ISM530 – Enterprise Cybersecurity
Credit Hours:
Contact Hours:
3
This is a 3-credit course, offered in accelerated format. This means that 16 weeks of
material is covered in 8 weeks. The exact number of hours per week that you can
expect to spend on each course will vary based upon the weekly coursework, as
well as your study style and preferences. You should plan to spend 10-25 hours per
week in each course reading material, interacting on the discussion boards, writing
papers, completing projects, and doing research.
Faculty Information
Name:
Phone:
CSU-GC Email:
Virtual Office Hours:
Course Description and Outcomes
This course provides students with insight into the cybersecurity issues surrounding an enterprise. These
include securing organizational data, responding to cyber- based security breaches, emerging technologies, and
ensuring a secured computing environment for safeguarding company information. The course reviews the
network security and cryptographic techniques that are currently being used. The nuances involved in defining
cybersecurity strategies and complying with security standards to ensure governance are also discussed.
Course Learning Outcomes:
1. Analyze possible threats to organizational data and recommend course(s) of action to mitigate
cybercrime attacks.
2. Evaluate different authentication methodologies to provide solutions to secure information assets.
3. Explain how authentication is used with cryptography to secure information access.
4. Demonstrate the ability to recognize and communicate threats to organizational information assets.
5. Analyze and evaluate the commitment of foreign governments for the expansion of nationally owned
telecommunications services for the support of business and government technologies.
Participation & Attendance
Prompt and consistent attendance in your online courses is essential for your success at CSU-Global Campus.
Failure to verify your attendance within the first 7 days of this course may result in your withdrawal. If for some
reason you would like to drop a course, please contact your advisor.
Online classes have deadlines, assignments, and participation requirements just like on-campus classes. Budget
your time carefully and keep an open line of communication with your instructor. If you are having technical
problems, problems with your assignments, or other problems that are impeding your progress, let your
instructor know as soon as possible.
Course Materials
Required:
Dhillon, G. (2007). Principles of information systems security: Text and cases. Hoboken, NJ: John Wiley & Sons.
ISBN: 9780471450566
Course Schedule
Due Dates
The Academic Week at CSU-Global begins on Monday and ends the following Sunday.
 Discussion Boards: The original post must be completed by Thursday at 12 midnight MT and
Peer Responses posted by Sunday 12 midnight MT. Late posts may not be awarded points.
 Mastery Exercises: Students may access and retake mastery exercises through the last day of
class until they achieve the scores they desire.
 Critical Thinking Activities: Assignments are due Sunday at 12 midnight MT.
Week #

1


2


3


4

Readings
Chapters 1 & 2 in Principles of Information Systems
Security: Text and cases
Grossman, J. (2013). The web won't be safe or secure
until we break it. Communications of the ACM, 56(1), 6872. doi: 10.1145/2398356.2398373
Chapters 3 in Principles of Information Systems Security:
Text and cases
Whitmore, J. J. (2001). A method for designing secure
solutions. IBM Systems Journal, 40(3), 747-768.
Chapters 4 & 5 in Principles of Information Systems
Security: Text and cases
Kessler, G.C. (2013, March 4). An overview of
cryptography. Retrieved from
http://www.garykessler.net/library/crypto.html
Chapters 6 & 7 in Principles of Information Systems
Security: Text and cases
Brechbuhl, H., Bruce, R., Dynes, S., & Johnson, M. E.
(2010). Protecting critical information infrastructure:

Assignments
Discussion (25 points)


Discussion (25 points)
Critical Thinking (50 points)



Discussion (25 points)
Critical Thinking (100 points)
Portfolio topic (0 points)


Discussion (25 points)
Critical Thinking (50 points)

