Foundations of
Cybersecurity Certificate

Next Start Date: January 7, 2025

SCHOOL OF Graduate, International and Career Studies

Enhance your Cybersecurity Skills for Today's Digital Landscape

Program Overview

This Foundation of Cybersecurity course provides participants with a comprehensive introduction to the fundamentals of cybersecurity. Topics include an exploration of cybersecurity concepts, tools, technologies, and industry best practices. Participants will engage in hands-on activities to develop practical skills, such as risk assessment, incident response, and security controls implementation. Through interactive exercises and simulated scenarios, students will gain confidence in addressing cybersecurity threats and understanding the strategies to safeguard digital assets in diverse organizational contexts.

Certificate Objectives

  • Understand the foundational aspects of cybersecurity, including its importance to organizations, the roles of cybersecurity professionals, and the cybersecurity job market (M1).
  • Trace the historical development of cybersecurity, exploring key events, notable threats like the Brain Virus and Morris Worm, and the formation of response teams such as CERTs (M1).
  • Explain core cybersecurity concepts, including threats, vulnerabilities, and the CIA Triad, emphasizing their relevance in risk assessment (M1).
  • Identify and differentiate between various types of cyber threats, including internal/external threats and specific malware like viruses, worms, spyware, and ransomware (M2).
  • Recognize and evaluate social engineering techniques, explaining their effectiveness and providing real-world examples of successful attacks (M2).
  • Describe and implement cybersecurity frameworks, such as the NIST Cybersecurity Framework, GDPR, and ISO standards, detailing their goals, guidelines, and processes for risk management (M3).
  • Identify critical assets and risks, apply security controls, and provide examples of effective framework implementations in organizations (M3).
  • Configure and manage security controls, including access controls, firewalls, and intrusion detection/prevention systems, while using tools like Wireshark for network analysis (M4).
  • Understand and comply with cybersecurity regulations, discussing the consequences of non-compliance and how to align organizational practices with HIPAA, PCI DSS, and other standards (M4).
  • Detail the phases of incident management, from detection to recovery, and explain the role of cybersecurity analysts in managing and mitigating breaches (M5).
  • Use tools for monitoring network activity, such as SIEM systems, to detect and respond to cyber threats effectively (M5).
  • Discuss ethical considerations and emerging trends in cybersecurity, including how confidentiality, privacy, AI, blockchain, and cloud computing affect the current and future landscape of cybersecurity (M6).

Certificate will lead to a Micro-Credential

REGISTRATION IS OPEN

Time Commitment:
Flexible scheduling with evening in-person sessions and online learning modules.

Dr. Shahab S. Band

Instructor
email: bands@wcsu.edu

Certificate Modules 

#DateTimeDeliveryModule/Activities
101/07/255 - 7 p.m.In-personM1: Foundations of Cybersecurity
201/08/255 - 7 p.m.In-personM2: Understanding Cyber Threats and Social Engineering
301/14/255 - 7 p.m.In-personM3: Cybersecurity Frameworks and Risk Management
401/15/255 - 7 p.m.In-personM4: Security Controls and Compliance
501/21/255 - 7 p.m.In-personM5: Incident Detection and Response
601/22/255 - 7 p.m.In-personM6: Ethical and Emerging Topics in Cybersecurity

Detailed Outline

M1: Foundations of Cybersecurity

  1. Introduction
    • Definition of cybersecurity and its importance in organizations.
    • Role of cybersecurity professionals.
    • Overview of the cybersecurity job market and career paths.
  2. Historical Context
    • Evolution of cybersecurity threats (e.g., Brain Virus, Morris Worm).
    • Development of Computer Emergency Response Teams (CERTs).
  3. Key Concepts
    • Threats, vulnerabilities, and risks.
    • CIA Triad: Confidentiality, Integrity, Availability.

M2: Understanding Cyber Threats and Social Engineering

  1. Types of Threats
    • Internal vs. External threats.
    • Malware (viruses, worms, ransomware, spyware).
  2. Social Engineering
    • Tactics (phishing, vishing, smishing, baiting, physical impersonation).
    • Why social engineering is effective (authority, urgency, familiarity).
    • Case studies: LoveLetter attack, Equifax breach.

M3: Cybersecurity Frameworks and Risk Management

  1. Security Frameworks
    • Overview: NIST Cybersecurity Framework (CSF), GDPR, ISO standards.
    • Core components: Goals, guidelines, processes, monitoring.
  2. Risk Management
    • Identifying critical assets and risks.
    • Applying controls to mitigate risks.
    • Real-world examples of framework implementation.

M4: Security Controls and Compliance

  1. Security Controls
    • Access controls, firewalls, intrusion detection/prevention systems.
    • Security tools and techniques (Wireshark).
  2. Compliance and Regulations
    • Overview of key regulations: HIPAA, PCI DSS, GDPR.
    • U.S.-specific regulations: FERC-NERC, FedRAMP.
    • Consequences of non-compliance.

M5: Incident Detection and Response

  1. Incident Management
    • Phases: Detection, containment, investigation, recovery.
    • Role of the security analyst during breaches.
  2. Tools and Techniques
    • Network activity monitoring, SIEM tools.
    • Case study: Managing data breaches.

M6: Ethical and Emerging Topics in Cybersecurity

  1. Ethical Considerations
    • Confidentiality, privacy, and ethical decision-making.
    • Avoiding conflicts of interest.
  2. Emerging Trends
    • Cloud security, blockchain, AI in cybersecurity.
    • Preparing for future roles: Certifications and skill-building (e.g., Python automation).

Certificate Learning Outcomes

Upon successful completion of the Foundation of Cybersecurity Certificate, learners will be able to:

  • Define and explain fundamental cybersecurity concepts, including the definitions of cybersecurity, threats, vulnerabilities, and the CIA Triad (Confidentiality, Integrity, Availability).
  • Analyze historical and modern cybersecurity threats, understanding the evolution of attacks and the importance of Computer Emergency Response Teams (CERTs).
  • Identify and assess various cyber threats, including internal vs. external threats and common malware types (viruses, ransomware, etc.).
  • Explain social engineering tactics, why they are effective, and how they impact organizational security, referencing case studies like the LoveLetter attack and the Equifax breach.
  • Interpret and implement security frameworks and risk management strategies, such as the NIST Cybersecurity Framework, GDPR, and ISO standards, to mitigate risks in real-world scenarios.
  • Apply security controls and use cybersecurity tools, including access controls, firewalls, and Wireshark, to detect and prevent cyber threats.
  • Understand compliance and regulatory requirements, including key U.S. and international regulations like HIPAA, PCI DSS, FERC-NERC, and GDPR, and their impact on organizational security practices.
  • Manage cybersecurity incidents, following the phases of detection, containment, investigation, and recovery, and using relevant tools like SIEM systems for data breach management.
  • Discuss ethical considerations in cybersecurity, focusing on confidentiality, privacy, and avoiding conflicts of interest in decision-making.
  • Analyze and adapt to emerging trends in cybersecurity, such as AI, blockchain, and cloud security, while identifying skills and certifications needed for future roles in the field.

Assessment Plan

The following assessment instruments will be used to evaluate the participants’ learning outcomes and overall understanding of the Foundation of Cybersecurity concepts.

1. Mid-Program Assessment

This assessment will be conducted after the completion of Module 4 to gauge participants’ progress and understanding of the first half of the program.

2. Final Assessment

This comprehensive assessment will be conducted at the end of the program.

3. Participation and Engagement

Assess participants’ overall engagement throughout the program including attendance for in-person modules and participation in online discussions and activities.