Short Programs

Applied Cyber Security [6.85s]

Date: June 25-26, 2012 | Tuition: $1,800 | Continuing Education Units (CEUs): 1.6
Application Deadline »

Course Summary  |  Learning Objectives  |  Who Should Attend  |  Program Outline  |  Schedule  | 
About the Lecturers  |  Location  |  Updates

Course Summary

NEW COURSE FOR 2012 - The course covers securing computers, applications, networks, digital forensics, and the ethical and legal practices affecting all computer users. The course also covers the strategies, implementation, and management of a business information continuity plan; mitigation of cyber vulnerabilities; and incident response and analysis. The content is targeted at ensuring the privacy, reliability, and integrity of information systems.

Learning Objectives

The participants of this course will be able to:

1. Secure both clean and corrupted systems, protecting personal data, securing simple computer networks, and safe Internet usage.

2. Understand key terms and concepts in cyber law, intellectual property and cyber crimes, trademarks and domain theft.

3. Determine computer technologies, digital evidence collection, and evidentiary reporting in forensic acquisition.

4. Incorporate approaches to secure networks, firewalls, intrusion detection systems, and intrusion prevention systems.

5. Examine secure software construction practices.

6. Understand principles of web security.

7. Incorporate approaches for incident analysis and response.

8. Incorporate approaches for risk management and best practices.

Who Should Attend

The course is targeted at three main audiences: non-technical professionals involved in Cyber Security, technical/engineering professionals, and managers/business professionals.

Non-Technical professionals, such as those working in:
Information Security
Cyber Ethics
Cyber Law and White Collar Crime

Technical/Engineering professionals working in:
Digital Forensics
Network Assurance
Secure Software

Managers and Business Continuity professionals, such as those working in:
Business Information Continuity
Information Risk Management
Cyber Incident Analysis & Response

Program Outline

Day One

Session 1--2 hours:  Introduction to Information Security Fundamentals and Best Practices

• Protecting Your Computer and its Contents
• Securing Computer Networks - Basics of Networking
• Compromised Computers
• Secure Communications and Information Security Best Practices
• Privacy Guidelines
• Safe Internet Usage

Break

Session 2--2 hours:  Ethics in Cyber Security & Cyber Law

• Privacy
• Intellectual Property
• Professional Ethics
• Freedom of Speech
• Fair User and Ethical Hacking
• Trademarks
• Internet Fraud
• Electronic Evidence
• Cybercrimes

Lunch

Session 3--2 hours:  Secure Software & Browser Security

• Software Construction
• Software Design and Architecture
• Software Testing
• Methodologies
• The New Universal Client
• The Web Model
• Cookies and Browser Storage
• HTML5 Security

Break

Session 4--2 hours:  Forensics

• Forensic Technologies
• Digital Evidence Collection
• Evidentiary Reporting

Day Two

Session 5--2 hours:  Network Assurance

• Layered Defense
• Surveillance and Reconnaissance
• Outsider Thread Protection

Break

Session 6--2 hours:  Business Information Continuity

• Managing a Business Information Continuity Plan
• Vulnerabilities and Controls
• The Law and Business Information Continuity Plan
• Implementing a Business Information Continuity Plan

Lunch

Session 7--2 hours:  Information Risk Management

• Asset Evaluation and Business Impact Analysis
• Risk Identification
• Risk Quantification
• Risk Response Development and Control
• Security Policy, Compliance, and Business Continuity

Break

Session 8--2 hours:  Cyber Incident Analysis and Response

• Incident Preparation
• Incident Detection and Analysis
• Containment, Eradication, and Recovery
• Proactive and Post Incident Cyber Services

Course schedule and registration times

Class runs 8:00 am - 5:30 pm each day.

Registration is on Monday morning from 7:30 - 8:45 am.

About the Lecturers

John R. Williams, Professor of Information Engineering, Civil and Environmental Engineering, and Engineering Systems Director, MIT

Dr. Williams is internationally recognized in the field of computational algorithms for large-scale particle simulators and has authored two books and over 100 publications. For the past eight years, his research has focused on architecting of large scale distributed simulation systems. He teaches graduate courses on Modern Software Development, Cyber-Physical Security, and Web System Architecting.

Abel Sanchez, Executive Director, Research Scientist, Laboratory for Manufacturing and Productivity, MIT

Dr. Abel Sanchez holds a Ph.D. from the Massachusetts Institute of Technology (MIT). His areas of expertise include the Internet of Things (IOT), Radio Frequency Identification (RFID), Simulation, Engineering Complex Software Systems, and Cyber-Physical Security. He teaches graduate courses in Information Engineering, Cyber Security, and Software Architecture. For the past six years, his research has focused on architecting large scale distributed simulation systems.

Edward D. Wagner, LTC, FA
North East Information Operations Command, Commander

Joe Provost, Cyber Systems Analysis, MIT Lincoln Laboratory

Dipankar Dasgupta
Professor, Department of Computer Science, University of Memphis
Director, Center for Information Assurance
Director, Intelligent Security Systems Research Laboratory

Dr. Dasgupta has published more than 195 research papers in book chapters, journals, and international conferences. His work on "Password Immunizer" (based on Negative Authentication System) is under submission for patent. This research focuses on the user authentication that creates the Anti-P protection shield to filter out invalid access requests. This research can provide a robust solution in immunizing authentication systems (local, remote or online) by putting an additional layer of protection (invisible) to the user. Dr. Dasgupta is a senior member of IEEE/IEEE Computer Society and also member of ACM and other societies.

Brian Neil Levine
Professor, Department of Computer Science, UMass Amherst
Director, Commonwealth Center for Forensics & Society

Dr. Levine received his M.S. and Ph.D, in Computer Engineering from the University of California, Santa Cruz in 1996 and 1999, respectively. He received his B.S. in Applied Mathematics & Computer Science from the University at Albany in 1994. His research focuses on mobile networks, privacy and forensics, and the Internet, and he has published more than 70 papers on these topics. Brian's active funding includes awards from the National Science Foundation as PI for Trustworthy Computing (medium and small awards), NETS, GENI, and SFS programs, the Department of Defense's capacity building program for security education, and the National Institute of Justice's Electronic Crime program. Since arriving at UMass, Brian has been the PI of research awards totaling more than $5 million, and co-PI on additional awards.

Bill Phelps, Accenture, Senior Executive

Bill Phelps is an Executive Director in Accenture's Security Consulting practice. Phelps is responsible for the North America Security practice and Accenture's global growth initiative. Phelps rejoined Accenture in 2004, into the Technology Consulting group. From 2000 to 2004 Phelps founded SevenSpace, an infrastructure outsourcing company that was sold to Sun Microsystems in 2005.

Location

This course takes place on the MIT campus in Cambridge, Massachusetts. We can also offer this course for groups of employees at your location. Please contact the Short Programs office for further details.

Updates

There are no updates at this time.