By the end of this course, you'll have a greater understanding of the threats that affect private, corporate, and government networks, and the knowledge to prevent attacks and defeat them.
- Dissecting cyber risk
- Working with NIST, COBIT 5, DSS05, and other frameworks
- Exploring cybercrime
- Understanding how malware hides
- Selecting security controls
- Managing user access and identity
- Monitoring your network
- Managing incident response
Skill Level Intermediate
- [Voiceover] Hi, my name is Malcolm Shore, and welcome to Foundations of Cybersecurity. This course introduces the topic of cybersecurity by covering the frameworks and standards used to establish the baseline level of acceptable control to mitigate online threats. We'll look at how to calculate the cyber risk, how we can architect cyber security solutions, and the way in which we manage a cybersecurity incident. I'll start by taking a look at the five elements of the NIST framework for cybersecurity: Identify, Protect, Detect, Respond, and Recover.
Then I'll review some of the other key frameworks in use today, including IT general controls and COBIT 5. I'll also cover the main control standards used in cybersecurity, ISO 27000, and NIST Federal Controls as well as the Payment Card Industry's Data Security Standard. I'll describe the cyber kill chain and explain the variety of threats that can affect individuals, businesses, and governments. I'll cover both state sponsored cyberespionage and the cyber crime industry.
I'll show how cybersecurity can be architectured to ensure business success using a methodology known as the Sherwood Applied Business Security Architecture, or SABSA. I'll then cover the main types of cybersecurity mechanisms. Preventative measures are never fully successful, and so it's important to understand how to manage a cybersecurity incident. I'll cover the processes for preparing for, managing, and recovering from an incident. When you finish this course, you'll have a great understanding of cybersecurity issues, covering both the threats to information and the framework to defeat those threats and how to implement the framework using a disciplined architectural approach.
Now let's get started with Foundations of Cybersecurity.