Download presentation
Presentation is loading. Please wait.
1
An Overview of IE 4382/5382 Cybersecurity for Information Systems Susan D. Urban, Ph.D Department of Industrial Engineering Texas Tech University Lubbock, Texas susan.urban@ttu.edu This research was supported by the National Science Foundation (Grant No.1241735). Opinions, findings, and conclusions/recommendations are those of the authors and do not necessarily reflect the views of the NSF. 5/1/15TTU Faculty Workshop on Cybersecurity for Critical Infrastructure 1
2
Cybersecurity for Information Systems A core course in the Cybersecurity for Critical Infrastructure certificate program Covers a wide breadth of practices for assuring information systems security Fundamentals of Information Systems Security, by D. Kim and M. Solomon, Jones & Bartlett, Information Systems Security & Assurance Series, 2014. Covers the seven domains of the International Information Systems Security Certification Consortium (ISC) 2 TTU Faculty Workshop on Cybersecurity for Critical Infrastructure5/1/15 2
3
Seven Domains of an IT Infrastructure From Fundamentals of Information Systems Security, D. Kim and E. Solomon, 2 nd Edition, Jones and Bartlett, 2014. TTU Faculty Workshop on Cybersecurity for Critical Infrastructure5/1/15 3
4
Topics Covered Access Controls Security Operations and Administration Auditing, Testing, and Monitoring Risk, Response, and Recovery Cryptography Networks and Telecommunications Malicious Code and Activity IS Standards, Education, Certifications, and Laws TTU Faculty Workshop on Cybersecurity for Critical Infrastructure5/1/15 4
5
Additional Topics Covered Case Studies TJX Case, Maroochy Water Breach, Stuxnet, Other high- profile cases, Current events Biometrics Legal Issues Freedom of Information Act, Einstein NIS, US Patriot Act, Computer Fraud and Abuse Act Compliance Laws Federal Information Systems Management Act, Gramm- Leach –Bliley Act, Sarbannes-Oxley Act, Family Educational Rights and Privacy Act TTU Faculty Workshop on Cybersecurity for Critical Infrastructure5/1/15 5
6
Virtual Security Cloud Lab Hands-on lab in a cloud computing environment using cutting edge technology Students can test their skills with realistic security scenarios that they will encounter in their careers The mock IT infrastructure was designed to mimic a real-world IT infrastructure consisting of the seven domains of a typical IT infrastructure Each lab provides learning objectives, step-by-step instructions, evaluation criteria, and lab assessment questions TTU Faculty Workshop on Cybersecurity for Critical Infrastructure5/1/15 6
7
VSCL Mock IT Infrastructure From Fundamentals of Information Systems Security, D. Kim and E. Solomon, 2 nd Edition, Jones and Bartlett, 2014. TTU Faculty Workshop on Cybersecurity for Critical Infrastructure5/1/15 7
8
VSCL Lab Topics Performing Reconnaissance and Probing Using Common Tools Performing a Vulnerability Assessment Enabling Windows Active Directory and User Access Controls Using Group Policy Objects and MS Baseline Security Analyzer for Change Control Performing Packet Capture and Traffic Analysis Implementing a Business Continuity Plan TTU Faculty Workshop on Cybersecurity for Critical Infrastructure5/1/15 8
9
VSCL Topics Using Encryption to Enhance Confidentiality and Integrity Performing a Website and Database Attack by Exploiting Identified Vulnerabilities Eliminating Threats with a Layered Security Approach Implementing an Information Systems Security Policy https://www.youtube.com/watch?v=vH6agAr2WKg https://www.youtube.com/watch?v=vH6agAr2WKg TTU Faculty Workshop on Cybersecurity for Critical Infrastructure5/1/15 9
10
Assessment Activities Exams Virtual Cloud Labs Lab deliverables and assessment worksheets Students present lab deliverables and assessment In-class, team-led discussions of case studies and related topics Information systems security policy project Graduate research papers and presentations TTU Faculty Workshop on Cybersecurity for Critical Infrastructure5/1/15 10
Similar presentations