5


6


7



8
Developing cybersecurity policy. Information Technology
for Development, 16(1), 83-91. doi: 10.1002/itdj.20096
Chapters 8 & 9 in Principles of Information Systems
Security: Text and cases
Charitoudi, K., & Blyth, A. (2013). A socio-technical
approach to cyber risk management and impact
assessment. Journal of information security, 4(1), 33-41.
doi: 10.4236/jis.2013.41005
Chapters 11 & 13 in Principles of Information Systems
Security: Text and cases
Gillon, K., Branz, L., Culnan, M., Dhillon, G., Hodgkinson,
R., & MacWillson, A. (2011). Information security and
privacy-rethinking governance models. Communications
of AIS, 28(1), 561-570.
Chapter 12 in Principles of Information Systems Security:
Text and cases
Rotvold, G. (2008). How to create a security culture in
your organization. Information management journal,
42(6), 32-38.
Chapter 14 in Principles of Information Systems Security:
Text and cases
Dittrich, D, Bailey, M., & Dietrich, S. (2011, July/August)
Building an active computer security ethics community.
IEEE Security & Privacy, 9(4), 32-40. Retrieved from
http://web.eecs.umich.edu/~mibailey/publications/ieeesnp-ethics-2011.pdf



Discussion (25 points)
Critical Thinking (100 points)
Portfolio Outline (0 points)


Discussion (25 points)
Critical Thinking (100 points)


Discussion (25 points)
Critical Thinking (50 points)


Discussion (25 points)
Portfolio (350 points)
Assignment Details
This course includes the following assignments/projects:
Module 1
Portfolio Project
Read the Portfolio Project Description on the Week 8 Assignments page. The Portfolio Project requires that you evaluate a
major cybersecurity breach that has occurred in the recent past. Prior to Week 8, you will submit your topic choice in the
assignment drop box in Week 3. In Week 5, you will submit an outline of your project in the drop box.
The Portfolio Project will be due at the end of course.
Module 2
Critical Thinking (CT) Assignment
Case study (50 Points)
View the case study from your textbook on Cisco Systems (linked to your course module).
Do some research on recent trade secrets thefts. Examples can be found here:



