Download Applied Cybersecurity

Applied Cybersecurity

Computer Science
Lead Instructor(s): John R. Williams, Abel Sanchez
Dates: Jun 20, 2016 - Jun 24, 2016
Course Fee: $4,800
CEUs: 3.3
Status: Open
Application Deadlines
Sign up for the Short Programs Email List
Register now
This course has limited enrollment. Apply early to guarantee your spot.
OVERVIEW
In today’s world, organizations must be prepared to defend against threats in cyberspace.
Decision makers must be familiar with the basic principles and best practices of cybersecurity to
best protect their enterprises. In this course, experts from academia, the military, and industry
share their knowledge to give participants the principles, the state of the practice, and strategies
for the future.
Sessions will address information security, ethical and legal practices, and mitigating cyber
vulnerabilities. Participants will also learn about the process of incident response and analysis.
The content is targeted at ensuring the privacy, reliability, and integrity of information systems.
The majority of the course (about 75%) is geared toward participants at the decision-making
level who need a broad overview, rather than those who are already deeply immersed in the
technical aspects of cybersecurity (software development, digital forensics, etc.), although both
groups will find the course valuable.
Cybersecurity is a very large subject, and therefore this course is only intended to cover the
basics of the current leading and pressing cybersecurity topics. The result is that we can cover
many different approaches. We cover the introduction of a topic and after the fundamentals, you
can explore further on your own. The goal is for participants to understand the utility of each
topic, not to become specialists in any one subject.
Content
Fundamentals: Core concepts, understandings, and tools (30%)Latest Developments: Recent
advances and future trends (20%)Industry Applications: Linking theory and real-world
(50%)0102030405060708090100
Delivery Methods
Lecture: Delivery of material in a lecture format (50%)Discussion or Groupwork: Participatory
learning (30%)Labs: Demonstrations, experiments, simulations
(20%)0102030405060708090100
Levels
Introductory: Appropriate for a general audience (30%)Specialized: Assumes experience in
practice area or field (60%)Advanced: In-depth exlorations at the graduate level
(10%)0102030405060708090100
Participant Takeaways
Who Should Attend
Seventy-five percent of the course is geared toward providing a basic framework for
professionals making cybersecurity decisions in industry and government and individuals
seeking to immerse themselves in the pressing issues of cybersecurity, giving them the
information they need to make the best decisions for the defense of their organizations. About a
quarter of the course covers more technical areas of interest to people with more engineeringfocused backgrounds, such as software developers or those working in digital forensics.
Although those with a computing background would be better prepared for the more technical
topics, an engineering or computing background is not required to benefit from any of the
sessions.
Program Outline
Please note that the exact nature and order of the topics is subject to change.
Introduction to Information Security Fundamentals and Best Practices






Protecting Your Computer and its Contents
Securing Computer Networks--Basics of Networking
Compromised Computers
Secure Communications and Information Security Best Practices
Privacy Guidelines
Safe Internet Usage
Ethics in Cybersecurity & Cyber Law









Privacy
Intellectual Property
Professional Ethics
Freedom of Speech
Fair User and Ethical Hacking
Trademarks
Internet Fraud
Electronic Evidence
Cybercrimes
Forensics



Forensic Technologies
Digital Evidence Collection
Evidentiary Reporting
Network Assurance



Layered Defense
Surveillance and Reconnaissance
Outsider Thread Protection
Secure Software & Browser Security








Software Construction
Software Design and Architecture
Software Testing
Methodologies
The New Universal Client
The Web Model
Cookies and Browser Storage
HTML5 Security
Business Information Continuity



Managing a Business Information Continuity Plan
Vulnerabilities and Controls
The Law and Business Information Continuity Plan
Information Risk Management





Asset Evaluation and Business Impact Analysis
Risk Identification
Risk Quantification
Risk Response Development and Control
Security Policy, Compliance, and Business Continuity
Cyber Incident Analysis and Response




