Assignments and Reading

Loading...

En provenance du cours de New York University Tandon School of Engineering

Enterprise and Infrastructure Security

163 notes

New York University Tandon School of Engineering

Enterprise and Infrastructure Security

163 notes

Cours 4 sur 4 dans Specialization Introduction to Cyber Security

This course introduces a series of advanced and current topics in cyber security, many of which are especially relevant in modern enterprise and infrastructure settings. The basics of enterprise compliance frameworks are provided with introduction to NIST and PCI. Hybrid cloud architectures are shown to provide an opportunity to fix many of the security weaknesses in modern perimeter local area networks. Emerging security issues in blockchain, blinding algorithms, Internet of Things (IoT), and critical infrastructure protection are also described for learners in the context of cyber risk. Mobile security and cloud security hyper-resilience approaches are also introduced. The course completes with some practical advice for learners on how to plan careers in cyber security.

À partir de la leçon

Security Awareness, Compliance, Assessments, and Risk

This module includes an introduction to many practical aspects of modern enterprise security including awareness, compliance, assessments, and risk management.

Introduction: What You Will Learn from This Course on Cyber Security1:36

Assignments and Reading2:34

Social Engineering5:42

Security Awareness4:40

Using Video for Security Awareness1:59

Security Assessment and Audit4:18

What is GRC?9:35

NIST Framework Overview4:33

PCI-DSS Framework Overview5:11

Challenges of Compliance versus Security5:21

Welcome Roger Thornton (Part 1): CTO, AlienVault12:35

Rencontrer les enseignants

Dr. Edward G. Amoroso
Research Professor, NYU and CEO, TAG Cyber LLC
Computer Science

Hi, everyone. Ed Amoroso here,

and I want to welcome you to this module.

Now, the goal of this module is

kind of an eclectic mix of things that I want to try and accomplish.

I want to help you to understand

some pretty subtle problems that we have in the internet,

related to social engineering and phishing.

And I want to use that to lead into that kinds of things we do in compliance,

governance and risk assessment to reduce the likelihood

that we'll have problems at the procedural or at the sort of a setup level.

We call it Governance,

Risk and Compliance GRC.

That's the terminology that's used

frequently and I'm sure a lot of you know about compliance.

Now there's some resources that we think

will help complement your learning in this module.

Some papers, some books,

some optional books and a couple of videos that I'd

like you to look at as well that will help. Let me tell you about them.

So first off, the first paper, I have a dirty trick here.

I want you to read a compliance framework.

It's from the National Institute of Standards and Technology,

NIST, here in the United States.

And that it's, read the title,

Framework for Improving Critical Infrastructure Cybersecurity,

Volume 1, NIST, February 14.

That's what it's called.

It's not fun reading,

but I think you should do the best you can to try and get through it.

You want to have some experience having read

a compliance framework and you can see what you enjoy your conclusions about,

whether this is a useful thing for cyber. I think it is.

Now a couple of optional books you may want to consider.

One is an e-book you can get on Amazon that I wrote with my son Matt.

It's called from CIA to APT,

An introduction to Cyber Security.

If you're following along,

chapters 25 and 26 would be good to complement your learning here in this module.

And I think all of you need to have a good solid TCP/IP textbook.

It's an investment that I think is worth considering doing.

Richard Stevens has written a wonderful one.

Now, two videos that I think you may want to look at.

One of the kind of video on PCI compliance,

PCI is Payment Card Industry.

An interesting video.

You see the title and I think you'll enjoy it.

And then my friend French Caldwell, MetricStream,

gives a keynote address where he talks to the past,

present and future of GRC.

Very, very good video and it will help your learning.

So listen, I hope you'll learn a lot in

this module and I want you to get started right away. Thanks.

Explorer notre catalogue

Rejoignez-nous gratuitement et obtenez des recommendations, des mises à jour et des offres personnalisées.

Coursera propose un accès universel à la meilleure formation au monde, en partenariat avec des universités et des organisations du plus haut niveau, pour proposer des cours en ligne.

© 2019 Coursera Inc. Tous droits réservés.

Télécharger dans l'App Store

Disponible sur Google Play