Interdisciplinary Cybersecurity Modules

These instructional modules can be incorporated into a variety of courses, both within and across areas of study. Each module can be adapted to one or two class meetings and include activities appropriate for both undergraduate and graduate work. The modules include presentation slides, instructor notes, activities, assessments and reference lists. Hover over a module name below to see the quick outline or objectives. To request access to these modules, request a new account below. If you have an account, sign in to download the modules.

Information Assurance
Risk Management
    Upon completion of this material, you should be able to:
  • analyze different types of organization cybersecurity risk environment
  • identify where the vulnerabilities could lie and how these might be taken advantage of by the threat agents
  • analyze and decide the likelihood of the risk occurring and estimate the impact of the risk
  • review various alternatives to managing different types of risks and make pro-active and predictive decisions based upon their analysis as well as the specific requirements of the organizational stakeholders
Business Continuity Planning
    Upon completion of this material, you should be able to:
  • Explain why information systems are vulnerable to destruction, error, and abuse.
  • Describe the business value of security and control.
  • Describe the security and control components for Business Continuity Planning.
  • Describe the tools and technologies used for safeguarding information resources.
Health-Information Risk-Management
    Upon completion of this material, you should be able to:
  • Explain the risk of accidental breach or exposure of electronic medical records, medical devices that can record and transmit patient information, health information exchanges, and enterprise level health information management systems
Cloud Security Risk Management
    Upon completion of this material, you should be able to:
  • Identify security requirements of items migrated to cloud, and perform risk assessment.
  • Categorize exploration of cloud security risks
    • Application level risks
    • Network level risks
    • Data and data storage risks

Legal Issues
Evidentiary Issues in Cybersecurity
    Digital evidence refers to any data available in electronic (i.e., digital) form. Students will learn about:
  • various types of digital evidence related to cybercrimes; basic search and seizure issues including specific privacy laws such as the ECPA and the Privacy Protection Act;
  • evidentiary rules for presenting digital evidence in court;
  • requirements for supporting legal proceedings in criminal and civil forensics; and
  • Map of cybersecurity infrastructure
  • Purview of cyber-HUMINT: Targeting the human component of the cyberinfrastructure.
  • evidentiary field and courtroom considerations pertaining to the integrity of chain of custody;
  • evidentiary legal issues with respect to search and seizure, security of confidential information, and the
  • integrity of the chain of custody are directly relevant to all digital devices such as biomedical sensors, digital image forgeries, mobile devices, as well as e-discovery issues, such as those discussed in closely related cross-disciplinary modules (3.D.),(3.E), and (4.D).
Introduction to Digital Forensics
  • Collection
  • Examination
  • Analysis
  • Reporting
Privacy Laws and Regulations
  • Exploring the local and international laws and regulations surrounding privacy issues.
Standards to Manage Cybersecurity Risks
    Students will learn:
  • The three parts of the NIST framework
  • How the Framework provides a common taxonomy and mechanism for organizations to:
    • Describe their current cybersecurityposture;
    • Describe their target state for cybersecurity;
    • Identify and prioritize opportunities for improvement within the context of a continuous and repeatable process;
    • Assess progress toward the target state;
    • Communicate among internal and external stakeholders about cybersecurityrisk.
  • How to combat insider threat to an organization
Export Controls
  • Exploring the role of export controls in maintaining national cybersecurity in the U.S.
  • Topics covered include a basic introduction to export controls placed on technology, software, and technical data to foreign countries, as well as a high-level introduction to more recent export controls placed on sophisticated surveillance, hacking software, and cryptography.
Technical Aspects
Strong Passwords and Safe Internet Usage
  • Tips for creating strong passwords
  • Novel User Authentication Methods
  • Website Security
  • Recognizing Phishing Emails & Phishing Websites
Overview of Network Attacks and Defenses
  • What is security?
  • Why do we need security?
  • Who is vulnerable?
  • Common security attacks and defense schemes
  • Managing insecurity(policy aspects)
  • Social Problems
Privacy Policy Agreement Checking
  • This module involves cross-disciplinary knowledge of current privacy-related legislations and human behavior in protecting people’s privacy.
  • This module covers legislations such as HIPAA and helps translate them into a set of privacy policy principles that can be incorporated into Mobile devices or Apps.
Image Forgery
  • Introduction to image forgery
  • History of image forgery
  • Relation of image forgery to digital forensics
  • Main types of image forgery
  • Main categories of image forgery detection
  • Representative techniques for image forgery detection
  • Future directions
Security of Biomedical Sensors, Devices, and Applications
  • Health Information Security
  • Biomedical Sensors and Devices
  • Wireless Medical Sensor Networks (WMSN)
  • Security Threats in WMSN
  • Health Information Privacy
  • Privacy Issues in WMSN
  • Health Information Regulations and Laws
  • Legal Issues in Health Information Privacy and Security
  • Security and Privacy Requirements of WMSN
  • Security Measures for WMSN
Hardware-based Security and Trust
  • Modern Computer Systems and Need For Security
  • Traditional Security Mechanism/Software based Security
  • Inherent Limitations of Traditional Security Mechanism
  • Attacks on Traditional Security Mechanism
  • Attack Motives
  • Hardware-based Security
    • What is Hardware-based Security?
    • Need for Hardware-based Security
    • HW-based Security Techniques
    • New Trends in HW-based Security
    • Contemporary Industrial HW-based Security Solutions
  • International Cybersecurity Policy
  • Legal Issues in Health Information Privacy and Security
  • Evidentiary Legal Issues in Cybersecurity
Human Factors
Information Technology and International Security Policy
  • This module explores the implications of cybersecurity in the international context.
  • Topics include a high-level introduction to the “5th domain of warfare”, including national security, military and foreign intelligence surveillance aspects of cyberwarfare.
  • Students will gain an overview of past and current US strategic information operations policy and planning processes.
  • It also includes robust discussion of stakes for the various great and medium powers in cyberspace, their cyberwarfare assets and capabilities, as well as in the geostrategic implications of network and telecommunications architecture.
  • Similar to the traditional familiarity with military technologies, a cyberwarfare perspective demands familiarity with information technology.
Cyberwar, Terrorism, Radicalization, and the War of Ideas
  • Introduction
  • The geography of “cyberspace”
  • Players, motivations, valued assets, and weapons
  • Strategies and tactics
  • Cybersecurity and the future of war and peace
  • Implications and questions
  • Domestic policy
  • Foreign policy
Human-factor Espionage
  • What is Intelligence?
  • What is human intelligence (HUMINT)?
  • What is cybersecurity?
  • Map of cybersecurity infrastructure
  • Purview of cyber-HUMINT: Targeting the human component of the cyberinfrastructure.
  • What is “social engineering”?
  • How do humans work?
  • Social engineering techniques
  • Examples
  • Major cases
  • Conclusions and discussion
Political Economy of Cybersecurity
  • Definition of Cybersecurity
  • Overview of threats and responses
  • Economic impact of breaches
  • Political implications; defense, privacy
Human Cybersecurity
  • Technology is more than ever before wound into the fabric of people’s lives. With it comes a host of new threats to their individual security, while an excess of countermeasures and sweeping surveillance regimes stand to diminish their right to privacy and other civil liberties
  • This module takes a “human security” approach to cybersecurity, focusing less on the interests of states and polities, but of publics
  • This module will address questions including the security of access, security from harassment, limitations on government surveillance, protection of anonymity, and protection from predatory business models like malware, copyright trolling, hidden data collection, and phishing scams
  • The goal of enhancing human cybersecurity involves raising awareness of cybersecurity threats to individuals, but also helping them to understand what they can do to protect themselves