uCertify

Security Policy, Legal, Ethics, and Compliance

(OAKCC-CIS1630.AB1)
Lessons
Lab
TestPrep
Get A Free Trial

Skills You’ll Get

Download Course Outline

1

Introduction

2

Understanding Cybersecurity Policy and Governance

  • Information Security vs. Cybersecurity Policies
  • Looking at Policy Through the Ages
  • Cybersecurity Policy
  • Cybersecurity Policy Life Cycle
  • Summary
3

Cybersecurity Policy Organization, Format, and Styles

  • Policy Hierarchy
  • Writing Style and Technique
  • Policy Format
  • Summary
4

Cybersecurity Framework

  • Confidentiality, Integrity, and Availability
  • NIST's Cybersecurity Framework
  • Summary
5

Governance and Risk Management

  • Understanding Cybersecurity Policies
  • Cybersecurity Risk
  • Summary
6

Asset Management and Data Loss Prevention

  • Information Assets and Systems
  • Information Classification
  • Labeling and Handling Standards
  • Information Systems Inventory
  • Understanding Data Loss Prevention Technologies
  • Summary
7

Human Resources Security

  • The Employee Life Cycle
  • The Importance of Employee Agreements
  • The Importance of Security Education and Training
  • Summary
8

Physical and Environmental Security

  • Understanding the Secure Facility Layered Defense Model
  • Protecting Equipment
  • Summary
9

Communications and Operations Security

  • Standard Operating Procedures
  • Operational Change Control
  • Malware Protection
  • Data Replication
  • Secure Messaging
  • Activity Monitoring and Log Analysis
  • Service Provider Oversight
  • Threat Intelligence and Information Sharing
  • Summary
10

Access Control Management

  • Access Control Fundamentals
  • Infrastructure Access Controls
  • User Access Controls
  • Summary
11

Information Systems Acquisition, Development, and Maintenance

  • System Security Requirements
  • Secure Code
  • Cryptography
  • Summary
12

Cybersecurity Incident Response

  • Incident Response
  • What Happened? Investigation and Evidence Handling
  • Data Breach Notification Requirements
  • Summary
13

Business Continuity Management

  • Emergency Preparedness
  • Business Continuity Risk Management
  • The Business Continuity Plan
  • Plan Testing and Maintenance
  • Summary
14

Regulatory Compliance for Financial Institutions

  • The Gramm-Leach-Bliley Act
  • New York's Department of Financial Services Cybersecurity Regulation (23 NYCRR Part 500)
  • What Is a Regulatory Examination?
  • Personal and Corporate Identity Theft
  • Summary
15

Regulatory Compliance for the Health-Care Sector

  • The HIPAA Security Rule
  • The HITECH Act and the Omnibus Rule
  • Understanding the HIPAA Compliance Enforcement Process
  • Summary
16

PCI Compliance for Merchants

  • Protecting Cardholder Data
  • PCI Compliance
  • Summary
17

NIST Cybersecurity Framework

  • Introducing the NIST Cybersecurity Framework Components
  • The Framework Core
  • Framework Implementation Tiers ("Tiers")
  • NIST's Recommended Steps to Establish or Improve a Cybersecurity Program
  • NIST's Cybersecurity Framework Reference Tool
  • Adopting the NIST Cybersecurity Framework in Real Life
  • Summary
A

Appendix A: Cybersecurity Program Resources

19

Introduction to Ethics

  • Introduction
  • Subjective Relativism
  • Cultural Relativism
  • Divine Command Theory
  • Ethical Egoism
  • Kantianism
  • Act Utilitarianism
  • Rule Utilitarianism
  • Social Contract Theory
  • Virtue Ethics
  • Comparing Workable Ethical Theories
  • Morality of Breaking the Law
  • Summary
  • Further Reading and Viewing
  • Discussion Questions
  • In-Class Exercises
  • References
20

Intellectual Property

  • Introduction
  • Intellectual Property Rights
  • Protecting Intellectual Property
  • Fair Use
  • Digital Media
  • Peer-to-Peer Networks and Cyberlockers
  • Protections for Software
  • Legitimacy of Intellectual Property Protection for Software
  • Open-Source Software
  • Creative Commons
  • Summary
  • Further Reading and Viewing
  • Discussion Questions
  • In-Class Exercises
  • References
21

Information Privacy

  • Introduction
  • Perspectives on Privacy
  • Information Disclosures
  • Data Mining
  • Examples of Consumer or Political Backlash
  • Summary
  • Further Reading and Viewing
  • Discussion Questions
  • In-Class Exercises
  • References
22

Privacy and the Government

  • Introduction
  • US Legislation Restricting Information Collection
  • Information Collection by the Government
  • Covert Government Surveillance
  • US Legislation Authorizing Wiretapping
  • USA PATRIOT Act
  • Regulation of Public and Private Databases
  • Data Mining by the Government
  • National Identification Card
  • Information Dissemination
  • Invasion
  • Summary
  • Further Reading and Viewing
  • Discussion Questions
  • In-Class Exercises
  • References
23

Professional Ethics

  • Introduction
  • How Well Developed Are the Computing Professions?
  • Software Engineering Code of Ethics
  • Analysis of the Code
  • Case Studies
  • Whistle-Blowing
  • Summary
  • Further Reading and Viewing
  • Discussion Questions
  • In-Class Exercises
  • References

1

Introduction to Ethics

  • Understanding Ethical Relativism Theories
  • Understanding Utility Theories
  • Understanding Ethics
2

Intellectual Property

  • Identifying Intellectual Property Examples
  • Protecting Intellectual Property
  • Understanding Open-Source Software
  • Understanding Intellectual Property
3

Information Privacy

  • Understanding Privacy
  • Learning Information Privacy
4

Privacy and the Government

  • Understanding the Patriot Act
  • Understanding the Privacy Act
  • Understanding Privacy and the Government
5

Professional Ethics

  • Understanding Responsibilities

Related Courses

All Courses