Students will apply the learnings from the class participation through a project and present their findings to the class at the end of the course. Students will choose one topic from the three announced in the first week and will apply all the principles learned in the classes as well as supplement it with individual research. The student will submit the paper in the thirteenth week. There will be discussions on the projects in the class regularly during the 12 sessions to share the progress and findings. After the submission of the papers, students will present their research and conclusions to the class during the 14th and 15th weeks. The output of the project consists of:
1. A paper which must contain at least the following elements:
- Executive summary
- Problem statement
- Key requirements to address the problem
- Key research findings
- Solution options/conclusion/recommendations
- List of references
- Supporting material in Appendices
The three topics that the student can choose one from are:
Your company has its main office in San Jose and two branch offices in New York and Dallas. You would like to use the cost-effectiveness and resiliency of “Cloud Computing” without jeopardizing the “private” information and security. Propose a total solution with security, high availability and disaster recovery. Make reasonable assumptions regarding your company and state them. Define the requirements for a total solution, investigate various options and propose a solution that meets the requirements, return on investment criteria, and is compelling enough to convince the CEO to authorize the implementation.
You have been recently appointed as the CIO for a large retail company. You are charged with addressing data security that has been a major news item in the past six months where the customer sensitive data has been stolen by hackers. Fortunately, your company has not yet been significantly affected. Your CEO is very nervous and has tasked you to propose a plan to assure him that proper processes and policies are in place. At the same time, he has also cautioned that the IT budget cuts are forcing to do more with less. You are asked to provide a short term plan to put in place processes and policies to assure sensitive data confidentiality, integrity, and availability and a long term plan to proactively prevent security breaches in a cost-effective manner. Your proposal is due on April 15th. Make appropriate assumptions on current IT processes and policies in place and state them. Identify gaps and propose countermeasures.
You are working for a senator who is in the senate intelligence committee. Your senator has commissioned you to provide a brief on the appropriate legislative action to address the increasing demand for enacting major legislative provisions relating to cybersecurity since the Federal Information Security Management Act of 2002 (FISMA). Cybersecurity represents one of the most serious national security threats and economic challenges confronting our country. Cybercrime costs the United States approximately $100 billion annually. At the same time, the quantity and sophistication of cyberattacks continue to accelerate at a frightening pace. From 2006 to 2012, cybersecurity attacks on the federal government alone increased by 782%, reaching 48,000 reported incidents in 2012. Your brief should address the challenges posed by emerging technologies such as cloud computing, biometrics, mobile devices, and drones. The senator is especially interested in balancing privacy and national security with fairness.