Shri Rajeeva Ratna Shah, Secretary DIT. The list of participants is at Annexure. 2. Secretary, in his opening remarks welcomed the members of the Working Group. Pankaj Agrawala, Joint Secretary, DIT & Member Secretary of the Working Group briefed the Members about the discussions in the First Meeting of the Working Group, deliverables identified and action taken status. Member Secretary highlighted that the consultant appointed by NASSCOM has submitted its report on IS Manpower Demand Estimation and the sub-group under the convenorship of Prof. Balakrishnan has prepared the syllabus for INCERT Courses, Certificate Course in Information Security, and Masters in Information Security (renamed M.Tech. in Information Security). 3. Kiran Karnik, President NASSCOM presented the consultants report on IS Manpower Demand Estimation. The IDC report presents rising demand for Information Security professionals in the next five years, based on the Global IS market opportunity. The forecast also provides manpower requirement spread over different IS market segments given the growth prospects and the evolving market conditions. Rapid growth of this market has created opportunities for software professionals with experience in network and system integration, IT product, telecommunication, and management consulting markets. In addition, the market landscape has created a new form of professionals which combines business acumen, technical know-how, and strategic skills to exclusively serve this market Kiran Karnik presented the contours of the emerging Information Security market and key market trends. Demand Estimation by Technology and by Activity Segment in India as well as

10 demand estimation by Geographic Region, and demand estimation by Vertical Industry was also indicated in the presentation. He mentioned that market environment for IS services continues to be highly competitive and highly dynamic in the segments of Network / Systems Integrators, Service Providers, Technology owners, Management Consultants, and Pure-plays. Market trends depends on breadth of services offered, service delivery capabilities, skills, target markets, manpower requirement, technology areas, spending pattern, hiring and size of the market. Market trends indicate concerns about network security vulnerabilities, budgetary pressures with respect to staffing levels, and higher levels of network accessibility & security, third party assistance for IT issues especially in the areas of Network and Security Services, and overall shortage of IT professionals in Information Security. The US market for security consulting and integration services will be the largest ISS market in Managed security and education and training services will be the second- and third-largest markets. Rise in security awareness has also driven interest in security training and education programmes for which US is to spend $ 856 million by Estimates of global demand for IS professionals is displaying Compound Annual Growth Rate (CAGR) of 21% from 2002 and In 2001, the worldwide market for ISS grew approximately to $ 8 billion from $ 6.7 billion in By the end of 2006, the worldwide ISS market is expected to almost triple to $ 23.6 billion at a CAGR of approximately 24.1% over the period between 2001 and Estimates of total Information Security Professionals in the Indian security market in 2002 was 19,000, and this is expected to grow at a CAGR of 26% to reach 77,000 in This demand is for various technologies i.e IDnA (Intrusion Detection & Vulnerability Assessment) Software, Security 3A (Administration, Authorization, and Authentication) Software, Encryption Software, SCM (Secure Content Management), Firewall/VPN Software and S/W Exports and various IS Services i.e. Consulting Services, Implementation Services, Management Services, and S/W Services. The financial services (Banking) sector will be the single largest source of ISS spending and demand for IS professionals as compared to discrete / process manufacturing, communications and media, Central Government and other services. Worldwide demand for IS manpower for the global region was close to 60,000 professionals in 2002 which is expected to increase to 1,88,000 by 2008 displaying a CAGR of 21 % between 2001 and Prof. RK Shyamsunder, TIFR Mumbai and Member of the Sub-Group for preparation of courseware presented the syllabus for INCERT courses, Certificate Course in Information Security (6 Months Course), and Masters in Information Security. INCERT courses are related to System Administration Course, Network and Systems Security Course, Network Monitoring Course, Computer Security and Incident Response Course, Setting up the INCERT, Certified Information Security Professional (CISSP) course Months Certificate Course in Information Security consists of Security Management Practices; Physical Security; Access Control; Security Models and Architecture; Cryptography; Networks; Viruses and Worms; Vulnerability Analysis; Disaster Recovery and Business Continuity; Law, Investigation, and Ethics; Application and System Development; and Operations Security M.Tech. in Information Security (Masters in Information Security) have Hardcore ( Introduction to Operating Systems, Data Structures and Algorithms, System Administration of Single and Networked Systems, Information Security Fundamentals, Introduction to Data

