In this first module, learners will be given foundational knowledge of Cybersecurity concepts and a preview of what will be covered in the coursework. This module will share a brief history and evolution of information systems (with emphasis on networking, data sharing, and the Internet), cover some basic Information Technology concepts, define the terms that will be used in the course, and demonstrate why Cybersecurity is an important part of today’s organizational environment. This initial module will also underscore that while the learner will explore technology concepts, it is not a programming or network engineering course. Instead, this certificate will prepare those working in leadership roles, with private information, or part of internal processes that interact with technology to be more educated, aware, and diligent in the area of Cybersecurity. Some of the topics covered include:

• An introduction to networks, the Internet, email, and other technology solutions that we see in today’s organizational environments
• Defining Cybersecurity, the scope, and what it means for organizations today
• Why leaders need to be aware of how Cybersecurity impacts all areas and processes of an organization (Big Data, The Internet of Things, Automation, and Data Sharing with third parties)
• Examples of recent Cybersecurity breaches, projections, trends, and events that emphasize the importance of managing Cybersecurity
• Cultivating a holistic approach to Cybersecurity and that everyone in the organization has a role in Cybersecurity
• An introduction to NIST Cybersecurity Framework, which outlines identifying threats, protecting our environment, detecting threats, responding to threats, and then recovering

The second module will introduce learners to the various types of threats and emerging industry trends. This will not only explore technology-based risks but issues like physical security, managing data/information that is hosted off-site, human error, and organized criminal activity. Examples of data breaches and the tools that were used will be shared as part of the scenario-based learning. Some of the topics covered include:

• Common external Cybersecurity threats such as hacking, ransomware, viruses, hackers, and Denial of Service Attacks
• Common internal Cybersecurity threats including malicious insiders, human error, social media misuse, social engineering, and employee turnover
• Understanding what outsiders are targeting

The third module will begin to examine the development of Cybersecurity strategy that acknowledges the potential threats and what makes organizations susceptible to data breaches and data loss. This module will be the most technical, as it will provide basic understanding of network routing and how data flows through an organization. Some of the topics covered include:

• Networking basics including TCP/IP, IMAP, and routing of data
• Virtual Private Networks
• Patch Management for servers and applications
• Operating software, application software, and the weaknesses of poorly written code
• Changing default settings

The fourth module will focus on data management and protecting data. The main focus will be on the balance of making data available and convenient, while still maintaining a level of security and privacy. Some of the topics covered include:

• The types of information we protect and understanding how and where it moves throughout the organization
• The formats and channels for information sharing
• CIA Triad (Confidentiality of Data, Integrity of Data, and Availability of Data)
• The role of Authentication and passwords in protecting data and private information
• The impact and ramifications of losing or exposing private information
• How long to keep data and data retention guidelines

Now that the learner has a basic understanding of the various threats, the coursework will explore the various risks that exist for different types of organizations. This includes both known and unknown risks, as well as the legal requirements for managing risk (i.e., financial firms, healthcare, and education). Learners will be exposed to a Risk Matrix that calculates risk based on likelihood, impact, and tools that mitigate specific risks. This module will lean more towards the managerial aspects of Cybersecurity and how risks can be documented and remoted. Some of the topics covered include:

• Actively identifying the risks within our network and organizational environment
• Tools for measuring and assessing risk
• Tools for mitigating risk, which include technical solutions, polices/guidelines, partnerships, and other risk mitigation resources
  • Password and user policies
  • Access Controls
  • Governance and oversight
  • Internal Audits
  • Data Loss Prevention tools
  • Intrusion detection, firewalls, logs, and monitoring devices
  • Third party management and vendor controls

Even with the best tools in place, a Cybersecurity incident may occur. This module will discuss how to prepare for a breach or incident and what actions can be taken to minimize damage (both financial and reputational) to the organization. This module will also explore how data breaches or incidents should be reported, the importance of crisis communications from a managerial perspective, and documenting the incident. Some of the topics covered include:

• Initial reporting and assessment of the damage
• Tools for documenting and reporting the incident, as well as managing the “kill chain”
• Preventing similar attacks
• Root cause analysis

The final module closes out with how to recover after a Cybersecurity incident has occurred. If severe damage has been done, strategies need to be in place to restore impacted data, recover applications, and repair network infrastructure. This module will also introduce learners to the criticality of continuing operations after an incident, as well as the concepts of Active/Active environments. Some of the topics covered include:

• Definition of Disaster Recovery and Business Continuity
• Development, review, and testing of Disaster Recovery and Business Continuity Plans
• Recovery Time Objective (RTO) and Recovery Point Objectives (RPO)
• Data backup and restoration policies
• Maintaining multiple data centers and Active/Active environments versus Active/Passive or single hosted environments