In the first part of this course, students are introduced to methodologies, principles, values, and frameworks to facilitate the study of ethics. In the second part of the course, students study discipline- and field-specific codes of ethics within the profession. The course explores the ethical responsibilities all cybersecurity professionals have towards themselves, corporations, the government, and the public. Students contrast the roles and responsibilities of security professionals with those of other information technology professionals. In the third part of the course, students apply an appropriate decision-making framework and gain experience navigating ethical issues in decision-making. Course discussions center on issues involving privacy, confidentiality, and sensitive information. During the final project, students codify an individual code of ethics in relation to professional codes of conduct. Students must receive a grade of B or higher to graduate.
This course introduces students to privacy laws, regulations, and industry guidelines with significant security and privacy impact and requirements. The course primarily examines laws and regulations from the United States, but it also includes some coverage of international laws. The course is divided into four sections. First, students are exposed to broadly-applicable laws and regulations that address information security. Second, students receive an introduction to industry-specific guidelines and requirements (FISMA, NERC, HIPAA, HITECH, PSQIA3 , etc.). Third, students examine key state laws and regulations that impact information security management (such as relevant laws in California, Massachusetts, and New York). Finally, students scrutinize other countries’ laws and regulations related to information security and privacy (such as laws in Canada, Mexico, and the European Union) and international standards such as ISO 27001 and 27032.
This course provides theoretical and applied foundations of information security and assurance. Students study various types of cyber-crime and vulnerabilities of government computer systems and information networks. Students learn about strategies for the protection of information and computer systems and how to mitigate and respond to breaches of those systems.