This course describes the systems security engineering process, focusing on security during the design and implementation of information systems. Topics include architecture and design principles, risk assessment, resiliency, and security metrics. The course addresses emerging topics in cybersecurity including wireless security, cloud security, cross domains and the government standards and processes for secure information systems; surveys many aspects of cybersecurity and its impact on the enterprise; and lays the groundwork to architect and build a natively more secure system that can withstand hacking attacks and continue to deliver basic functionality to the enterprise. We will address the federal government standards and recommendations as well as industry’s best practices. Students will cover the basic concepts of information security and research the latest security incidents including external attacks and internal leaks to assess and analyze the exploited vulnerabilities. By learning from current incidents, students can build systems that adapt quickly to emerging threats and potentially continue to serve the enterprise, even while under attack. Additionally, the course addresses the assessment of emerging technologies to determine the potential threats to the enterprise as well as the usability to secure the enterprise. Finally, we will address the subject of legal and ethical access control and the balance between privacy and security.
Course instructor(s) :