11 Networks, Cryptography), Softcore ( Network Security, Intrusion Detection Systems and Firewalls, Wireless Security, Information Warfare, Data Privacy and International Public Policy in the Internet Age, Statistical Methods for Intrusion Detection, Number Theory, Data Mining, Compilers, Security Practices, and Pattern Recognition), Elective Courses (Economics of Managing Information Security, Legal and Ethical Issues in Information Security, Rights in the Digital Age, Survivability of Network Analysis, Network Programming, Network Security, Computer Architecture, Neural Networks, and Stochastic Models and Applications). Prof. Shyamsunder mentioned that courseware takes care of Security Core, Technical Core and Management Core. Selection of courses would provide the option to students for choosing a dual degree in different areas. He also mentioned that IIT Bombay and IIT Delhi have very good courseware in Information Security. 5. Working Group discussed the issues related to web-based tutorial programmes in Information Security, role of examining body like DOEACC to conduct the examinations and award the certificates, problems of hands-on-training for courses in e-learning mode. Mrs. Pankaj Mittal from UGC mentioned that UGC has a system of equivalence of degrees. Therefore, the nomenclature for Masters Programme in Information Security should be changed to MS/ME/M.Tech. in Information Security. Prof Sen from Pune University was of the view that the curriculum design for IT Security must be approached in a wholistic manner lest we confuse the threat with the subject matter. It was felt that DOEACC can play a significant role in this exercise. DOEACC has 800 accreditated institutions with laboratories which could be used for hands-on-training and courseware could be made available either through CDs or on the Web. Further NIIT and Aptech. can also be involved in this exercise. Shri PN Gupta, Executive Director DOEACC confirmed that DOEACC can take a lead role in this initiative. Shri Jatinder Kumar, Senior Director, DIT also informed that 5-days Network Security Training Programme is being organized by R&D in Convergence, Communication and Broadband Technologies Group of the Department of Information Technology. The programme is aimed to give the professionals a deep understanding of the threats to a network and mechanisms for properly defending systems. 6. Summing up, Chairman thanked the NASSCOM for quick analysis of manpower requirement in Information Security sector. Chairman also thanked the Sub-Group for bringing out a courseware in Information Security for various levels. 7. Decisions taken : i. The Sub-Group of Prof. Balakrishnan and Prof. Shyamsunder was requested to submit complete courseware document for : a.* 6 weeks preliminary information security education programme, b.** 6 months Certificate Course in Information Security, c. 1 year Diploma course in Information Security, and d.* ** M.Tech. course in Information Security.

12 Suggested course inputs for retrofitting existing B.Tech and M.Tech courses in Computer Science and Engineering may also be added to the list of deliverables. ii. As 16,000 professionals per year for next 5 years are required, an Action plan need to be drawn clearly mentioning the implementation strategy and resources required, giving break-up of manpower requirement, identification of institutions, target groups for various courses mentioned above in e-learning mode or actual class-room mode. Harnessing the role of DOEACC for value-addition programmes may also be considered. NIIT, Aptech. and IGNOU could also be involved. Action plan alongwith budget requirement to be submitted by Manpower Division in the DIT. iii. Capacity Building in Institutions and Summer Programs in Information Security may be initiated immediately. 8. The next and last meeting of the Working Group will be held after a fortnight after receiving the above document on courseware and action plan. a.* SHORT TERM COURSES (Course Curriculum) 1. System Administration Course 1.1 System Administration of Standalone Systems Booting and Shutting the system User Management File systems Managing System Resources Backup and Restore Serial devices and Printers System Accounting Automating System Administration Miscellaneous 1.2 System Administration of Networked System Networking Concepts for System Administration Configuring TCP/IP for Unix Domain Name System Network Information Service Network File System Electronic Mail Systems

13 1.2.7 Introduction to WWW Services Network Management and Debugging 2. Network and Systems Security Course 2.1 Design and evaluation of Physical Security 2.2 Design and evaluation of Access Controls 2.3 Routers 2.4 Packet Filters 2.5 Firewalls 2.6 Intrusion Detection Systems 2.7 Virtual Private Network 2.8 Cryptography 2.9 Vulnerability Assessment 2.10 Risk Evaluation Ethics 2.11 Law 2.12 Security Policies and their implementation 2.13 Security Architecture and models 3. Network Monitoring Course 3.1 Test Preparation 3.2 Penetration Testing 3.3 Violation Analysis and Auditing 3.4 Reporting Incidents 4. Computer Security and Incident Response Course 4.1 Basic Framework of CSIR Team 4.2 Incident Response (IR) Service 4.3 Advanced Incident Handling 4.4 CSIRT Operations 4.5 Survivability Systems Analysis 4.6 Digital Assets 4.7 Security Maturity Models 5. Setting up the InCERT 5.1 Introduction 5.2 Operational Elements 5.3 Policies 6. CISSP Certification Course

14 6.1 Security Management Practices 6.2 Access Control 6.3 Security Models and Architecture 6.4 Physical Security 6.5 Telecommunications and Networking Security 6.6 Cryptography 6.7 Disaster Recovery and Business Continuity 6.8 Law, Investigation and Ethics 6.9 Application and System Development 6.10 Operations Security b.** CERTIFICATE COURSE IN INFORMATION SECURITY (6 Month Course) (Course Curiculum) 1. Security Management Practices 2. Physical Security 3. Access Control 4. Security Models and Architecture 5. Cryptography 6. Networks 7. Viruses and Worms 8. Vulnerability Analysis 9. Disaster Recovery and Business Continuity 10. Law, Investigation and Ethics 11. Application and System Development 12. Operations Security d.*** M.Tech IN INFORMATION SECURITY (Course Curriculum) Course Categories 1. Hardcore 1.1 Introduction to Operating Systems 1.2 Data Structures and Algorithms 1.3 System Administration of Single and Networked Systems 1.4 Information Security Fundamentals 1.5 Introduction to Data Networks 1.6 Cryptography 2. Softcore 2.1 Network Security 2.2 Intrusion Detection Systems and Firewalls

15 2.3 Topics in Cryptology 2.4 Wireless Security 2.5 Information Warfare 2.6 Data Privacy and International Public Policy in the Internet Age 2.7 Statistical Methods for Intrusion Detection 2.8 Number Theory 2.9 Data Mining 2.10 Compilers 2.11 Security Practices 2.12 Pattern Recognition 3. Electives 3.1 Economics of Managing Information Security 3.2 Legal and Ethical Issues in Information Security 3.3 Rights in the Digital Age 3.4 Survivability of Networks Analysis 3.5 Network Programming 3.6 Network Security 3.7 Computer Architecture 3.8 Neural Networks 3.9 Stochastic Models and Application D. For suggestions / comments, contact :- 1. Shri Pankaj Agrawala, Joint secretary, Department of Information Technology, New Delhi Phone: Fax: Dr. J.S. Sehra, Director. Department of Information Technology, New Delhi Phone: , Fax: , Sunil Alag, Director Department of Information Technology, New Delhi Phone: Source: 04/01/2003

