Students will be provided with an understanding of the importance and purpose of security risk management, and how it is governed by various internationally recognized frameworks. Students will gain practical experience in performing Business Impact and Risk Assessments as well as IT Risk Audits. Students will acquire a practical understanding of how to establish secure baselines and utilize security controls to manage risks effectively. Emphasis will be placed on the legal, regulatory, and compliance dimensions of risk management and the necessity of cultivating a risk-aware culture within culturally varied organizations.
In the ever-changing landscape of cyber threats, it is important to create secure, holistic architectures that are reliable, scalable, and support critical business initiatives and functions. will have the opportunity to gain experience with the foundational principles, frameworks, and practices necessary to design and implement secure digital infrastructures and apply them in the workplace. Students will navigate through core security architecture concepts, security design principles, security controls, and security infrastructure technology architectures that can be applied in varying organizations.
This course guides students through delivery of essential and effective security services leveraging various project management methodologies. Students will examine the alignment of security services to meet business needs through discovery of what it takes to deliver and operate a service from inception to end-of-life. Operationalization of a service from a management perspective is a key element of this course where students will explore important components such as managing a budget and creating metrics. Students will utilize practices for managing successful projects while incorporating the People, Process, and Technology framework.
In the dynamic world of Information Technology, Information Security is paramount for safeguarding assets. Students will have the opportunity to gain a comprehensive understanding of both theoretical and practical aspects of Security Management. Students will examine the importance of building and managing an effective security program that also supports technology projects. Focusing on leadership qualities, emphasis will be placed on student skill development in security strategies for mitigating security risks and fostering a security-centric and inclusive organizational culture. Students will be better positioned as aspiring IT security managers and leaders to integrate security as a core business strategy into diverse organizations.
Students will be provided with the opportunity to participate in advanced vulnerability management and ethical hacking practices. Students will utilize tools for vulnerability management and penetration testing as well as learn the importance of vulnerability reporting and communicating the results. The legal and philosophical aspects of hacking will be explored, and students will be able to describe vulnerabilities found in industry specific vulnerability databases. Equipped with a blend of hands-on experience and theory, students will be prepared to conduct vulnerability management in various technological and physical environments.
We live in a world of increasingly interconnected global systems where resiliency planning has become a priority for many governments, businesses, and Indigenous communities. Students will explore multiple aspects of resiliency planning, including Incident response, business continuity, disaster recovery, and risk management. Students will engage in collaborative exercises that assist with resiliency and contingency planning. These stages will allow students to form a comprehensive approach to managing incidents, solving problems, ensuring business continuity, and recovering from disasters, thereby minimizing the impact on business operations and ensuring resilience.
This course covers the key areas of managing a security operations organization, from crafting and implementing strategic security policies to daily security management. Students will experience working with threat intelligence systems and services. In addition, students will cover elements of human resource management such as equity, diversity, and inclusion, and vendor management as well as security services maintenance associated with security operations. Students will assess industry trends and measure service effectiveness using capability maturity models. By blending theoretical and practical concepts students will be equipped with skills required to manage security operations.
Increased cyber threats are driving the need for security incident response and digital forensics when breaches occur in an organization. In this course, students will learn to use Incident Response plans that promote the necessary skills and knowledge to detect, respond, manage, and recover from security incidents. Students will engage in an investigative scenario where forensic tools and processes will be utilized to maintain chain of custody and gather evidence. In addition, the course will incorporate student participation in post incident reviews, as well as development of effective communications related to these concepts.
This course bridges the gap between artificial intelligence (AI) and information security, offering insights into how AI technologies can be harnessed to bolster security defenses and mitigate risks. Students will learn about AI-driven security strategies, machine learning models for threat detection, ethical considerations and bias in AI deployment. Students will gain hands-on experience through application of AI technologies for enhancing security postures, detecting and responding to threats, and automating security tasks. The combination of artificial intelligence techniques and foundational security principles will help prepare students to engage in protecting organizational digital assets.
In this course students will learn about key governance frameworks and integrate them with diverse organizational cultures and roles from the boardroom to operations. Students will develop a model to manage Governance, Risk, and Compliance which will align IT strategy with business objectives. Students will be introduced to topics such as IT risk, legal requirements, and Key Goal Indicators (KGI’s) as well as audit and compliance concepts such as preparing for security audits and navigating industry-specific regulation requirements. A blend of theory, real-world scenarios, and practical exercises will provide students with industry knowledge necessary in these fields.
In this course, students will be challenged to apply their knowledge and skills of information security in a real-world application. Working closely with an industry partner and instructor, students will identify a security risk that requires mitigation. Each project team will analyze, plan, and research a proposed security solution which will be presented to stakeholders. The team will implement and test the proposed solution. Finally, students will critically evaluate the impact of the security solution through a structured 'lesson learned' process, reflecting on areas of success and identifying opportunities for improvement.