#Security of #Information #Systems - Lecture 2 : Information Security Management & Governance

#IT #IoT #Hacking #Internet #Computer #Cyber #Attack #Injection #Attacks #Course Hello everyone. My name is Furkan Gözükara, and I am a Computer Engineer Ph.D. Assistant Professor at the Software Engineering department.

In this course, we will learn general overview and some in depth information about how to secure online information systems.

Security of online systems and IT is a whole area of profession. You can become expert of this area and find very well paying jobs.

Security of Information Systems Full Course Playlist : https://www.youtube.com/playlist?list=PL_pbwdIyffslM_o92NwkaUzD7C6Fekx26

GitHub repository of the course : https://github.com/FurkanGozukara/Security-of-Information-Systems-CSE413-2020

Discord channel link of the course : https://discord.gg/6Mrb8MwteQ How to use Discord : https://youtu.be/AEwPtYiLvsQ

This course does not require you to have any knowledge about programming in any programming language.

However, if you want to start learning programming or develop your other Software Engineering related skills you can watch our below full courses:

[1] Introduction to Programming Full Course with C# playlist : https://www.youtube.com/playlist?list=PL_pbwdIyffskoSXySh0MdiayPJsBZ7m2o

[2] Object Oriented Programming Full Course with C# playlist : https://www.youtube.com/playlist?list=PL_pbwdIyffsnH3XJb66FDIHh1yHwWC26I

[3] Artificial Intelligence (AI) and Machine Learning (ML) Full Course with C# Examples playlist: https://www.youtube.com/playlist?list=PL_pbwdIyffskVschrADCL6KEnL_nqDtgD

[4] Software Engineering Full Course playlist : https://www.youtube.com/playlist?list=PL_pbwdIyffslgxMVyXhnHiSn_EWTvx1G-

[5] Security of Information Systems Full Course playlist : https://www.youtube.com/playlist?list=PL_pbwdIyffslM_o92NwkaUzD7C6Fekx26

[6] (Turkish) Bilgisayar Becerileri Tam Ders playlist : https://www.youtube.com/playlist?list=PL_pbwdIyffsmyE2e909ea1MXLcMb8MenG

Lecture 2 :

** Information Security Management

• Corporate Responsibilities
• Security Management Levels
• Information Security Governance
• Benefits of IT Security Governance
• Benefits of IT Security Governance as defined by COBIT and ISACA
• Characteristics of good IS Governance
• Information security management
• IS Management Standards
• ISO/IEC 27000 family of standards and related standards
• ISO/IEC 27002– What is it? Code of practice for information security controls
• The 14 Control Objectives of ISO/IEC 27002:2013
• IS Management System Cycle
• CISSP 7th Ed. IS Program Phases
• 20 CSC: Critical Security Controls
• Evaluation of the ISMS through Security Measurements
• IS Measurement Model (ISO 27004)
• CMMI Capability Maturity Model Integration

** Human Factors for Information Security

• Personnel Integrity - Preventing employees from becoming attackers
• Personnel crime statistics
• Strengthening employee integrity
• Personnel Departure
• Social engineering attacks
• SE Tactics: Develop Trust
• SE Tactics: Induce strong affect
• SE Tactics: Information overload
• SE Tactics: Reciprocation
• SE Tactics: Diffusion of responsibility and moral duty
• SE Tactics: Authority
• SE Tactics: Commitment creep
• Multi-Level Defence against - Social Engineering Attacks
• SE Defence: Foundation
• SE Defence: Awareness
• SE Defence: Fortress
• SE Defence: Persistence
• SE Defence: Gotcha
• SE Defence: Offensive
• Security awareness training
• Security Usability
• Security Learning ... https://www.youtube.com/watch?v=ziuBRexf_Mg