Online Master’s in Cybersecurity Management

New technologies have increasingly enabled corporations and governments to collect, analyze, and share huge amount of data related to individuals. Today, the challenge is enabling the legitimate use of the collected data without violating privacy and security. In this course, we are going to analyze the fundamental models of ensuring data privacy and security, and explore potential theoretical models, algorithms, and technologies that can enhance data privacy and security in different contexts, such as market basket, search engine, location-based services, social network, cloud computing, cryptocurrencies, and smart grid. We will also design and implement different techniques (e.g., cryptographic protocols, secure computation, and data sanitization) as well as examine their performance in terms of three critical properties (privacy/security, utility, and efficiency).

This course gives students a clear understanding of computer and cybersecurity as threats and defense mechanisms backed by mathematical and algorithmic guarantees. Key topics covered include introductory number theory and complexity theory, cryptography and applications, system security, digital forensics, software and hardware security, and side-channel attacks. Course projects will provide hand-on experiences on languages, libraries, and tools supporting state-of-the art cryptography applications.

LAW 252 Privacy Law
Privacy may be one of the most pervasively discussed issues in this decade as a result of the increased concerns for security in travel, the openness of the internet, the consolidation of information in massive databases both by corporations and by governments, high incidence of identity theft, and the development of more and more highly sophisticated “listening and viewing” devices. This class examines privacy as protected by statute B through a patchwork of privacy acts B and the concomitant freedom of information requirements of a democratic government, as developed through tort doctrine in the courts, and as articulated through the Constitution of the United States and those of the various states. All aspects of privacy are considered, including wiretapping, government-required personal and business information, personal, family, and reproductive autonomy, the “right to be let alone,” and the right of publicity.

OR

LAW 478 Computer and Network Privacy
More and more, both practice and the job market require lawyers who understand the interface between law and technology. This course provides a unique opportunity to understand that interface. No technical knowledge is required. Everything is explained in plain English. The course addresses the issue of privacy in an age of surveillance. How much privacy should we demand? Why does privacy matter? How is privacy to be defined? The course addresses security issues because in the internet age there is no privacy without security and security failures may yet lead to the end of the internet age. The course provides a unique opportunity to really understand the interface between law and technology.

This course will introduce essential programming concepts and techniques used in analytics. Students will learn and make use of industry standard programming languages widely used in application programming for data and statistical analysis in cybersecurity as well as other purposes. Students will understand and use various libraries for data manipulation, preparation, and analysis, and will be equipped to use the programming languages covered in real-world scenarios and circumstances upon completion.

This course introduces the applied theories relevant to human factors in information security, digitalization, and sociotechnical environments. It examines the human element through a comprehensive approach that explores human errors, new technologies, and cybersecurity incidents. The course investigates human-related aspects that have an impact on the practices, policies, and procedures that are in place in an organization to secure the firm’s information. Topic areas include human behavior, ethics, psychology, social engineering, the culture of hacking, cybercrimes, security fatigue, and burnout. The analysis covers techniques to prevent intrusions and attacks that threaten organizational data and methods to identify potential insider threats.

This course includes in-depth examination of topics in the management of information technology security, including access control systems and methodology, business continuity and disaster recovery planning, legal issues in information system security, ethics, computer operations security, physical security, and security architecture, and models using current standards and models.

This course is an in-depth examination of topics in information technology/information security governance, risk, and compliance including information assurance policies, standards, and compliance, as well as the examination of security risk analysis and the performance of systems certification and accreditation.

Current legal issues in information technology are addressed, including elements of contracting, payment systems and digital signatures, privacy concerns, intellectual property, and business torts, as well as criminal liability, including hacking, computer trespass, and fraud. Examination of ethical issues, including privacy, system abuse, and ethical practices in information technology, equip students to make sound ethical choices and resolve legal and moral issues that arise in information technology.

Industry standard practices and standards in the auditing of information technology in an organization are addressed, with a particular emphasis on examination of IT governance, assets, controls, and control techniques. Specific areas covered will include the audit process, IT governance, systems and infrastructure life cycle management, IT service delivery and support, protection of information assets, and business continuity and disaster recovery. Students will examine case studies and complete hands-on exercises.

Students learn to design and manage key business information security functions, including incident response plans, incident response teams disaster recovery plans, and business continuity plans. Reporting, response planning, and budgeting are all addressed. Students working in reams will prepare an incident response, disaster recovery, or business continuity plan for a real-world organization such as a business or a government body or agency.