Cybersecurity
Beginners
- The Security Environment
- Threats, vulnerabilities, and
consequences
- Advanced persistent threats
- The state of security today
- Why security matters to DoD
- Principles of Cybersecurity
- The interrelated components of the
computing environment
- Cybersecurity models (the CIA
triad, the star model, the Parkerian
hexad)
- Variations on a theme: computer
security, information security, and
information assurance
- Cybersecurity Management Concepts
- Security governance
- Management models, roles, and
functions
- Enterprise Roles and Structures
- Information security roles and
positions
- Alternative enterprise structures and
interfaces
- Strategy and Strategic Planning
- Strategy
- Strategic planning and security
strategy
- The information security lifecycle
- Architecting the enterprise
- Security Plans and Policies
- Levels of planning
- Planning misalignment
- The System Security Plan (SSP)
- Policy development and
implementation
- Laws and Regulatory Requirements
- Timeline of U.S. laws related to
information security
- The Federal Information Security
Management Act (FISMA)
- Security Standards and Controls
- Security standards and controls
- Certification and accreditation
(C&A)
- Risk Management
- Principles of risk
- Types of risk
- Risk strategies
- The Risk Management Framework
(RMF)
- Security Metrics and Key Performance
Indicators (KPIs)
- The challenge of security metrics
- What makes a good metric
- Approaches to security metrics
- Metrics and FISMA
Advanced
- Physical Security and Environmental
Events
- Physical and environmental threats
- Physical and environmental
controls
- Contingency Planning
- Developing a contingency plan
- Understanding the different types of
contingency plan
- Responding to events
- Security Education, Training, and
Awareness
- Human factors in security
- Developing and implementing a
security training plan
- Cross-domain training (IT and other
security domains)
- Managing information security across
the DoD enterprise (1)
- The purpose of certification and
accreditation
- Trends in certification and
accreditation
- Managing information security across
the DoD enterprise (2)
- The strategic direction of DoD IT
and information security
- Responsibilities within the DoD
enterprise
- The future of cybersecurity
- Key future uncertainties
- Possible future scenarios
- How to apply what you’ve learned