Cyber Security Training for Management
Define information security, threats, vulnerabilities, exploits, and other relevant terminology.
Developing a Security Policy
Define steps to create information security high-level policy document that overview security for the entire organization. Also overview the plans and procedures documents that would be a supporting part of the policy.
Risk Management: Identifying, Assessing, and Controlling Risk
Define risk and its associated terminologies. Overview the steps of a risk assessments and its associated business functions such as a business impact analysis and cost-benefit analysis. Outline how to create and read reports associated to risk management. Provide the framework for understanding the different types of risk controls and their functions.
Business Continuity Planning and Disaster Recovery Planning
Define the BCP and DRP processes. Provide basis to understand importance of availability of services provided by the organization. Outline the processes to keep a business functional during normal business operations and disaster events.
Laws and Ethics
Overview of important laws and regulations relating to information security (HIPPA, FERPA, ISO, etc). Outline of important terms such as patents, trademarks, trade secrets, and copyrights. Provide ethical suggestions for information security best practices.
Protection Mechanisms and Mitigation Techniques
A capstone to apply the learning in the lecture to real life situations. Discussion of mechanism such as physical controls, technical controls, and administrative controls that provide mitigation of security risks. Provide understanding of realtime threats such as phishing, social engineering, and malware.
(This Your Center of Learning class has been approved for Continuing Education Credit. Students must register at least five days before the start of class.)
Meet the Instructor
Justin Hensley is the network director for the Department of Information Technology and professor for the School of Computer and Information Services in the Division of Information Services at the University of the Cumberlands.
A 10-year veteran of the information technology and security field, Hensley is responsible for all network services and data centers at both university campuses. He also teaches a number of undergraduate and graduate courses, including network security, risk management, operations security, and hardware and architecture.
Hensley has a BS in computer information systems and business administration, a MBA, and a MS in information systems security. He is currently working on a PhD in leadership with an emphasis in cyber security and holds several certificates, including the certified information systems security professional (CISSP).
He resides in Williamsburg with his wife and three boys.