Incident Preparation
Incident Detection and Analysis
Containment, Eradication, and Recovery
Proactive and Post-Incident Cyber Services
Course Schedule
View 2016 schedule (pdf)
Class runs 9:00 am - 5:00 pm each day.
Laptops (2009 or newer) with a modern operating system for which you have administrator
privileges are required. Tablets will not be sufficient for the computing activities in this course.
Participants’ Comments
CHIEF TECHNOLOGIST, VERMONT HITEC
"I was fascinated by the material, and the professors and guest speakers were truly the best."
IN TRANSITION
"I work in startup operations that are concerned about their intellectual property. This course
provided an excellent overview of the risks and mitigations to losing these valuable assets."
SECRETARY OF CRYPTO MANAGEMENT DEPARTMENT, NATIONAL
CRYPTO INSTITUTE
"Everyone involved in cybersecurity work should follow this course."
Instructors
John R. Williams
John R. Williams, Professor of Information Engineering, Civil and Environmental Engineering,
and Engineering Systems Director, MIT
Dr. Sanchez holds a PhD from the Massachusetts Institute of Technology (MIT). He is the
Executive Director of MIT's Geospatial Data Center, architect of “The Internet of Things” global
network, and architect of data analytics platforms for SAP, Ford Motor Company, Johnson &
Johnson, Accenture, and Altria. In cybersecurity, Dr. Sanchez architected impact analysis of
large-scale cyberattacks, designing Cyber Ranges for the Department of Defense (DOD). In
password security, Dr. Sanchez led the design of a password firewall (negative authentication)
for the Intelligence Advanced Research Projects Activity (IARPA) agency. In machine learning,
addressing fraud detection, Dr. Sanchez designed a situational awareness framework that
exploits different perspectives of the same data and assigns risk scores to entities for Accenture.
He led the design of a global data infrastructure simulator, modeling follow-the-sun engineering,
to evaluate the impact of competing architectures on the performance, availability, and reliability
of the system for Ford. He has been involved in developing E-Educational software for
Microsoft via their I-Campus Program and with establishing the Accenture Technology
Academy, an online resource for over 200,000 employees. He has 10 years of experience with
learning management systems and has made deployments in America, Asia, and Europe. He
teaches two MIT courses on computing and data science and has produced over 100 educational
videos.
Abel Sanchez, Executive Director, Research Scientist, Laboratory for Manufacturing and
Productivity, MIT
Dr. Abel Sanchez holds a Ph.D. from the Massachusetts Institute of Technology (MIT). His areas
of expertise include the Internet of Things (IOT), radio frequencyidentification (RFID),
simulation, engineering complex software systems, and cyber-physical security. He teaches
graduate courses in Information engineering, cybersecurity, and software architecture. For the
past six years, his research has focused on architecting large scale distributed simulation systems.
Ted Wagner is the Chief Information Security Officer for SAP National Security Services (SAP
NS2). SAP is the world’s leading provider of business software solutions, and National Security
Services provides industry focused services for the US DOD, Intelligence Community, and Civil
n Departments/Agencies.
Ted joined SAP National Security Services in March, 2015. He is responsible for the security
and compl nce of the corporate network, sharing best practice with customers and supporting
NS2’s FedRAMP Cloud init tive. He was previously the CISO for TASC. He supported the
Army’s CERT for 9 years as a project manager for Northrop Grumman. He was responsible for
the Incident Response, Forensic and Malware Analysis support provided to Army Cyber
Command and 1st IO Command.
Ted has led cyber teams employing tactical to strategic capabilities. Experience includes
completing the certification and accreditation process for Agency level programs. He developed
curriculum for the Computer Network Operations planner course and established a team
validation process for deploying cyber teams. Presented at national and international
conferences. Ted serves in the U.S. Army Reserves. He holds the rank of Colonel and is
currently the Deputy Chief of Staff, G6, 80th Training Command (TASS). He is an adjunct
professor at University of Maryland University College teaching Cyber Policy. He is a guest
lecturer at MIT and serves as an Advisory Board Member to the Geospat l Data Center. He is
published in the book, Cyber Infrastructure Protection, Strategic Studies Institute.
Professional Experience




CISO, SAP National Security Solutions
CISO, TASC
Northrop Grumman, Project Manager
Booz Allen Hamilton, Associate
Education


Bachelor of Economics from the Virginia Military Institute
Masters of Economics Virginia Polytechnic Institute and State University.
Links & Resources
News/Articles:


Escaping legacy IT systems
Developing next generation geonumerical simulators
Location
This course takes place on the MIT campus in Cambridge, Massachusetts. We can also offer this
course for groups of employees at your location. Please complete the Custom Programs request
form for further details.