SECURITY GUIDELINES INFORMATION SECURITY MANAGEMENT SYSTEM FOR COMPUTERISATION OF LAND RECORD

SECURITY GUIDELINES INFORMATION SECURITY MANAGEMENT SYSTEM FOR COMPUTERISATION OF LAND RECORD SECURITY GUIDELINES INFORMATION SECURITY MANAGEMENT SYSTEM FOR COMPUTERISATION OF LAND RECORD 1. PURPOSE & SCOPE: The purpose of security initiative is to enlist the procedures and guidelines, which are

More information

Bellevue University Cybersecurity Programs & Courses

Bellevue University Cybersecurity Programs & Courses Undergraduate Course List Core Courses: CYBR 250 Introduction to Cyber Threats, Technologies and Security CIS 311 Network Security CIS 312 Securing Access Control CIS 411 Assessments and Audits CYBR 320

More information

RARITAN VALLEY COMMUNITY COLLEGE COURSE OUTLINE. CISY 229 Information Security Fundamentals

RARITAN VALLEY COMMUNITY COLLEGE COURSE OUTLINE. CISY 229 Information Security Fundamentals RARITAN VALLEY COMMUNITY COLLEGE COURSE OUTLINE CISY 229 Information Security Fundamentals I. Basic Course Information A. Course Number & Title: CISY-229 Information Security Fundamentals B. New or Modified

More information

Programme In Information Security Management

Programme In Information Security Management Programme In Information Security Management One-year programme in Information Security (IS) MIEL Academy is pleased to announce PRISM TM (Programme in Information Security Management) a one-year Fulltime

More information

National Cyber Security Policy -2013

National Cyber Security Policy -2013 National Cyber Security Policy -2013 Preamble 1. Cyberspace 1 is a complex environment consisting of interactions between people, software and services, supported by worldwide distribution of information

More information

MS Information Security (MSIS)

MS Information Security (MSIS) MS Information Security (MSIS) Riphah Institute of Systems Engineering (RISE) Riphah International University, Islamabad, Pakistan 1. Program Overview: The program aims to develop core competencies in

More information

RECOMMENDATIONS OF JOINT WORKING GROUP ON ENGAGEMENT WITH PRIVATE SECTOR ON CYBER SECURITY

RECOMMENDATIONS OF JOINT WORKING GROUP ON ENGAGEMENT WITH PRIVATE SECTOR ON CYBER SECURITY RECOMMENDATIONS OF JOINT WORKING GROUP ON ENGAGEMENT WITH PRIVATE SECTOR ON CYBER SECURITY NATIONAL SECURITY COUNCIL SECRETARIAT Salient Features of the JWG Report on Engagement with Private Sector on

More information

New-Age Undergraduate Programme

New-Age Undergraduate Programme New-Age Undergraduate Programme B. Tech Cloud Technology & Information Security (4 Year Full Time Programme) Academic Year 2015 Page 1 Course Objective This unique B. Tech course provides dual career options

More information

Cyber security Indian perspective & Collaboration With EU

Cyber security Indian perspective & Collaboration With EU Cyber security Indian perspective & Collaboration With EU Abhishek Sharma, BIC IAG member, On behalf of Dr. A.S.A Krishnan, Sr. Director, Department of Electronics & Information Technology Government of

More information

External Supplier Control Requirements

External Supplier Control Requirements External Supplier Control s Cyber Security For Suppliers Categorised as Low Cyber Risk 1. Asset Protection and System Configuration Barclays Data and the assets or systems storing or processing it must

More information

RARITAN VALLEY COMMUNITY COLLEGE COURSE OUTLINE. CISY 275 UNIX and Linux Security Management

RARITAN VALLEY COMMUNITY COLLEGE COURSE OUTLINE. CISY 275 UNIX and Linux Security Management RARITAN VALLEY COMMUNITY COLLEGE COURSE OUTLINE CISY 275 UNIX and Linux Security Management I. Basic Course Information A. Course Number & Title: CISY-275 - UNIX and Linux Security Management B. Date of

More information

New-Age Undergraduate Programme

New-Age Undergraduate Programme New-Age Undergraduate Programme B. Tech - Cloud Technology & Information Security (4 Year Full-Time Programme) Academic Year 2015 Page 1 Course Objective B. Tech - Cloud Technology & Information Security

More information

RARITAN VALLEY COMMUNITY COLLEGE COURSE OUTLINE. CISY 276 Windows Security Management

RARITAN VALLEY COMMUNITY COLLEGE COURSE OUTLINE. CISY 276 Windows Security Management RARITAN VALLEY COMMUNITY COLLEGE COURSE OUTLINE CISY 276 Windows Security Management I. Basic Course Information A. Course Number & Title: CISY-276 Windows Security Management B. Date of Revision: Spring

More information

CESG Certification of Cyber Security Training Courses

CESG Certification of Cyber Security Training Courses CESG Certification of Cyber Security Training Courses Supporting Assessment Criteria for the CESG Certified Training (CCT) Scheme Portions of this work are copyright The Institute of Information Security

