Course Overview:

Depending on the definition of a “cyber attack”, estimates for the total number of cyber attacks in the US during 2015 range from as low as a few thousand to over 77,000. Regardless of the definition of a cyber attack, cyber events inundate organizations today, requiring them to identify and respond to events that target their cyberspace operations.

This course presents real-world examples of cyber threats and events to enable students to understand how to apply multi-discipline knowledge to identify and respond to these cyber events, and to develop systems that can continue to function correctly despite the event. Cyber events that are prevalent in the news today provide insight into many of the gaps in today's approaches to engineering cyber security into our systems and infrastructure. For example, the 2015 Anthem breach highlights the lack of following best practices for data encryption; Stuxnet highlights issues with security of ICS; and, multiple breaches, including State of Arizona voter database and the breach of U.S. Federal Government personnel databases, highlight the need to follow best practices for data security.

Systems engineers must prioritize security controls to address the cyber risks of a holistic system. The use-case-based approach of this course provides students the applied knowledge needed to understand cyber security processes, adversary, environment, security controls, and frameworks needed to implement cyber security holistically.

Course Outline:

• Introduction to Cyber Security o Cyber risk, threats, events, and attacks

o Understanding the cyber adversary

o Understanding the cyber environment

o Cyber attack “kill chain”


• Computer security frameworks

• Introduction to Cryptography

• Securing computer systems o Networks (and Web)

o Operating System

o Data


• Securing ICS

• Securing Workstations

• Human factors and cyber security o Safe internet usage

o Adversary inside


• Cyber event monitoring, detection, and identification o Auditing Analysis

o Deception

o Cyber Attack Taxonomies and Models




• Response and recovery o Ethics

o Communications

o Forensics

o Recovery of systems

o Intellectual property


• Cyber security program management o Risk Management § Risk Acceptance

§ Risk Avoidance

§ Risk Mitigation

§ Risk Transfer


o Compliance and legal § Privacy

§ Health information (HIPAA and Hitech)

§ Financial



• Developing a cyber security program


Key Learning Objectives:

• Understand key cyber security concepts, such as cyber attack, cyber event, and cyber risk

• Apply common computer security frameworks to address cyber security gaps

• Apply cryptography to secure computer systems, and protect data at rest and in transit

• Identify and implement appropriate security controls based on cyber environment, cyber threat, and the cyber adversary

• Clean corrupted systems and restore system capabilities following a successful cyber attack

• Use the Internet safely and apply safe usage rules for others to do the same

• Apply forensic concepts in evidence collection and reporting required to respond to cyber attacks

• Secure networks using firewalls, intrusion detection and prevention systems, and other network monitoring / management controls

• Understand principles of web security

• Analyze and respond to cyber events

• Understand key concepts in cyber law, intellectual property and cyber crimes

• Manage cyber risks

• Develop a cyber security program