JCU Logo
JOHN CABOT UNIVERSITY

COURSE CODE: "CS/MGT 337"
COURSE NAME: "Cybersecurity and Data Privacy Management"
SEMESTER & YEAR: Fall 2023
SYLLABUS

INSTRUCTOR: Stefano Gazziano
EMAIL: [email protected]
 HOURS: MW 4:30 PM-5:45 PM
TOTAL NO. OF CONTACT HOURS: 45
CREDITS: 3
PREREQUISITES: Prerequisites: CS 101 or permission of the instructor
OFFICE HOURS:
COURSE DESCRIPTION:
This course will introduce students to the key issues in Cybersecurity Management and Privacy and contribute to raising their awareness of related concerns. It will also cover the basics of Information Security, Business Continuity, and Risk Management. Students will be provided with fundamental knowledge of personal data protection, as well as confidentiality, integrity and availability of individuals’ and companies’ sensitive information and valuable assets. Classes will involve a mixture of lectures, seminar discussions, and in-class activities and labs. Each practical class will culminate in an assessed exercise.
SUMMARY OF COURSE CONTENT:

CS/MGT-337 is an introductory course that provides a comprehensive overview of the principles, practices, and technologies in the field of cybersecurity. The course explores the principles, practices, and strategies for protecting digital assets, managing cybersecurity risks, and ensuring compliance with data privacy regulations.  Students will gain knowledge of cybersecurity actors, motivations, risks, data security perspectives, Internet and insider threats, frameworks, incident response planning, privacy laws, and industry best practices.  Through case studies and hands-on exercises, students will develop the skills necessary to understand the risks, the actors, and the technologies and regulatory framework commonly used to analyze, implement, and manage effective cybersecurity and data privacy programs.

After an agreement with Fortinet, a leading cybersecurity company, this course will loosely follow Fortinet Training Academy training certification courses, levels 1,2,3. JCU Students willing to be certified may personally access for free and directly the Fortinet Training center using their JCU userid and password, selecting the “PUBLIC” option .

 
LEARNING OUTCOMES:
By the end of the course, students will be able to:
- Comprehend the fundamental concepts and principles of cybersecurity.
- Analyze and assess various cybersecurity threats and vulnerabilities.
- Apply security measures and controls to protect systems and networks.
- Understand the ethical and legal issues associated with cybersecurity.
- Demonstrate knowledge of secure coding practices and common attack techniques.
- Evaluate and recommend appropriate cybersecurity solutions.
 
TEXTBOOK:
Book TitleAuthorPublisherISBN numberLibrary Call NumberCommentsFormatLocal BookstoreOnline Purchase
Computer Security: Principles and Practice, 4th edition (July 14th 2021)William StallingsLawrie Brown Pearson9780137502875  Hard Copy  
REQUIRED RESERVED READING:
NONE

RECOMMENDED RESERVED READING:
NONE
GRADING POLICY
-ASSESSMENT METHODS:
AssignmentGuidelinesWeight
tba• Assignments: 30% • Examinations: 30% • Case Studies: 15% • Projects: 20% • Class Participation: 5% 30% average of tests

-ASSESSMENT CRITERIA:
AWork of this quality directly addresses the question or problem raised and provides a coherent argument displaying an extensive knowledge of relevant information or content. This type of work demonstrates the ability to critically evaluate concepts and theory and has an element of novelty and originality. There is clear evidence of a significant amount of reading beyond that required for the course.
BThis is highly competent level of performance and directly addresses the question or problem raised.There is a demonstration of some ability to critically evaluatetheory and concepts and relate them to practice. Discussions reflect the student’s own arguments and are not simply a repetition of standard lecture andreference material. The work does not suffer from any major errors or omissions and provides evidence of reading beyond the required assignments.
CThis is an acceptable level of performance and provides answers that are clear but limited, reflecting the information offered in the lectures and reference readings.
DThis level of performances demonstrates that the student lacks a coherent grasp of the material.Important information is omitted and irrelevant points included.In effect, the student has barely done enough to persuade the instructor that s/he should not fail.
FThis work fails to show any knowledge or understanding of the issues raised in the question. Most of the material in the answer is irrelevant.
-ATTENDANCE REQUIREMENTS:
Attendance is mandatory.  Classes will involve a mixture of lectures, seminar discussions, and in-class activities and labs.
ACADEMIC HONESTY
As stated in the university catalog, any student who commits an act of academic dishonesty will receive a failing grade on the work in which the dishonesty occurred. In addition, acts of academic dishonesty, irrespective of the weight of the assignment, may result in the student receiving a failing grade in the course. Instances of academic dishonesty will be reported to the Dean of Academic Affairs. A student who is reported twice for academic dishonesty is subject to summary dismissal from the University. In such a case, the Academic Council will then make a recommendation to the President, who will make the final decision.
STUDENTS WITH LEARNING OR OTHER DISABILITIES
John Cabot University does not discriminate on the basis of disability or handicap. Students with approved accommodations must inform their professors at the beginning of the term. Please see the website for the complete policy.
SCHEDULE

 

Unit 1: Cybersecurity awareness: actors, threats, methods

                     Introduction to Cybersecurity and Privacy

                     Quantitative assessment of cases and damages

                     Bad actors

                     Data security perspectives

                     Password perspectives

                     Internet threat Perspectives 

                     Insider threat Perspectives

                     Legal, ethical, and regulatory considerations

Unit 2: The evolution of cybersecurity

                     Threat landscape analysis and risk assessment

                     ZTNA – Zero Tolerance Network Access

                     SASE – Secure Access Service Edge

                     Cloud security

                     SD-WAN – Software Designed Wide Area Network

                     Endpoint and firewall. Wi-FI

                     Threat intelligence services

                     Incident response planning and management 

o   Security Orchestration, automation and response

o   Sandboxes

o   Security Information and Event management

                     Business continuity and disaster recovery considerations

Unit 3: Data Privacy Management

                     Data privacy laws and regulations (e.g., GDPR, CCPA)

                     Privacy impact assessments and compliance requirements

                     Data subject rights and consent management

Unit 4: Privacy and Security in Emerging Technologies

                     Privacy and security implications of Internet of Things (IoT)

                     Security challenges in artificial intelligence and machine learning

                     Privacy and security considerations in blockchain technology

                     Ethical considerations in emerging technologies

 

Case Studies and Real-world Applications will be explored during the course