More information

New-Age Undergraduate Programme

New-Age Undergraduate Programme New-Age Undergraduate Programme B. Tech Mobile Applications & Information Security (4 Year Full Time Programme) Academic Year 2015 Page 1 Course Objective This unique course provides dual career options

More information

Information Systems and Tech (IST)

Information Systems and Tech (IST) California State University, San Bernardino 1 Information Systems and Tech (IST) Courses IST 101. Introduction to Information Technology. 4 Introduction to information technology concepts and skills. Survey

More information

Nettitude Ltd. (FHEQ) level 7] MSc Postgraduate Diploma Postgraduate Certificate. British Computer Society (BCS) Master s Degree in Computing

Nettitude Ltd. (FHEQ) level 7] MSc Postgraduate Diploma Postgraduate Certificate. British Computer Society (BCS) Master s Degree in Computing Faculty of Engineering and Informatics Programme Specification Programme title: MSc Cyber Security Academic Year: 2015/16 Degree Awarding Body: Partner(s), delivery organisation or support provider (if

More information

Minutes of the meeting of the Copyright Enforcement Advisory Council.

Minutes of the meeting of the Copyright Enforcement Advisory Council. The Government has set up on November 6, 1991 a Copyright Enforcement Advisory Council (CEAC) to review the progress of enforcement of Copyright Act periodically and to advise the Government regarding

More information

New-Age Undergraduate Programme BCA Cloud Technology & Information Security (3 Year Full-Time Programme)

New-Age Undergraduate Programme BCA Cloud Technology & Information Security (3 Year Full-Time Programme) New-Age Undergraduate Programme BCA Cloud Technology & Information Security (3 Year Full-Time Programme) Academic Year 2015 Page 1 Course Objective The course provides dual career options for students

More information

The Protection Mission a constant endeavor

The Protection Mission a constant endeavor a constant endeavor The IT Protection Mission a constant endeavor As businesses become more and more dependent on IT, IT must face a higher bar for preparedness Cyber preparedness is the process of ensuring

More information

i-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors

i-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors March 25-27, 2014 Steven A. Kunsman i-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors ABB Inc. March 26, 2015 Slide 1 Cyber Security for Substation

More information

(Instructor-led; 3 Days)

(Instructor-led; 3 Days) Information Security Manager: Architecture, Planning, and Governance (Instructor-led; 3 Days) Module I. Information Security Governance A. Introduction to Information Security Governance B. Overview of

More information

Release: 1. ICA60308 Advanced Diploma of Information Technology (E-Security)

Release: 1. ICA60308 Advanced Diploma of Information Technology (E-Security) Release: 1 ICA60308 Advanced Diploma of Information Technology (E-Security) ICA60308 Advanced Diploma of Information Technology (E-Security) Modification History Not Applicable Approved Page 2 of 8 Description

More information

Telecom Testing and Security Certification. A.K.MITTAL DDG (TTSC) Department of Telecommunication Ministry of Communication & IT

Telecom Testing and Security Certification. A.K.MITTAL DDG (TTSC) Department of Telecommunication Ministry of Communication & IT Telecom Testing and Security Certification A.K.MITTAL DDG (TTSC) Department of Telecommunication Ministry of Communication & IT 1 Need for Security Testing and Certification Telecom is a vital infrastructure

More information

RARITAN VALLEY COMMUNITY COLLEGE COURSE OUTLINE. CISY-274 Privacy, Ethics & Computer Forensics

RARITAN VALLEY COMMUNITY COLLEGE COURSE OUTLINE. CISY-274 Privacy, Ethics & Computer Forensics RARITAN VALLEY COMMUNITY COLLEGE COURSE OUTLINE CISY-274 Privacy, Ethics & Computer Forensics I. Basic Course Information A. Course Number & Title: CISY-274 - Privacy, Ethics, & Computer Forensics B. New

More information

Information Security Specialist Training on the Basis of ISO/IEC 27002

Information Security Specialist Training on the Basis of ISO/IEC 27002 Information Security Specialist Training on the Basis of ISO/IEC 27002 Natalia Miloslavskaya, Alexander Tolstoy Moscow Engineering Physics Institute (State University), Russia, {milmur, ait}@mephi.edu

More information

New-Age Undergraduate Programme

New-Age Undergraduate Programme New-Age Undergraduate Programme BCA - Information Security & Mobile Applications (3 Year Full-Time Programme) Academic Year 2015 Page 1 Course Objective This unique course provides dual career options

More information

Introduction to Cyber Security / Information Security

Introduction to Cyber Security / Information Security Introduction to Cyber Security / Information Security Syllabus for Introduction to Cyber Security / Information Security program * for students of University of Pune is given below. The program will be

More information

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,

More information

New-Age Master s Programme

New-Age Master s Programme New-Age Master s Programme MCA (Information Security Management Services) (3 Year Full-Time Programme) Academic Year 2015 Page 1 Course Objective MCA (Information Security Management Services) This unique

More information

ALL INDIA COUNCIL FOR TECHNICAL EDUCATION NEW DELHI

ALL INDIA COUNCIL FOR TECHNICAL EDUCATION NEW DELHI ALL INDIA COUNCIL FOR TECHNICAL EDUCATION NEW DELHI October 11, 2002 Minutes of the 42nd meeting of the Executive Committee held on 11 th October, 2002 at 10.30 AM in the Executive Committee Room of All

More information

167 th Air Wing Fast Track Cyber Program Blue Ridge Community and Technical College

