Skip to main content

Secondary navigation:

Woods College of Advancing Studies

Master of Science in Cybersecurity Policy and Governance

Most graduate classes meet weekly from 6:30 to 9:00 p.m.
Refer to the online Course Information and Schedule, accessible through the BC Agora portal,
for any changes to course listings.   

Cybercecurity Policy and Governance courses overview.

FALL 2017

ADCY 600001  Cyber Ecosystem and Cybersecurity
Course provides an overview of Cyberspace, defines the scope of Cybersecurity, and addresses information classification and system compartmentalization. Course includes an appreciation of information confidentiality, integrity, and availability, and covers Cybersecurity architecture, strategy, services, hardware, software, and cloud services. The course also examines national security issues, critical infrastructure, and the potential for cybercrime and cyber terrorism, as well as the need for corporations to align their security with business needs and consider the threat from malicious employees, contractors, and/or vendors.
Tues, 6:30–9:00, Aug 29–Dec 12, David Escalante

ADCY 605001  Cybersecurity Policy: Privacy & Legal Requirements
Course provides a comprehensive examination of the laws, regulations, and Executive Orders concerning privacy, including PCI, HIPAA, GLBA and their overseas counterparts, and the roles of Federal, State and local law enforcement. The course also examines national security issues governed by various Federal agencies (e.g., SEC, FTC, FCC, FERC), including suspicious activity reporting (SAR) requirements under the Patriot Act. Additionally, the course addresses intellectual property protection (e.g., SOX, NIST, FISMA), security classifications, data location requirements, audits, compliancy assessments, and individual, class-action, and shareholder derivative litigation and liability.
Thurs, 6:30–9:00, Aug 31–Dec 14, Kevin Powers and Jamie Klein

ADCY 640001  Managing Cyber Risk: Mobile Devices & Social Networking
Course provides an in depth examination of “The Internet of Things” (IOT), mobile devices, BYOD, and social networking. It covers endpoint security, including personal and company data separation and mobile device management (MDM). Course also provides an understanding with respect to threats from phishing, baiting, pretexting, hacking, and rogue employees and/or contractors, and  covers password policy, employee training, policy design, and security awareness programs.
Mon, 6:30–9:00, Aug 28–Dec 11, Julie Fitton and William Oates

ADCY 650001  Organizational Effectiveness: Governance, Risk Management & Compliancy
Technical proficiency is not enough to manage business risk. Every potential or identified threat cannot be mitigated, and organizations must choose where to focus their often limited resources to support business goals. This course focuses on Governance, Risk and Compliance (GRC) as an organizational capability that all organizations require in today’s complex world. Topics include understanding the business context of key stakeholders, corporate culture, and organizational risks. Students will understand how GRC capabilities such as enterprise risk management (ERM), compliance management (SOX, ISO, PCI, NIST, etc.) and policy management should work together to build a cohesive strategy within the business context. Students will learn about GRC technology and GRC program management required to support and grow GRC capabilities. Lastly, students will hear from guest lecturers about the roles and responsibilities of the Board of Directors, Risk/Audit Governance Committees, Chief Executives (Chief Information Security Officer (CISO), Chief Risk Officer (CRO), Chief Security Officer (CSO), etc.) and how they rely on GRC capabilities to support the business.
Wed, 6:30–9:00, Aug 30–Dec 13, Philip Alrdich

ADCY 665001 Role of Intelligence: Enabling Proactive Security
Course addresses internal and external intelligence sources, including intrusion detection, log analysis, data mining, M&A due diligence, HUMINT, and the role of an Information Security Operations Center (ISOC). From an external perspective, the course covers information gathering, intelligence feeds/sources, and fusion centers as well as the automation, filtering, validation, analysis, and dissemination of intelligence. The course also provides an understanding as to technical countermeasures (e.g., sandboxes, honeypots), and addresses the roles of DHS, FBI, NSA, and DOD.
Mon, 6:30–9:00, Aug 28–Dec 11, Michael Steinmetz and Hans Olson


Please note: This page links to PDF files. Use this link to download Adobe Reader if needed.