http://www.reuters.com/article/2013/02/21/us-usa-trade-secrets-idUSBRE91J0T220130221
http://caselaw.findlaw.com/us-4th-circuit/1558872.html
http://www.prnewswire.com/news-releases/dupont-wins-trade-secret-case-against-kolon-industries129825528.html
In an essay, answer the following questions based on your reading:
1.
2.
What are the implications for Cisco and other companies if their trade secrets are compromised?
How and why was it possible for hackers to breach the Cisco networks? What vulnerabilities exist at other
companies?
Provide information from your readings to support your statements. Your essay should be 2-3 pages in length and be wellwritten, should incorporate at least 2 academic sources from the CSU-Global Library in addition to the case study, and be in
conformity with CSU-Global guidelines using CSU-Global APA formatting.
Module 3
Critical Thinking (CT) Assignment
Case Study (100 points)
Click on the case study from your textbook entitled “Case of a Computer Hack” (linked to your course module).
In an essay, answer the following questions based on this study:
1.
2.
Do you think that the long-term counter attack actions that the organization had taken were adequate?
In your opinion, do you think that the immediate counter attack actions helped the organization in any way?
Provide information from your readings to support your statements. Your essay should be 2-3 pages in length and be wellwritten, should incorporate at least 2 academic sources from the CSU-Global Library in addition to the case study, and in
conformity with CSU-Global guidelines using CSU-Global APA formatting.
Portfolio
Submit Topic (0 points)
Review the instructions for the Portfolio Project in Module 8. Submit your portfolio topic in the assignment drop box.
Include a paragraph describing why you chose that topic and what you problems you anticipate in researching your subject.
No points are assigned for this deliverable, but points will be deducted from your final grade on the Portfolio Project if you
fail to submit this item as required (see the Portfolio Project Rubric for grading details). Additionally, you will be expected to
account for the instructor's feedback in the final version of the Portfolio Project assignment
Module 4
Critical Thinking (CT) Assignment
Case Study (50 points)
View the case study on UC Berkley, in your textbook and linked to your module.
In an essay, answer the following questions based on this study:
1.
Name the policies and procedures that would enable universities to limit vulnerability while still allowing
students access to systems.
2.
Ultimately, who should be held responsible for maintaining security policy and how often should it be
updated?
Provide information from your readings to support your statements. Your essay should be 2-3 pages in length and be wellwritten, should incorporate at least 2 academic sources from the CSU-Global Library in addition to the case study, and be in
conformity with CSU-Global guidelines using CSU-Global APA formatting.
Module 5
Critical Thinking (CT) Assignment
Case Study (100 points)
View the case study from your textbook entitled “Security Management at the Tower”(linked to your course module). In an
essay, answer the following questions based on this study:
1.
Identify key cybersecurity competencies that the organization lacked. What role could the top management have
played in ensuring that the organizational security competencies were adequately harnessed?
2.
The problems at “The Tower” were a consequence of inadequate structures of responsibility. Discuss.
Provide information from your readings to support your statements. Your essay should be 2-3 pages in length and be wellwritten, should incorporate at least 2 academic sources from the CSU-Global Library in addition to the case study, and be in
conformity with CSU-Global guidelines using CSU-Global APA formatting.
Portfolio
Portfolio Outline (0 points)
Submit an outline of your portfolio. Review the requirements of the portfolio in Module 8. The outline should reflect the
security issue topic you chose in Module 3, and a list of all the required academic sources you will use as part of your
portfolio. You will also provide an outline of your critical evaluation. Submit your outline in the assignment dropbox.
Include with your outline a draft of your proposed sources, listed in correct APA format using CSU-Global APA formatting.
No points are assigned for this deliverable, but points will be deducted from your final grade on the Portfolio Project if you
fail to submit this item as required (see the Portfolio Project Rubric for grading details). Additionally, you will be expected to
account for the instructor's feedback in the final version of the Portfolio Project assignment
Module 6
Critical Thinking (CT) Assignment
Case Study (100 points)
View the case study from your textbook entitled “Computer Crime and the Demise of Barings Bank” (linked to your course
module).
Review also the recent fiasco at Societe Generale where Jerome Kerviel did something very similar to Nick Leeson. Some
places to look:
http://www.cio.com/article/188201/Lessons_from_Societe_Generale_s_Financial_Fiasco
http://www.guardian.co.uk/business/2011/sep/15/who-are-worst-rogue-traders
http://www.telegraph.co.uk/finance/comment/tracycorrigan/8045491/Jerome-Kerviel-case-why-is-it-so-rare-tosee-a-banker-behind-bars.html
In an essay, answer the following questions based on these two events:
1.
What governance practices could have prevented the demise of Barings Bank? Could the same practices have
helped in the Societe Generale scandal?
2.
What kind of technical, formal and informal controls would have helped Barings Bank develop a secure
organization? Were those controls in place at Societe Generale?
Provide information from your readings to support your statements. Your essay should be 2-3 pages in length and be wellwritten, should incorporate at least 2 academic sources from the CSU-Global Library in addition to the case study, and be in
conformity with CSU-Global guidelines using CSU-Global APA formatting.
Module 7
Critical Thinking (CT) Assignment
Self-reflection (50 points)
Review all the critical thinking assignments you have completed in this course. Prepare a critical review of what you learned