167 th Air Wing Fast Track Cyber Program Blue Ridge Community and Technical College 167 th Air Wing Fast Track Cyber Program Blue Ridge Community and Technical College Information Security Certificate: Designed to introduce students to programming, security basics, network monitoring,

More information

Stellenbosch University. Information Security Regulations

Stellenbosch University. Information Security Regulations Stellenbosch University Information Security Regulations 1. Preamble 1.1. Information Security is a component of the Risk structure and procedures of the University. 1.2. Stellenbosch University has an

More information

MASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY

MASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY MASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY HTTP://SCIENCE.HAMPTONU.EDU/COMPSCI/ The Master of Science in Information Assurance focuses on providing

More information

GYAN VIHAR SCHOOL OF ENGINEERING & TECHNOLOGY M. TECH. CSE (2 YEARS PROGRAM)

GYAN VIHAR SCHOOL OF ENGINEERING & TECHNOLOGY M. TECH. CSE (2 YEARS PROGRAM) GYAN VIHAR SCHOOL OF ENGINEERING & TECHNOLOGY M. TECH. CSE (2 YEARS PROGRAM) Need, objectives and main features of the Match. (CSE) Curriculum The main objective of the program is to develop manpower for

More information

167 th Air Wing Fast Track Cyber Security Blue Ridge Community and Technical College

167 th Air Wing Fast Track Cyber Security Blue Ridge Community and Technical College 167 th Air Wing Fast Track Cyber Security Blue Ridge Community and Technical College Information Security Certificate: Designed to introduce students to programming, security basics, network monitoring,

More information

Soran University Faculty of Science and Engineering Computer Science Department Information Security Module Specification

Soran University Faculty of Science and Engineering Computer Science Department Information Security Module Specification 1. Module Title Information Security 2. Module Code: CS403INS 3. Module Level - Forth Stage 4. Module Leader Safwan M. 5. Teaching Semester 7 and 8 Soran University Faculty of Science and Engineering Computer

More information

Course Title: ITAP 3471: Web Server Management

Course Title: ITAP 3471: Web Server Management Course Title: ITAP 3471: Web Server Management Semester Credit Hours: 4 (3,1) I. Course Overview The primary objective of this course is to give students a comprehensive overview of the tools and techniques

More information

An Overview of Information Security Frameworks. Presented to TIF September 25, 2013

An Overview of Information Security Frameworks. Presented to TIF September 25, 2013 An Overview of Information Security Frameworks Presented to TIF September 25, 2013 What is a framework? A framework helps define an approach to implementing, maintaining, monitoring, and improving information

More information

The Next Generation of Security Leaders

The Next Generation of Security Leaders The Next Generation of Security Leaders In an increasingly complex cyber world, there is a growing need for information security leaders who possess the breadth and depth of expertise necessary to establish

More information

Work Integrated Learning Programmes

Work Integrated Learning Programmes Work Integrated Learning Programmes 01 Index Introduction 02 Overview & Salient Features 03 Degrees Offered 04 Work Integrated Learning Programmes 05 Corporate Partnerships 06 Fees Structure 07 Programmes

More information

About Our 2015 WTA Cyber Security Speakers and Sessions

About Our 2015 WTA Cyber Security Speakers and Sessions About Our 2015 WTA Cyber Security Speakers and Sessions The constant threat of cyber security attacks is the number one concern for most businesses today. Weaknesses in networks and data security can expose

More information

Dr. B.K. Murthy Director & Head NKN, E-infra & Internet Governance Div. Department of IT Ministry of Communications and IT Government of India

Dr. B.K. Murthy Director & Head NKN, E-infra & Internet Governance Div. Department of IT Ministry of Communications and IT Government of India Indian ICT Landscape and Road Map Dr. B.K. Murthy Director & Head NKN, E-infra & Internet Governance Div. Department of IT Ministry of Communications and IT Government of India Key Factors of Knowledge

More information

Network Security Administrator

Network Security Administrator Network Security Administrator Course ID ECC600 Course Description This course looks at the network security in defensive view. The ENSA program is designed to provide fundamental skills needed to analyze

More information

What s happening in the area of E-security for the Financial Transactions in China

What s happening in the area of E-security for the Financial Transactions in China What s happening in the area of E-security for the Financial Transactions in China Dr. Wang Jun Head of E-banking Division, Bank of China Sep. 26, 2002 A Tremendous Potential E-financing Market is is coming

More information

Tailoring MBA (Software Enterprise Management) Curriculum: To Meet India s Growing IT Challenges

Tailoring MBA (Software Enterprise Management) Curriculum: To Meet India s Growing IT Challenges : To Meet India s Growing IT Challenges Rakesh K. Singh, Centre for Development of Advanced Computing, rksingh@cdacnoida.in Abhijit Sen, Kwantlen University College, abhijit.sen@kwantlen.ca ABSTRACT With

More information

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft Cyber Security and Privacy Services Working in partnership with you to protect your organisation from cyber security threats and data theft 2 Cyber Security and Privacy Services What drives your security

More information

CYBER SECURITY TRAINING SAFE AND SECURE

CYBER SECURITY TRAINING SAFE AND SECURE CYBER SECURITY TRAINING KEEPING YOU SAFE AND SECURE Experts in Cyber Security training. Hardly a day goes by without a cyber attack being reported. With this ever-increasing threat there is a growing need

More information

TUSKEGEE CYBER SECURITY PATH FORWARD

TUSKEGEE CYBER SECURITY PATH FORWARD TUSKEGEE CYBER SECURITY PATH FORWARD Preface Tuskegee University is very aware of the ever-escalating cybersecurity threat, which consumes continually more of our societies resources to counter these threats,

