Syllabus for CYB-525
INTEGRATING CYBERSECURITY INTO THE SYSTEM LIFE CYCLE
This course focuses on integrating security into the entire system and solution life cycle. Topics include system planning, architecture, design, acquisition, development, implementation/operation, sustainment, and disposal. Students will learn the importance of ensuring that security practices are identified and integrated into utility networks and systems projects. In addition, this course will help students develop the knowledge and skills needed for integrating security requirements into technology acquisitions and for identifying and managing supply chain risks across system life cycles. Using case studies, students will apply the concepts learned throughout the program to solve real world utility and network system security challenges.
After completing this course, students should be able to:
CO1 Integrate key security milestones into program and project management methodology.
CO2 Create technology security requirements.
CO3 Create secure software design based on principles of protection.
CO4 Integrate security touchpoints and technologies into project architectures.
CO5 Create security requirements for IT/OT vendors and suppliers.
CO6 Evaluate supply chain practices.
CO7 Design secure development environments to match risk postures.
CO8 Apply secure coding practices to offset threats.
CO9 Plan testing and post-development life cycle phases.
CO10 Conduct a cyber survivability analysis of a critical infrastructure company.
CO11 Devise a security response plan.
CO12 Design a security operations approach for the enterprise.
You will need the following materials to complete your coursework. Some course materials may be free, open source, or available from other providers. You can access free or open-source materials by clicking the links provided below or in the module details documents. To purchase course materials, please visit the University's textbook supplier.
ISBN-13: 978-0-7704-3619-3
Students are required to purchase the CYB-525 Course Pack from Harvard Business Publishing. Students can register at the following link: https://hbsp.harvard.edu/import/542230
The student cost for the Course Pack includes four articles and the cyberattack simulation:
Required reading and viewing assignments are listed in the individual modules with links provided.
Integrating Cybersecurity into the System Life Cycle (CYB-525) is a three-credit, online course consisting of six modules. Modules include an overview, topics, learning objectives, study materials, and activities. Module titles are listed below.
For your formal work in the course, you are required to participate in online discussion forums, complete written assignments, and complete a final project. See below for details.
Consult the Course Calendar for due dates.
One or more of your course activities may utilize a tool designed to promote original work and evaluate your submissions for plagiarism. More information about this tool is available in this document.
This course requires you to participate in six graded discussion forums. There is an ungraded but required Introductions Forum in Module 1.
Deadlines for posting discussion threads are given in the Course Calendar. For posting guidelines and additional help with discussion forums, please see the Online Student Handbook located within the General Information section of the course website.
You are required to complete 12 written assignments. The written assignments are on a variety of topics associated with the course modules.
Students will engage in a cyberattack simulation exercise and read a related graphic novel. They will also create a Security Response Plan (PowerPoint presentation) that will address responding to attacks on various elements of the technology life cycle (e.g., development environment, supply chain). The plan will also include elements of the survivability analysis and the case studies of Stuxnet and others. The rationale stems from the notion that attacks are likely to happen, and the best enterprises will cultivate techniques on preparing to respond to attacks successfully rather than just focusing on prevention.
Your grade in the course will be determined as follows:
All activities will receive a numerical grade of 0–100. You will receive a score of 0 for any work not submitted. Your final grade in the course will be a letter grade. Letter grade equivalents for numerical grades are as follows:
A | = | 93–100 | B | = | 83–87 | |
A– | = | 90–92 | C | = | 73–82 | |
B+ | = | 88–89 | F | = | Below 73 |
To receive credit for the course, you must earn a letter grade of C or higher on the weighted average of all assigned course work (e.g., assignments, discussion postings, projects). Graduate students must maintain a B average overall to remain in good academic standing.
To succeed in this course, take the following first steps:
Consider the following study tips for success:
To ensure success in all your academic endeavors and coursework at Thomas Edison State University, familiarize yourself with all administrative and academic policies including those related to academic integrity, course late submissions, course extensions, and grading policies.
For more, see:
Copyright © 2018 by Thomas Edison State University. All rights reserved.