about cyber security management in organizations. Present your self-reflection in 3 to 5 pages, double- spacing. View the
CSU-Global Guide for Writing and APA Requirements to help you format your portfolio paper. You may also want to use the
APA Template provided in the Library under the “APA Guide & Resources” link. Provide information from your readings and
previous assignments to support your review. Cite your sources using CSU-Global APA formatting.
PORTFOLIO:
You should be in the final stages of polishing your presentation and report. Make sure you have reviewed the instructions
from Week 8 and the Portfolio Project Rubric under Information. It is especially important that you reviewed, and acted
upon, the feedback from your instructor on your topic and outline, as part of your grade is based on the improvements you
have made.
Module 8
PORTFOLIO (350 points)
Identify a major cybersecurity breach that has occurred in the recent past (within the last 5 years). In an 8-10 page critical
evaluation of your chosen breach, review and analyze the breach along the following dimensions:
1.
2.
3.
4.
5.
What went wrong?
Why it occurred?
Who was responsible?
How could it have been prevented?
What advice would you offer to prevent such a breach from occurring in the future?
Using MS Word, prepare a portfolio of 10-15 academic articles or other sources of information about the breach. Your
portfolio might include scans or links to articles or media reports. Each item must have a caption crediting it, in complete
CSU-Global APA format. Use your portfolio as evidence in support of your analysis of the chosen incident.
Submit your portfolio as a single document. Multiple documents cannot be submitted for grading.
The portfolio should reflect c CSU-Global guidelines using CSU-Global APA formatting and include a page of references in
addition to the captions on each article. You may want to view the “Does your paper look like this?” sample paper found in
the Library under the “APA Guide & Resources” link.
Preliminary Deliverables
You will submit your topic in Week 3 and your project outline in Week 5. Both assignments should be posted to the
dropbox. No points are assigned for these deliverables, but points will be deducted from your final grade on the Portfolio
Project if you fail to submit these items as required (see the Portfolio Project Rubric for grading details). Additionally, you
will be expected to account for the instructor's feedback in the final version of the Portfolio Project assignment
Course Policies
Late Work
Students are permitted a 7 day grace period during which they may submit a Critical Thinking assignment after
the original due date without penalty. Papers submitted between 8 and 14 days after the original due date will
be accepted with a potential 10 percent reduction in grade for late submission. Papers submitted 15 or more
days beyond the original due date may not be accepted unless prior arrangements have been made with the
instructor. No Portfolios will be accepted late and no assignments will be accepted after the last day of class
unless a student has requested an incomplete grade in accordance with the Incomplete Policy.
Course Grading
20% Discussion Participation
45% Critical Thinking Activities
35% Final Portfolio Paper
Grading Scale and Policies
A
95.0 – 100
A-
90.0 – 94.9
B+
86.7 – 89.9
B
83.3 – 86.6
B-
80.0 – 83.2
C+
75.0 – 79.9
C
70.0 – 74.9
D
60.0 – 69.9
F
59.9 or below
FN*
Failure for Nonparticipation
I**
Incomplete
* Students who stop attending class and fail the course for nonparticipation will be issued the “FN” grade. The FN
grade may have implications for financial aid and scholarship awards.
** An “I” grade may be assigned at the Instructor’s discretion to students who are in good standing (passing) in the
course. Students should have completed a majority of the coursework in order to be eligible for the “I” grade.
Students should request an "I" grade from the Instructor with a written justification, which must include
explanation of extenuating circumstances that prevented timely completion of the coursework. If the request is
approved, the Instructor will require a written agreement consisting of a) the specific coursework to be completed,
b) the plan to complete the coursework, and c) the deadline for completion. The agreement will be kept on file at
CSU-Global Campus. An incomplete course must be satisfactorily completed within the time frame stipulated in
the agreement, but no later than the end of the following semester from the date the “I” was given. An incomplete
not removed within one year shall convert to an F and be included in the computation of the student’s grade point
average.
Academic Integrity
Students must assume responsibility for maintaining honesty in all work submitted for credit and in any other
work designated by the instructor of the course. Academic dishonesty includes cheating,
plagiarism, unauthorized possession of academic materials, and falsification. The Student Handbook
provides information on how students can avoid plagiarism by understanding what it is and how to use library
and internet resources appropriately with proper citation. Please refer to the Academic Catalog for complete
policies regarding plagiarism and academic dishonesty.
APA
Students are expected to follow the CSU-Global APA requirements when citing in APA (based on the APA Style
Manual, 6th edition). For details on CSU-Global APA style, please review the APA resources located under the
Library tab in Blackboard.
Netiquette
All posts and classroom communication must be conducted in a professional and respectful manner in
accordance with the student code of conduct. Think before you push the Send button. Did you say just what you
meant? How will the person on the other end read the words?
Any derogatory or inappropriate comments regarding race, gender, age, religion, sexual orientation, are
unacceptable and subject to disciplinary action.
If you have concerns about something that has been said, please let your instructor know.
Institutional Policies
Refer to the Academic Catalog for comprehensive documentation of CSU-GC institutional policies.