More information

Cyber Defense Operations Graduate Certificate

Cyber Defense Operations Graduate Certificate The SANS Technology Institute makes shorter groups of courses available to students who are unable to commit to a full master s degree program. These certificate programs will augment your skills, provide

More information

Bachelor of Information Technology (Network Security)

Bachelor of Information Technology (Network Security) Bachelor of Information Technology (Network Security) Course Structure Year 1: Level 100 Foundation knowledge subjects SEMESTER 1 SEMESTER 2 ITICT101A Fundamentals of Computer Organisation ITICT104A Internetworking

More information

---Information Technology (IT) Specialist (GS-2210) IT Security Competency Model---

---Information Technology (IT) Specialist (GS-2210) IT Security Competency Model--- ---Information Technology (IT) Specialist (GS-2210) IT Security Model--- TECHNICAL COMPETENCIES Computer Forensics Knowledge of tools and techniques pertaining to legal evidence used in the analysis of

More information

3 Year M.Tech Programme

3 Year M.Tech Programme Information Brochure 2015-2016 3 Year M.Tech Programme Electronics and Communication Engineering INDIAN SCHOOL OF MINES DHANBAD 826004 Jharkhand, India About ISM The Indian School of Mines, Dhanbad is

More information

NERC Cyber Security. Compliance Consulting. Services. HCL Governance, Risk & Compliance Practice

NERC Cyber Security. Compliance Consulting. Services. HCL Governance, Risk & Compliance Practice NERC Cyber Security Compliance Consulting Services HCL Governance, Risk & Compliance Practice Overview The North American Electric Reliability Corporation (NERC) is a nonprofit corporation designed to

More information

Enterprise K12 Network Security Policy

Enterprise K12 Network Security Policy Enterprise K12 Network Security Policy I. Introduction The K12 State Wide Network was established by MDE and ITS to provide a private network infrastructure for the public K12 educational community. Therefore,

More information

City University of Hong Kong. Information on a Course offered by Department of Computer Science with effect from Semester A in 2014 / 2015

City University of Hong Kong. Information on a Course offered by Department of Computer Science with effect from Semester A in 2014 / 2015 City University of Hong Kong Information on a Course offered by Department of Computer Science with effect from Semester A in 2014 / 2015 Part I Course Title: Topics on Computer Security Course Code: CS4293

More information

Guidelines for Website Security and Security Counter Measures for e-e Governance Project

Guidelines for Website Security and Security Counter Measures for e-e Governance Project and Security Counter Measures for e-e Governance Project Mr. Lalthlamuana PIO, DoICT Background (1/8) Nature of Cyber Space Proliferation of Information Technology Rapid Growth in Internet Increasing Online

More information

Linux Technologies QUARTER 1 DESKTOP APPLICATIONS - ESSENTIALS QUARTER 2 NETWORKING AND OPERATING SYSTEMS ESSENTIALS. Module 1 - Office Applications

Linux Technologies QUARTER 1 DESKTOP APPLICATIONS - ESSENTIALS QUARTER 2 NETWORKING AND OPERATING SYSTEMS ESSENTIALS. Module 1 - Office Applications NETWORK ENGINEERING TRACK Linux Technologies QUARTER 1 DESKTOP APPLICATIONS - ESSENTIALS Module 1 - Office Applications This subject enables users to acquire the necessary knowledge and skills to use Office

More information

Critical Controls for Cyber Security. www.infogistic.com

Critical Controls for Cyber Security. www.infogistic.com Critical Controls for Cyber Security www.infogistic.com Understanding Risk Asset Threat Vulnerability Managing Risks Systematic Approach for Managing Risks Identify, characterize threats Assess the vulnerability

More information

A Systems Engineering Approach to Developing Cyber Security Professionals

A Systems Engineering Approach to Developing Cyber Security Professionals A Systems Engineering Approach to Developing Cyber Security Professionals D r. J e r r y H i l l Approved for Public Release; Distribution Unlimited. 13-3793 2013 The MITRE Corporation. All rights reserved.

More information

Exam 1 - CSIS 3755 Information Assurance

Exam 1 - CSIS 3755 Information Assurance Name: Exam 1 - CSIS 3755 Information Assurance True/False Indicate whether the statement is true or false. 1. Antiquated or outdated infrastructure can lead to reliable and trustworthy systems. 2. Information

More information

Educational Requirement Analysis for Information Security Professionals in Korea

Educational Requirement Analysis for Information Security Professionals in Korea Educational Requirement Analysis for Information Security Professionals in Korea Sehun Kim Dept. of Industrial Engineering, KAIST, 373-1, Kusong-dong, Yusong-gu, Taejon, 305-701, Korea shkim@kaist.ac.kr

More information

FBLA Cyber Security aligned with Common Core 6.14. FBLA: Cyber Security RST.9-10.4 RST.11-12.4 RST.9-10.4 RST.11-12.4 WHST.9-10.4 WHST.11-12.

