MIT 335: ORG SECURITY & CYBER ATTACKS

This course covers the people and process aspect of information assurance and security, which is the most widely ignored part of the IT industry. Topics include security life cycle, certification and accreditation, configuration management, employment practices and security awareness. Best practices of policy development will be covered along with industry specific standards. Industry specific laws and regulations such as the Health Insurance Portability and Accountability Act (HIPAA), Sarbanes-Oxley (SARBOX), National Institute of Standards and Technology (NIST), and others will also be explored. In addition, privacy issues in computing, personnel, and physical security will be discussed along with biometrics. Prerequisite: MIT 325.