• Online, Instructor-Led

Effective security managers must understand how to develop security policies that will be supported by executive management and adopted by all employees. This course examines the steps required in policy development including password protection, acceptable use of organization information technology assets, risk acceptance, identification of internal and external threats, countermeasures, intellectual property, proprietary information and privacy issues, compliance reporting, and escalation procedures. Related topics such as access controls, security standards, and policy implementation are covered.

Learning Objectives

  • Demonstrate an understanding in writing cyber security policy documents and how to mitigate security risks appropriately.
  • Understand the cybersecurity threat landscape as it pertains to both U.S. government and private industry
  • Identify and document the various types of cyber attacks that threaten both U.S. government and private industry information technology enterprises
  • Assess options for mitigating risks after a cyber attack has occurred.
  • Write cyber security policy documents that demonstrate an understanding of how to mitigate security risks appropriately
  • Develop an appreciation for the importance of policy implementation and enforcement

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.