FBLA Cyber Security aligned with Common Core 6.14. FBLA: Cyber Security RST.9-10.4 RST.11-12.4 RST.9-10.4 RST.11-12.4 WHST.9-10.4 WHST.11-12. Competency: Defend and Attack (virus, spam, spyware, Trojans, hijackers, worms) 1. Identify basic security risks and issues to computer hardware, software, and data. 2. Define the various virus types and

More information

Network Security Market in India CY 2014

Network Security Market in India CY 2014 Network Security Market in India CY 2014 Advanced, Sophisticated, and Targeted Attacks Lead to High Adoption of Network Security Solutions July 2015 Contents Section Slide Number Executive Summary 3 Market

More information

MODULES FOR TRAINING PROGRAMMES ON CYBER SECURITY

MODULES FOR TRAINING PROGRAMMES ON CYBER SECURITY MODULES FOR TRAINING PROGRAMMES ON CYBER SECURITY 1) Awareness Programme on Cyber Security for Users of Computer Awareness Programme on Cyber Security for Users of Computer 1 day To make the users of computers

More information

White Paper. Information Security -- Network Assessment

White Paper. Information Security -- Network Assessment Network Assessment White Paper Information Security -- Network Assessment Disclaimer This is one of a series of articles detailing information security procedures as followed by the INFOSEC group of Computer

More information

Challenges and Role of Standards in Building Interoperable e-governance Solutions

Challenges and Role of Standards in Building Interoperable e-governance Solutions 24 Compendium of e-governance Initiatives CHAPTER in India 3 Challenges and Role of Standards in Building Interoperable e-governance Solutions Renu Budhiraja Director e-governance Group, Department of

More information

Microsoft Technologies

Microsoft Technologies NETWORK ENGINEERING TRACK Microsoft Technologies QUARTER 1 DESKTOP APPLICATIONS - ESSENTIALS Module 1 - Office Applications This subject enables users to acquire the necessary knowledge and skills to use

More information

INCIDENT RESPONSE CHECKLIST

INCIDENT RESPONSE CHECKLIST INCIDENT RESPONSE CHECKLIST The purpose of this checklist is to provide clients of Kivu Consulting, Inc. with guidance in the initial stages of an actual or possible data breach. Clients are encouraged

More information

REQUEST FOR EXPRESSIONS OF INTEREST (REOI INCLUDING TOR) [INDIVIDUAL CONSULTANCY SERVICES]

REQUEST FOR EXPRESSIONS OF INTEREST (REOI INCLUDING TOR) [INDIVIDUAL CONSULTANCY SERVICES] REQUEST FOR EXPRESSIONS OF INTEREST (REOI INCLUDING TOR) [INDIVIDUAL CONSULTANCY SERVICES] COUNTRY: NAME OF THE PROJECT: SECTOR: CONSULTING SERVICES: CONTRACT TYPE: DURATION OF ASSIGNMENT: DUTY STATION:

More information

Principles of Information Assurance Syllabus

Principles of Information Assurance Syllabus Course Number: Pre-requisite: Career Cluster/Pathway: Career Major: Locations: Length: 8130 (OHLAP Approved) Fundamentals of Technology or equivalent industry certifications and/or work experience. Information

More information

ARTICLE 10. INFORMATION TECHNOLOGY

ARTICLE 10. INFORMATION TECHNOLOGY ARTICLE 10. INFORMATION TECHNOLOGY I. Virtual Private Network (VPN) The purpose of this policy is to provide guidelines for Virtual Private Network (VPN) connections to Education Division s resources.

More information

Actions and Recommendations (A/R) Summary

Actions and Recommendations (A/R) Summary Actions and Recommendations (A/R) Summary Priority I: A National Cyberspace Security Response System A/R 1-1: DHS will create a single point-ofcontact for the federal government s interaction with industry

More information

e-discovery Forensics Incident Response

e-discovery Forensics Incident Response e-discovery Forensics Incident Response NetSecurity Corporation 21351 Gentry Drive Suite 230 Dulles, VA 20166 VA DCJS # 11-5605 Phone: 703.444.9009 Toll Free: 1.866.664.6986 Web: www.netsecurity.com Email:

More information

RESTRICTED. Professional Accreditation Handbook For Computer Science Programmes

RESTRICTED. Professional Accreditation Handbook For Computer Science Programmes Professional Accreditation Handbook For Computer Science Programmes Revised by authority of the Accreditation Committee for Computer Science Programmes as of August 2014 CONTENTS 1. FRAMEWORK FOR ACCREDITATION

More information

NIST Cyber Security Activities

NIST Cyber Security Activities NIST Cyber Security Activities Dr. Alicia Clay Deputy Chief, Computer Security Division NIST Information Technology Laboratory U.S. Department of Commerce September 29, 2004 1 Computer Security Division

More information

REQUEST FOR EXPRESSIONS OF INTEREST (REOI INCLUDING TOR) [INDIVIDUAL CONSULTANCY SERVICES]

REQUEST FOR EXPRESSIONS OF INTEREST (REOI INCLUDING TOR) [INDIVIDUAL CONSULTANCY SERVICES] REQUEST FOR EXPRESSIONS OF INTEREST (REOI INCLUDING TOR) [INDIVIDUAL CONSULTANCY SERVICES] COUNTRY: NAME OF THE PROJECT: SECTOR: CONSULTING SERVICES: CONTRACT TYPE: DURATION OF ASSIGNMENT: DUTY STATION:

More information

Information security controls. Briefing for clients on Experian information security controls

Information security controls. Briefing for clients on Experian information security controls Information security controls Briefing for clients on Experian information security controls Introduction Security sits at the core of Experian s operations. The vast majority of modern organisations face

More information

Rolls Royce s Corporate Governance ADOPTED BY RESOLUTION OF THE BOARD OF ROLLS ROYCE HOLDINGS PLC ON 16 JANUARY 2015

