Course Information

Technological advances change how we live, work, and relate to one another. Remote presence and the interconnectivity of people, devices, and organizations open a whole new playing field of vulnerabilities and access points that cybercriminals can exploit. While the pace of technology innovation is increasing, cyberattacks are becoming more destructive globally.  Security incidents continue to rise and will continue to be a top-of-mind item for businesses, governments, and industry regulators. Cybersecurity is not just an IT responsibility. To effectively prevent attacks and build robust defenses, everyone within an organization needs to stay aware of emerging threats, technologies, and practices. This course is designed to help both individuals and organizations adopt a security-centric mindset and habits that safeguard data and networks from potential cyberattacks and theft. It is divided into four parts:

• Part I explains how the evolution of technology has transformed society, connected people in ways never imagined, and changed the face of computer and Internet fraud. It addresses the concern of IoT adoption, the danger of the interdependent nature of critical infrastructure sectors, security challenges of cloud-based solutions, and the rise of AI-enabled cybercrime.
• Part II identifies the causes of individuals in the performance of cybercriminal behavior and threat actor profiles to help organizations understand and anticipate attacker behavior. It also introduces the MITRE ATT&CK framework, a global knowledge base of real-world adversary tactics and techniques, to help organizations prevent, detect, and respond to attacks more effectively. Finally, it discusses how attackers prey on human emotions to achieve their goals.
• Part III explains how cyberattacks manifest in different forms and includes security measures that protect both individuals and organizations from a wide range of malicious online activities. It explains how to recognize and avoid phishing attacks and business email compromise schemes. It also discusses security strategies for both ransomware and DDoS attacks, encompassing protection and recovery. Finally, it describes common digital skimming methods and mitigation strategies for businesses and individuals.
• Part IV highlights key federal laws that govern the nation’s cybersecurity and computer-based fraud. Industry-specific federal laws regulating the privacy and security of data are also discussed. Finally, it identifies widely recognized cybersecurity frameworks, such as the NIST Cybersecurity Framework and ISO/IEC 27001:2022 and describes how they help organizations communicate, manage, and reduce cybersecurity risk to protect their cyber environment. Real-world examples are included as well.

The enclosed case study, “Change Healthcare Cyberattack”,  demonstrated how vulnerabilities in cybersecurity practices led to a significant breach. Real-world examples are incorporated throughout courses to enhance understanding. The course also includes checklists that guide you through the recovery process after losing personal information and help businesses to make smart, sound decision of responding to a data breach, as well as cybersecurity tips for small businesses that protect the business, customers, and data from growing threats.

1. Recognize threats driven by emerging technologies
2. Identify factors contributing to the rise of cybercrime
3. Recognize the key components of the MITRE ATT&CK framework
4. Identify common types of cyber threat actors
5. Recognize phishing attempts and ways to avoid them
6. Identify ransomware protection and response strategies
7. Recognize the target of digital skimming and protection measures
8. Identify DDoS attack methods and mitigation techniques
9. Recognize the key federal laws that govern data privacy and security
10. Identify the NIST Cybersecurity Framework core functions
11. Recognize the key aspects of ISO 27001 and PCI DSS
12. Recognize the benefit of the CIS controls