Developing Cybersecurity Programs and Policies in an AI-Driven World

Introduction

Understanding Cybersecurity Policy and Governance

• Information Security vs. Cybersecurity Policies
• Looking at Policy Through the Ages
• Cybersecurity Policy
• Cybersecurity Policy Life Cycle
• Summary
• Exercises
• Projects

Cybersecurity Policy Organization, Format, and Styles

• Policy Hierarchy
• Writing Style and Technique
• Policy Format
• Summary
• Exercises
• Projects

Cybersecurity Frameworks

• Confidentiality, Integrity, and Availability (CIA)
• What Is a Cybersecurity Framework?
• NIST Cybersecurity Framework
• Summary
• Exercises
• Projects
• References

Cloud Security

• Why Cloud Computing?
• Cloud Computing Models
• Cloud Governance
• Multitenancy
• Core Components of the Cloud Computing Reference Architecture
• Key Concepts and Functional Layers of Cloud Computing
• Understanding Top Cybersecurity Risks in Cloud Computing
• AI and the Cloud: Revolutionizing the Future of Computing
• Summary
• Exercises
• References

Governance and Risk Management

• Understanding Cybersecurity Policies
• Cybersecurity Risk
• Summary
• Exercises
• Projects
• References

Asset Management and Data Loss Prevention

• Information Assets and Systems
• Information Classification
• Labeling and Handling Standards
• Information Systems Inventory
• Understanding Data Loss Prevention Technologies
• Summary
• Exercises
• Projects
• References

Human Resources Security and Education

• The Employee Life Cycle
• The Importance of Employee Agreements
• The Importance of Security Education and Training
• Summary
• Exercises
• Projects
• References

Physical and Environmental Security

• Understanding the Secure Facility Layered Defense Model
• Protecting Equipment
• Environmental Sustainability
• Summary
• Exercises
• Projects
• References

Cybersecurity Operations (CyberOps), Incident Response, Digital Forensics, and Threat Hunting

• Incident Response
• What Happened? Investigation and Evidence Handling
• Understanding Threat Hunting
• Understanding Digital Forensic Analysis
• Data Breach Notification Requirements
• Summary
• Exercises
• Projects
• References

Access Control Management

• Access Control Fundamentals
• Infrastructure Access Controls
• User Access Controls
• Summary
• Exercises
• Projects
• References

Supply Chain Security, Information Systems Acquisition, Development, and Maintenance

• Strengthening the Links: A Deep Dive into Supply Chain Security
• System Security Requirements
• Secure Code
• Cryptography
• Summary
• Exercises
• Projects
• References

Business Continuity Management

• Emergency Preparedness
• Business Continuity Risk Management
• The Business Continuity Plan
• Business Continuity and Disaster Recovery in Cloud Services
• Plan Testing and Maintenance
• Summary
• Exercises
• Projects
• References

Regulatory Compliance for Financial Institutions

• The Gramm-Leach-Bliley Act
• New York’s Department of Financial Services Cybersecurity Regulation
• What Is a Regulatory Examination?
• Personal and Corporate Identity Theft
• Regulation of Fintech, Digital Assets, and Cryptocurrencies
• Summary
• Exercises
• Projects
• References

Regulatory Compliance for the Health-care Sector

• The HIPAA Security Rule
• The HITECH Act and the Omnibus Rule
• Understanding the HIPAA Compliance Enforcement Process
• Summary
• Exercises
• Projects
• References

PCI Compliance for Merchants

• Protecting Cardholder Data
• PCI Compliance
• Summary
• Exercises
• Projects
• References

Privacy in an AI-Driven Landscape

• Defining Privacy in the Digital Context
• The Interplay Between AI and Privacy
• General Data Protection Regulation (GDPR)
• California Consumer Privacy Act (CCPA)
• Personal Information Protection and Electronic Documents Act (PIPEDA)
• Data Protection Act 2018 in the United Kingdom
• Leveraging AI to Enhance Privacy Protections
• Summary
• Exercises
• Project
• References

Artificial Intelligence Governance and Regulations

• The AI Double-Edged Sword
• Generative AI, LLMs, and Traditional Machine Learning Implementations
• Introduction to AI Governance
• The U.S. Executive Order on the Safe, Secure, an...y Development and Use of Artificial Intelligence
• The Importance of High Accuracy and Precision in AI Systems
• Explainable AI (XAI): Building Trust and Understanding
• Government and Society-wide Approaches to AI Governance
• The EU AI Act
• Guidelines for Secure AI System Development
• OWASP Top 10 Risks for LLM
• MITRE ATLAS Framework
• Summary
• Exercises
• Project
• References

Practice Test Questions