Rolls Royce s Corporate Governance ADOPTED BY RESOLUTION OF THE BOARD OF ROLLS ROYCE HOLDINGS PLC ON 16 JANUARY 2015 Rolls Royce s Corporate Governance ADOPTED BY RESOLUTION OF THE BOARD OF ROLLS ROYCE HOLDINGS PLC ON 16 JANUARY 2015 Contents INTRODUCTION 2 THE BOARD 3 ROLE OF THE BOARD 5 TERMS OF REFERENCE OF THE NOMINATIONS

More information

Computer Security Literacy

Computer Security Literacy Computer Security Literacy Staying Safe in a Digital World Douglas Jacobson and Joseph Idziorek CRC Press Taylor & Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor & Francis

More information

IT Networking and Security

IT Networking and Security elearning Course Outlines IT Networking and Security powered by Calibrate elearning Course Outline CompTIA A+ 801: Fundamentals of Computer Hardware/Software www.medallionlearning.com Fundamentals of Computer

More information

AL RAFEE ENTERPRISES Solutions & Expertise.

AL RAFEE ENTERPRISES Solutions & Expertise. AL RAFEE ENTERPRISES Solutions & Expertise. Virtualization Al Rafee has strategically made substantial investment in building up a large end to end portfolio of Virtualization across the entire IT infrastructure

More information

IT Security Management 100 Success Secrets

IT Security Management 100 Success Secrets IT Security Management 100 Success Secrets 100 Most Asked Questions: The Missing IT Security Management Control, Plan, Implementation, Evaluation and Maintenance Guide Lance Batten IT Security Management

More information

Computer and Information Science

Computer and Information Science Computer and Information Science www.odessa.edu/dept/computer Faculty: Katrieva Jones- Munroe, chair The computer information systems curriculum provides students with practical, job- related computer

More information

ICAB4236B Build security into a virtual private network

ICAB4236B Build security into a virtual private network ICAB4236B Build security into a virtual private network Release: 1 ICAB4236B Build security into a virtual private network Modification History Not Applicable Unit Descriptor Unit descriptor This unit

More information

NEOSHO COUNTY COMMUNITY COLLEGE MASTER COURSE SYLLABUS. Division: Applied Science (AS) Liberal Arts (LA) Workforce Development (WD)

NEOSHO COUNTY COMMUNITY COLLEGE MASTER COURSE SYLLABUS. Division: Applied Science (AS) Liberal Arts (LA) Workforce Development (WD) NEOSHO COUNTY COMMUNITY COLLEGE MASTER COURSE SYLLABUS COURSE IDENTIFICATION Course Code/Number: ETEC 275 Course Title: Computer and Network Security Division: Applied Science (AS) Liberal Arts (LA) Workforce

More information

Computer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings

Computer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings Computer Security Principles and Practice Second Edition William Stailings Lawrie Brown University ofnew South Wales, Australian Defence Force Academy With Contributions by Mick Bauer Security Editor,

More information

CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT

CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT JANUARY 2008 GUIDELINE ON BUSINESS CONTINUITY GUIDELINE CBK/PG/14

More information

Network Security Policy

Network Security Policy Network Security Policy Policy Contents I. POLICY STATEMENT II. REASON FOR POLICY III. SCOPE IV. AUDIENCE V. POLICY TEXT VI. PROCEDURES VII. RELATED INFORMATION VIII. DEFINITIONS IX. FREQUENTLY ASKED QUESTIONS

More information

Criteria for Accrediting Computer Science Programs Effective for Evaluations during the 2004-2005 Accreditation Cycle

Criteria for Accrediting Computer Science Programs Effective for Evaluations during the 2004-2005 Accreditation Cycle Criteria for Accrediting Computer Science Programs Effective for Evaluations during the 2004-2005 Accreditation Cycle I. Objectives and Assessments The program has documented, measurable objectives, including

More information

Effective Software Security Management

Effective Software Security Management Effective Software Security Management choosing the right drivers for applying application security Author: Dharmesh M Mehta dharmeshmm@mastek.com / dharmeshmm@owasp.org Table of Contents Abstract... 1

More information

Certifications and Standards in Academia. Dr. Jane LeClair, Chief Operating Officer National Cybersecurity Institute

Certifications and Standards in Academia. Dr. Jane LeClair, Chief Operating Officer National Cybersecurity Institute Certifications and Standards in Academia Dr. Jane LeClair, Chief Operating Officer National Cybersecurity Institute Accreditation What is it? Why is it important? How is it attained? The National Centers

More information

Session 14: Functional Security in a Process Environment

Session 14: Functional Security in a Process Environment Abstract Session 14: Functional Security in a Process Environment Kurt Forster Industrial IT Solutions Specialist, Autopro Automation Consultants In an ideal industrial production security scenario, the

More information

Are you prepared to be next? Invensys Cyber Security

Are you prepared to be next? Invensys Cyber Security Defense In Depth Are you prepared to be next? Invensys Cyber Security Sven Grone Critical Controls Solutions Consultant Presenting on behalf of Glen Bounds Global Modernization Consultant Agenda Cyber

More information

Certificate in Cyber Security

Certificate in Cyber Security Certificate in Cyber Security Offered as a partnership between Cape Peninsula University of Technology (CPUT), French South African Institute of Technology (F SATI), CS Interactive Training and Boshoff

More information

FedVTE Training Catalog SUMMER 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

FedVTE Training Catalog SUMMER 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov FedVTE Training Catalog SUMMER 2015 advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov Access FedVTE online at: fedvte.usalearning.gov If you need any assistance please

More information